Posts by webpwnized

3 min

Video Tutorial: Introduction to XML External Entity Injection

Title: Video Tutorial: Introduction to XML External Entity Injection Author: webpwnized [] From: ISSA KY Sept 2013 Workshop (Louisville, KY) Twitter: @webpwnized This video introduces XML injection to achieve XML external entity injection (XXE) and XML based cross site scripting (XSS). Please find notes used/mentioned in video posted below the video. 1. What is XML injection 2. What is an "entity" 3. What is entity injection 4. Cross site

2 min

Video Tutorial - Installing Kali Linux on Bootable, Persistent USB

Author: Jeremy Druin (webpwnized) Twitter: @webpwnized Title: Installing Persistent Kali Linux on Bootable USB Flash Drive From: ISSA KY June 2013 Workshop Recorded By: Adrian Crenshaw (@irongeek_adc) This video covers the installation of Kali Linux on a USB drive. Additionally, setting up persistence on a separate partition is reviewed including how the persistence works. A Kali Linux virtual machine is used to create the USB. The workshop was done to support the Long family. Johnny Long

1 min

Video Tutorial: Installing Kali Linux on Virtual Box

Author: Jeremy Druin Video Release Announcements: Twitter @webpwnized Title: Installing Kali Linux on Virtual Box with Nessus and Metasploit Link: Installing Kali Linux on Virtual Box with Nessus and Metasploit - YouTube [] This video is from the April 2013 workshop of the KY ISSA covering the installation of Kali Linux 1.01 on Virtual Box . Please see notes below the video. Notes: 1. Kali version 1.01 64-bit was used in making the video but th

1 min

Video Tutorial: Introduction to Burp-Suite 1.5 Web Pen Testing Proxy

Author: webpwnized (Twitter: @webpwnized) Tool: Burp-Suite 1.5 Free Edition Length: ~1 hour After installing Burp-Suite, this video covers how to configure the proxy to intercept, pause, alter, and test requests and responses between a web browser and a web server (web site). Much of the basic functionality and some more advanced settings are reviewed including the Target, Proxy, Sequencer, Repeater, Intruder, and Decoder tab. While there are many more settings and features than can be covere

1 min

Tutorial: Using web command injection vulnerability to gain administrative shell on Windows web server

In this video, a Windows web server is hosting Mutillidae web application which contains a command injection vulnerability. Using command injection to exploit the Mutillidae web application, we gain a root shell (Administrative Windows cmd shell). The server is fully patched with anti-virus running and a firewall blocking port 23. Additionally the telnet service is disabled. With the command injection vulnerability, this video demonstrates how misconfiguring web services can have serious conseq

1 min

Video: Introduction to basic host and service discovery scanning

During the early portion of the scanning phase of pen testing, locating active hosts and identifying the services on open ports is critical in order to determine exposed systems. The video was recorded at the May ISSA Kentuckiana monthly workshop in Louisville and covers basic host discovery scanning. Port scanning and service discovery are covered as well as reporting results. Some of the tools used are nmap, xprobe2, hping3, tcpdump and amap. The speaker is Jeremy Druin (@webpwnized) and was

2 min

Tutorial: How to scan exploit Metasploitable-2 using Metasploit, Nexpose, nessus, Nmap, and John-the-Ripper

This video tutorial covers exploiting Metasploitable-2 to get a root shell and eventually a terminal via a valid "sudo-able" login over SSH. Two machines; a test host (Backtrack 5-R2) and a target host (Metasploitable-2) are set up on a VirtualBox host-only network. With this lab network set up, the demonstration walks through a practice pen-test using the phases of recon, scanning, exploitation, post-exploitation, and maintaining access. (Covering tracks and reporting are not covered. Recon is

0 min

Tutorial: Using SQL injection to generate cross site scripts

This video discusses a somewhat advanced SQL injection technique in which the SQL injection is not the primary attack. The SQL injection is used to generate cross site scripting. This is useful when cross site scripts cannot be injected into a webpage from a client because web application firewalls or other scanners are in place. When an SQL injection can be snuck past the WAF, it is possible to have the SQL injection generate the Cross Site Script dynamically.

0 min Metasploit

Tutorial: How to discover hosts using Metasploit Community Edition

This video shows Metasploit Community Edition being used to run an nmap scan on a Virtual Box network in order to discover hosts.

0 min Metasploit

Tutorial: How to import Nessus scan into Metasploit Community Edition

This video covers importing the completed Nessus scan into Metasploit Community Edition.