w3af s. qi,x. ma,y. zhang,b zhao,y zhu ec521 fall 2014
TRANSCRIPT
![Page 1: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/1.jpg)
W3af
S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu
EC521 Fall 2014
![Page 2: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/2.jpg)
w3af 09/24/14
Outline
Install w3af Target web application Some attempts: SQLI, XSS Source Code demystified Future plan
![Page 3: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/3.jpg)
w3af 09/24/14
Install w3af
Source: http://w3af.org/download
![Page 4: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/4.jpg)
w3af 09/24/14
Install w3af
![Page 5: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/5.jpg)
w3af 09/24/14
Install w3af
Because we are Unix users, we don't need to install Python
Input the code: sudo easy_install pip
![Page 6: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/6.jpg)
w3af 09/24/14
Install w3af Input code: /var/folders/jt/4f04_j4x669fh26qd614v8cc0000gn/T/w3af_dependency_install.sh
![Page 7: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/7.jpg)
w3af 09/24/14
Install w3af - Problems
We can’t use the code: ./w3af_gui PyGTK and GTK
![Page 8: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/8.jpg)
w3af 09/24/14
Install Web AppTHE APP WE NEED TO SETUP:MAMP:Mac Apache-MySQL-PHP
![Page 9: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/9.jpg)
w3af 09/24/14
Install Web App Download and setup
MAMP
Download our testing web server JobTracker save it in a new fold named ‘project’
Create the JobTracker Database
Then we can check the infos in JobTracker Database
![Page 10: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/10.jpg)
w3af 09/24/14
Install Web App
Just change the Document Root and click start server then we can connect to our local web server.
![Page 11: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/11.jpg)
w3af 09/24/14
Install Web App
It is the web application we will use to test w3af
It is written in php
It is barely protected while it was written
![Page 12: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/12.jpg)
w3af 09/24/14
![Page 13: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/13.jpg)
w3af 09/24/14
op
![Page 14: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/14.jpg)
w3af 09/24/14
Attempts: SQLI Examine main components: plugins, profile, http-settings
![Page 15: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/15.jpg)
w3af 09/24/14
Attempts: SQLI Built-in profiles; create new profile
![Page 16: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/16.jpg)
w3af 09/24/14
Attempts: SQLI Built-in plugins; create new or new pattern to existing one
![Page 17: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/17.jpg)
w3af 09/24/14
Attempts: SQLI
![Page 18: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/18.jpg)
w3af 09/24/14
Attempts: SQLI
![Page 19: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/19.jpg)
w3af 09/24/14
Code Study
Structure
![Page 20: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/20.jpg)
w3af 09/24/14
Code Study
Controllers Thread pool, plug-in manager,
Data Parsers, DB connector, Http request handler
UI GUI
![Page 21: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/21.jpg)
w3af 09/24/14
Code Study
Handle different kind of attacks(attack/audit/evasion/grep)
Login (brute force, auth)
Crawl the websites(crawl)
Handle the output, test(output/test)
![Page 22: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/22.jpg)
w3af 09/24/14
Code StudyTest(1) Test the plug-ins
Test the Specific Websites with Specific Method
![Page 23: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/23.jpg)
w3af 09/24/14
Code StudyTest(2) Example
![Page 24: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/24.jpg)
w3af 09/24/14
Code StudyExtensibility
1 Write Plug-ins
2 Put Plug-ins in core
3 Test Plug-ins
4 Test in the websites
![Page 25: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/25.jpg)
w3af 09/24/14
Conclusion
What we have achieved:
Setup and Run
Choose experiment web apps( JobTracker, WAMP)
Collect results
Understanding of architecture and core source
![Page 26: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/26.jpg)
w3af 09/24/14
Future Plan
What we will do:
Cross-Site Scripting(XSS) or Cross-Site Request Forgery(CSRF)
Paper study
Deep understanding of architecture and core source
Comparison(with OpenVAS)
Make the Tutorial!
![Page 27: W3af S. Qi,X. Ma,Y. Zhang,B Zhao,Y Zhu EC521 Fall 2014](https://reader030.vdocument.in/reader030/viewer/2022032313/56649e6b5503460f94b69e39/html5/thumbnails/27.jpg)
Photonics Presentation 09/24/14
w3af