Pages

2/07/2011

Using Mantra for SQLi + Defacing a website

original post from Mantra website
in ClubHack Magazine, Feb 2011 issue


http://chmag.in/article/feb2011/mantra-%E2%80%93-free-and-open-source-security-framework

I just found it's good and it comes with pictures in every steps of the tutorial.

Below this are just my sum-up what I read on the page.

Summary of the steps (these numbers do not corresponding to numbers in the tutorial):
1. Use Mantra
2. press F9 to open HackBar
3. manually find a possible exploitable page
4. test for SQL injection by adding ' (apostrophe)
5. finding number of columns that SQL command in the page use , by using order by
6. getting more info, such as user name, table names, column names
7. finally get user/password
8. if password is hashed, reverse the hash
9. login via normal webpage
10. find a page for uploading files
11. upload C99 shell
12. find where the page upload the file to
13. run the web shell
14. ........15. exit and clear event log

** there's more information on how effective of each web app backdoors (not just C99) in ClubHack Magazine here http://chmag.in/article/feb2011/effectiveness-antivirus-detecting-web-application-backdoors
or see PDF version. see http://chmag.in/issue/feb2011.pdf

No comments:

Post a Comment