bWAPP Cross Site Tracing XST
3.8 هزار بار بازدید -
2 سال پیش
-
Cross-Site Tracing (XST) - Low
Cross-Site Tracing (XST) - Low Security Level
Solution:
Step 1. Scan for trace method
Command:
nmap 10.0.2.4 --script http-methods --script-args http-method.test.all='10.0.2.4'
* Change the ip to your beebox ip address.
Step 2. Scan for use of TRACE method using nikto
Command:
nikto -h 10.0.2.4
Step 3. Use curl to scan and check whether TRACE method is used.
Command:
curl -v -X OPTIONS 10.0.2.4
Step 4. Checking trace method with metasploit
Commands:
msfconsole
search http trace
use 1
show options
set RHOST your beebox IP address
show options // To check if RHOST is set correctly
run
Step 5. *Note: I am using BurpSuite pre configured browser, in case if you are not using the pre configured browser then please configure the browser with proxy and then follow the below steps.
Start BurpSuite
Turn the Burp Proxy intercept to on
Reload the lesson page
Change GET method to TRACE method
Click Forward
Turn off the Intercept
File will be saved/downloaded in your lesson page.
Open the file and check the cookie details
Step 6. Test XST vulnerability with xsstracer
Download xsstracer from url - https://github.com/1N3/XSSTracer
Follow steps as shown in the video
Note: Using Firefox browser as crome doesnt give option to download code.
Use command
python xsstracer.py 10.0.2.4 80
PseudoTime
Solution:
Step 1. Scan for trace method
Command:
nmap 10.0.2.4 --script http-methods --script-args http-method.test.all='10.0.2.4'
* Change the ip to your beebox ip address.
Step 2. Scan for use of TRACE method using nikto
Command:
nikto -h 10.0.2.4
Step 3. Use curl to scan and check whether TRACE method is used.
Command:
curl -v -X OPTIONS 10.0.2.4
Step 4. Checking trace method with metasploit
Commands:
msfconsole
search http trace
use 1
show options
set RHOST your beebox IP address
show options // To check if RHOST is set correctly
run
Step 5. *Note: I am using BurpSuite pre configured browser, in case if you are not using the pre configured browser then please configure the browser with proxy and then follow the below steps.
Start BurpSuite
Turn the Burp Proxy intercept to on
Reload the lesson page
Change GET method to TRACE method
Click Forward
Turn off the Intercept
File will be saved/downloaded in your lesson page.
Open the file and check the cookie details
Step 6. Test XST vulnerability with xsstracer
Download xsstracer from url - https://github.com/1N3/XSSTracer
Follow steps as shown in the video
Note: Using Firefox browser as crome doesnt give option to download code.
Use command
python xsstracer.py 10.0.2.4 80
PseudoTime
2 سال پیش
در تاریخ 1401/01/19 منتشر شده
است.
3,878
بـار بازدید شده