July 2011

Click on Image, to view it in full size.

PTEST – Penetration Testing Execution Standard provides set of rules which helps you to do successful penetration testing. This is a technical talk stage show which offers direction on where we need to head in the security industry. David talks in-depth on the future of PEST.

Watch video and share your thoughts with us. We will be posting some very nice megazines that can help you improve your skills.

 

Exploiting, Injecting WordPress

Wordpress Blackbox testing

What is WPScan?

WPScan is wonderful and super fast wordpress vulnerability scanner written in ruby language, sponsored by RandomStorm and hosted by Googlecode. It provides you an easy way to penetrate wordpress blogs using blackbox techniques.

You can find the following stuff about any wordpress blog using this ruby application:

  • List of plugins
  • Name of theme
  • Bruce forcing Weak Password for specific user
  • Brute force username
  • Directory listings
  • Version details
  • Possible vulnerabilities.

How to Install WPScan?

Before you install WPScan, you have to install number of dependencies essential by this tiny ruby application. BTW i am using BackTrack5 Linux.

Dependencies :

apt-get install libcurl4-gnutls-dev
gem install --user-install mime-types
gem install --user-install xml-simple
gem install --user-install typhoeus

WPScan Installation :

cd /pentest/web/
wget http://wpscan.googlecode.com/files/wpscan-1.0.zip
unzip wpscan-1.0.zip
cd wpscan

How to use WPScan?

It is almost cooked. One more thing we need here; is to download keywords database which will be used for brute forcing.

wget http://static.hackersgarage.com/darkc0de.lst.gz
gunzip darkc0de.lst.gz

Example usage of this ant application :

Do ‘non-intrusive’ checks…
ruby ./wpscan.rb --url www.hackersgarage.com

Do wordlist password brute force on enumerated users using 50 threads…
ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --threads 50

Do wordlist password brute force on the ‘admin’ username only…
ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --username admin

Generate a new ‘most popular’ plugin list, up to 150 pages…
ruby ./wpscan.rb --generate_plugin_list 150

Enumerate instaled plugins…
ruby ./wpscan.rb --enumerate p

Still in trouble with configuration ? Ask in comments.

Openx is enterprise class ad inventory solution for your business. Normally I carry out its configuration from command line interface but this moment I decided to enable one plugin using UI (Web based Interface) but it failed and the following error appeared on screen:

It is not possible to edit all settings because the configuration file is locked for security reasons. If you want to make changes, you may need to unlock the configuration file for this installation first.

 

I tried to see all option but didn’t find a way to unlock the configuration file. Finally I found that its config file should be writable by your apache user.

To UnLock Configuration File :

chmod 666 /home/hackersgarage/public_html/var/ads.hackersgarage.com.conf.php

To Lock Configuration file back :

chmod 644 /home/hackersgarage/public_html/var/ads.hackersgarage.com.conf.php

It is recommended to lock it back when you are finished with your web based configuration.

Today i captured one tutorial using recordmydesktop utility on my backtrack and decided to view it but unfortunately backtrack 5 Linux didn’t include a good media player to do entertainment πŸ˜€ when you get bored with dirty work.

Anyways, i installed vlc using following command ;
aptitude install vlc

And tried to run vlc as root i got error on my terminal ;
vlc

VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use vlc-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).

This error says straight forward vlc can not be run as root privileged user. What to do now? Don’t be panic. Here is the hacked solution πŸ˜€
vi /usr/bin/vlc
search for geteuid and replace it with getppid

Save file & Exit.

Now it should work, try to run it again πŸ˜‰

Note : This is a very bad practice to run certain application with administrative rights. Do it at your own risk! πŸ˜‰

I call this Error in error, because it reports wrong error.

I got this error while i execute ./adb devices

ERROR :

adb: No such file or directory

Error itself is very confusing, because the file is exist there and it reports false error. Well after searching on googe, found i36 compatibility libraries are missing there which i installed it simply with apt-get.

FIX “adb: No such file or directory”

apt-get install ia32-libs

It worked great for me. Let me know if you are stuck in same trouble.