Kali Linux Penetration Testing Mobile 4 Pda
🛑 ALL INFORMATION CLICK HERE 👈🏻👈🏻👈🏻
Kali Linux Penetration Testing Mobile 4 Pda
In this chapter, we will learn about website penetration testing offered by Kali Linux.
Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.
Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. Vega can be extended using a powerful API in the language of the web: JavaScript. The official webpage is https://subgraph.com/vega/
Step 1 − To open Vega go to Applications → 03-Web Application Analysis → Vega
Step 2 − If you don’t see an application in the path, type the following command.
Step 3 − To start a scan, click “+” sign.
Step 4 − Enter the webpage URL that will be scanned. In this case, it is metasploitable machine → click “ Next”.
Step 5 − Check all the boxes of the modules you want to be controlled. Then, click “Next”.
Step 6 − Click “Next” again in the following screenshot.
Step 8 − If the following table pops up, click “Yes”.
The scan will continue as shown in the following screenshot.
Step 9 − After the scan is completed, on the left down panel you can see all the findings, that are categorized according to the severity. If you click it, you will see all the details of the vulnerabilities on the right panel such as “Request”, ”Discussion”, ”Impact”, and ”Remediation”.
ZAP-OWASP Zed Attack Proxy is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications. It is a Java interface.
Step 1 − To open ZapProxy, go to Applications → 03-Web Application Analysis → owaspzap.
Step 3 − Choose one of the Options from as shown in the following screenshot and click “Start”.
Following web is metasploitable with IP :192.168.1.101
Step 4 − Enter URL of the testing web at “URL to attack” → click “Attack”.
After the scan is completed, on the top left panel you will see all the crawled sites.
In the left panel “Alerts”, you will see all the findings along with the description.
Step 5 − Click “Spider” and you will see all the links scanned.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Step 1 − To open sqlmap, go to Applications → 04-Database Assessment → sqlmap.
The webpage having vulnerable parameters to SQL Injection is metasploitable.
Step 2 − To start the sql injection testing, type “sqlmap – u URL of victim”
Step 3 − From the results, you will see that some variable are vulnerable.
sqlninja is a SQL Injection on Microsoft SQL Server to a full GUI access. sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Full information regarding this tool can be found on http://sqlninja.sourceforge.net/
Step 1 − To open sqlninja go to Applications → 04-Database Assesment → sqlninja.
WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
Step 1 − To open WPscan go to Applications → 03-Web Application Analysis → “wpscan”.
Step 2 − To scan a website for vulnerabilities, type “wpscan –u URL of webpage” .
If the scanner is not updated, it will ask you to update. I will recommend to do it.
Once the scan starts, you will see the findings. In the following screenshot, vulnerabilities are indicated by a red arrow.
Joomla is probably the most widely-used CMS out there due to its flexibility. For this CMS, it is a Joomla scanner. It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla sites.
Step 1 − To open it, just click the left panel at the terminal, then “joomscan – parameter” .
Step 2 − To get help for the usage type “joomscan /?”
Step 3 − To start the scan, type “ joomscan –u URL of the victim”.
Results will be displayed as shown in the following screenshot.
TLSSLed is a Linux shell script used to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. It is based on sslscan, a thorough SSL/TLS scanner that is based on the openssl library, and on the “openssl s_client” command line tool.
The current tests include checking if the target supports the SSLv2 protocol, the NULL cipher, weak ciphers based on their key length (40 or 56 bits), the availability of strong ciphers (like AES), if the digital certificate is MD5 signed, and the current SSL/TLS renegotiation capabilities.
To start testing, open a terminal and type “tlssled URL port“ . It will start to test the certificate to find data.
You can see from the finding that the certificate is valid until 2018 as shown in green in the following screenshot.
w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities. This package provides a Graphical User Interface (GUI) for the framework. If you want a command-line application only, install w3af-console.
The framework has been called the “metasploit for the web”, but it’s actually much more as it also discovers the web application vulnerabilities using black-box scanning techniques. The w3af core and its plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross-site scripting (XSS), remote file inclusion and more.
Step 1 − To open it, go to Applications → 03-Web Application Analysis → Click w3af.
Step 2 − On the “Target” enter the URL of victim which in this case will be metasploitable web address.
Step 3 − Select the profile → Click “Start”.
Step 4 − Go to “Results” and you can see the finding with the details.
© Copyright 2022. All Rights Reserved.
We make use of First and third party cookies to improve our user experience. By using this website, you agree with our Cookies Policy.
Agree
Learn more
Penetration testing using Kali linux: SQL injection, XSS, wordpres, and WPA2 attacks
This person is not on ResearchGate, or hasn't claimed this research yet.
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
Nowadays, computers, smart phones, smart watches, printers, projectors, washing machines, fridges, and other mobile devices connected to Internet are exposed to various threats and exploits. Of the various attacks, SQL injection, cross site scripting, Wordpress, and WPA2 attack were the most popular security attacks and will be further investigated in this paper. Kali Linux provides a great platform and medium in learning various types of exploits and peneteration testing. All the simulated attack will be conducted using Kali Linux installed on virtual machine in a compuer with Intel Core i5 and 8 GB RAM, while the victim’s machine is the host computer which run Windows 10 version 1709. Results showed that the attacks launched both on web and firewall were conducted successfully. © 2018 Institute of Advanced Engineering and Science. All rights reserved.
Sreenshot of wpscan tool in kali linux
Fluxion screenshot of successful attack
All figure content in this area was uploaded by Teddy Surya Gunawan
Content may be subject to copyright.
Content uploaded by Teddy Surya Gunawan
Content may be subject to copyright.
Indonesian Journal of Electrical Engineering and Compu ter Science
Vol. 12 , No. 2 , November 201 8, pp. 729~737
ISSN: 2502-4752, DOI: 10.11591/ijeecs.v12 .i 2.pp 729 -737 729
Journal homepage : http://iaescore.com/journals/index .php/ijeecs
Penetration Testing using Kali Linux:
SQL Injection, XSS, Wordpres, and WPA2 Attacks
Teddy Surya Gunawan 1 , Muhammad Kasim Li m 2 , Mira Kartiwi 3 ,
Noreha Abdul Malik 4 , Nanang Ismail 5
1,2,4 Electrical and Computer Engineering Department, International Islamic University Malaysia, Malaysia
3 Information Systems Department, International Islamic University Malaysia
53100 Jalan Gombak, Kuala Lumpur, Malaysia
5 Electrical Engineering Department, Faculty of Science and Technology, UIN Sunan Gunung Djati
Jalan A.H. Nasution 105, Bandung, Indonesia
Nowadays, computers, smart phones, smart watches, printers, projectors,
washing machines, f ridges, and other mobile devices connected to Internet
are exposed to va rious threats and ex ploits. Of the v arious attacks, SQL
injection, cross site scripting, Wordpress, and WPA2 attack were the most
popular security attac ks and w ill be further investigated in this paper. Kal i
Linux provides a great platform and medium in learning various types of
exploits and peneteration testing. All the simulated attack will be conducted
using Kali Linux installed on virtual machine in a compuer with Intel Core i5
and 8 GB R AM, while the vi cti m’s machine is th e host computer which run
Windows 10 version 1709. Results showed that the attacks launched both on
web and firewall were conducted successfully.
Copyright © 2018 Institute of Advanced Engineering and Science .
Electrical and Computer Engineering Department,
International Islamic University Malaysia, Malaysia.
Penetration testing is a legitimate exercise of exploiting a system with r eal li fe attacke r scenario
including illegal access and the practice of malicious ac tivities. The process of penetration testing starts fro m
identify the syst em’s vulnerabilities, stage an exploita tion, vulnerabilities’ discovery and reporting,
and dissolving the vulnerabilities that can cause harm to the system. According to [1], the process of
penetration testing could illust rate the level of severit y could be done on the system during the r eal life attack
thus help the organization to prevent it befor e it is too late, as shown in Figure 1. Moreo ver, Open Web
Application Security Project (OWASP) stated that t here are top 10 vuln erabilities whic h can cause severe
impact to web applicatio n [1], such as SQL injection (SQLi), cross site scripting (XSS), local file inclusion
(LFI), and remote file inclusion (RFI).
Figure 1. Process of Penetration Testing
Indonesian J Elec Eng & Comp Sci, Vol. 12 , No. 2 , November 2018 : 729 – 737
SQL injection is one of the most serious threat to the Web applicatio n, i n which a n attacker could
gain access to restricted database that contain sensiti ve information [2]. Basically, SQL injection is an attack
in which in w hich the cra fted SQL q uery is embedd ed along the user input in such a way that tricked the
database into thinking it i s an SQL code [3]. Meanwhile, XSS at tack plant a malicious JavaScript on the
webserver to exploit the webserver and gain remote acces s on the victim’s machine. In [4], d istinct numbers
of way app roached by the attackers like hijacking the session, taking ad vantage of user’s privileges by
stealing data, posting ads in hidden IFRAME and pop -up to encode the malicious code to maintain the
originality of the infected cod e therefore it cannot be detected by t he users. On WordPress attack, the attack
aims on gathering information about the user account of the Wo rdPress and brute force it as described in [5] .
The username can be enumer ated by exploiting the WordPre ss database. On t he WPA2 attack, WPA2 is the
most secured network protocol because of usage o f four ways handshakes. Nevertheless, the handshakes can
be manipulated to obtain the MAC hardware address and crack the pass word [6].
Although many attacks have been demonstrated in the literat ure, however in this paper we will focus
on the top four penetration, such as SQ Li, XSS, Wordpr ess, and WPA2 attacks using Ka li Linux. Kali Linux
is a penetration testing and se curity auditing platfor m with advanced tools to identify, detect, and exploit any
vulnerabilities uncovered in the target network environment [7 ] , [ 8] . Additional too ls also can be added to
Kali Linux if required. Kali Linux covers the whole p rocess of launching the attac k: from gathering
information about the target, determining t he vulnerability to attack and report the finding [6]. T he review
and setup of Kali Linux has been presented in [9] .
2. PENETRATION TESTING DESIGN AND IM PLEMENTATION
SQL pla ys a significant role in the R elation Database Management System (R DBMS) due to its
simplicity and straightforwardness [10]. SQL injection occu rs when an attacker injects the SQL q ueries wit h
new para meters i nto the input values to enter and gain access to the d atabase unauthorizedly. The attack
occurs when ke ywords or op erators obtain from the user by the ap plication server executed to the
compromised updated SQL query. Cross S ite Scripting (XSS) is a technique where the JavaScript, VBScrip t,
ActiveX, Flash or HTML is planted along with the malicio us XSS link. When the i nfected link is executed o r
loaded, the attacker will obtain root privilege and all t he sensitive data and information will be left exposed to
the attacker. Various types o f XSS can include hijacking the session, taking advantage of user ’s privileges by
stealing data, posting ads in hidden IFRAME and pop -up to encode the malicious co de to maintain the
originality of the infected code therefore it cannot be detect ed by the users [4]. The attack can be conducted
through Email, stealing user’s co okies, sending an unauthorized req uest, and XSS attack in comment fi eld.
In this paper, we considered W ordpress attack as Wordpress is the most popular content management s ystem
(CMS) as described in [11], in which the top three CMS are W ordpress 59.8%, Joomla, 6 .1%, and Drupal
4.0%. Finally, WPA2 attack was considered because WP A2 provides the most advance WiFi security [12].
Fig ure 2. Penetration testing setup
Indonesian J Elec Eng & Comp Sci ISSN: 2502 - 4752
Penetration Testing using Kali Linux: SQL I njection, XSS, Wordpres, and WPA2 (Teddy Surya Gu nawan)
The experimental setup was provided in details at [9], and for simplicity it is illustrated further as
shown in Figure. 2. T he host and the tar get co mputer is a computer with Intel Core i5 -650, 8 GB RAM,
and Windows 10 version 1709 operating syste m. In this host computer, we installed XAM MP server, DVWA
(Damn Vulnerability Web Application, http:// www.dvwa.co,uk ), and Wordpress. The Kal i Linux 2.0 runs on
virtual machine with various tools for penetration testing, i.e. sqlmap, beef, wpscan, and fluxion.
On the WPA2 attack, the host Windows 10 creates a co mpromised W iFi hotspo t, an d Kali Linux virtual
machine attack the hotspot to obtain password for the WiFi hotspot. T he Windows 10 host machine and Kali
Linux is connected through vi rtual network. The virtual machine has its own virtual network adapter with its
own IP address. Lastly, Figure. 3 illustrates the flo wchart of SQLi, XSS, and WPA2 attack i mplementation.
Fig ure 3. Flowchart of SQL injection (SQLi), cross site scrip ting (XSS), and WPA2 attack
SQL injection process can be illustrated as s hown in Figure 3(a). First, we start the sqlmap tools on
Kali Linux by sim ply enter sqlmap on ter minal window. SQLMap is a n advanced and au tomatic SQL
injection tool which main purpo se is to scan, detect, and exploit the SQL injection flaws f or a given URL [7] .
The following command is entered on terminal window to laun ch the SQLi: sqlmap - u
‘http://192.168.234.1/DVWA/vulnerabilities/sqli/?id=10Submit&Sub mit’
In XSS attack, we will use a tool called Browser Exploitation Framework
(BeEF, http://www.beefproject.com ) as sho wn in Figure 3(b). BeEF is utilized to hook the website with
JavaScript so th at the attacker will be able the access of victim machine remotely. Ne xt, we h ooked the
website with ‘’ JavaScript. Once hooked,
we created a pop under which will makes the victim’s browser i s al ways o nline. T hen we redirected t he
victim to a p hishing website. The victim is then persuaded to download and launch the malicious backdoor
software to enable rever se TCP on victim’s machine. O nce, the m alicious backdoor software launched on
victim’s machine, we launch another tool called Metasploit. Metasploit is one of the most efficient, powerful,
and all- in -one centralized front-end interfaces for exploitation [7 ].
In WordPress attack, wpscan tool will be utilized. The follo wing co mmand is us ed to hack and
attack a WordPr ess w ebsite to obtain information behind the WordPress site: wpscan -- url
192.168.234.1/wordpress -- enumerate u
Indonesian J Elec Eng & Comp Sci, Vol. 12 , No. 2 , November 2018 : 729 – 737
Fig ure 4. Sreenshot of wpscan tool in kali linux
For Wi-Fi network WPA2 attack, fluxion is used f or simulation. Fluxion is an open source tool
which provides a utomated process of cracking WPA/WPA2 W i-Fi net work by utilizing fake A ccess Point
(AP) and phishing technique as ill ustrated in Figure. 3 (c). The fluxion tool can be do wnload and install by
utilizing command git clone in the Kali Linux’s terminal. The first step is to sca n the Wi -Fi cha nnel. Then we
select the Wi-Fi channel of our target. T he next process is to cap ture the handshake. The handshake is
captured using hostapd. Using this process, the Wi-Fi network will be disconnected from client network.
When th e victim attempts to connect to the Wi-Fi again, the client and Wi-Fi hotspot will do four-way
handshake which basically exchanging keys between them. These keys are master key and tr ansient key.
The key co ntains a lot o f information like the IP address of the Wi-Fi hotspot, M AC hardware address and
password. After that, the cap tured handshake will be used to create rouge AP and fake lo gin page. The victim
will be prompted a login page which they need to enter the password of the Wi -Fi hotspot.
In this sec tion, experimental results on SQLi, XSS, Wordpress and WPA2 attack s will be discussed
in more details. The experimental setup was illustrated in Figure. 2, while the design and implementation was
In this experiment, Burp Suite (https://ports wigger.net/burp) is
Naked Nudity
Nudist Female Video
Video Girls Outdoor