SharePoint 2016 Installation

These are some tips related to SharePoint 2016 installation represents the new differences only between this version and old versions.

Note: Still You can go with Legacy topologies like in SharePoint 2013/2010.

Untitled2.png

Untitled.png

  • You can change between these roles from Central admin

Untitled3.png

  • Also you can check if server is compliant with its defined role

Untitled4.png

Advertisements

WebSlayer – WEB APPLICATION ANALYSIS TOOLS

Overview

How to use it

Open WebSlayer , Insert the target web URL and select the dictionary attacks

02.png

Note test=FUZZ , Fuzz will be replaced with payload from the dictionary wordlist

03.png

Then click Start attack

Notice responses with 200 Code and also validate the HTML response and Header

To create payload attacks , go to Payload Generator and you can create from Range , Pre-defined list like in Credit Cards or from Custom entries like in Usernames

05.png

06.png

DirBuster – WEB APPLICATION ANALYSIS TOOLS

Overview

How to use it

Open DisBuster in Kali Linux 2

02.png

Insert the website target, select the wordlist and select starting options (file extension, start directory …) then click start

01.png

Note: Ignore the completion time because sometime it will be in days

Check the result tab , focus on 200 Responses

03.png

04.png

Also you can generate report for findings names

Hydra – WEB APPLICATION ANALYSIS TOOLS

Overview

  • Brute force tool for dictionary attacks
  • Support protocols like HTTP/HTTPs ,SSH, SMTP …
  • It is multi-threaded
  • Support GET/POST requests

How to use it

Open Kali Linux 2, and access Hydra

01.png

For example, to attack login web form , you need to know the control IDs for the post form and what is the behavior when the user or password is invalid

02.png

Next run the following command:

hydra -L /root/Desktop/Dictionary/users.txt -P /root/Desktop/Dictionary/passwords.txt testsite.com http-post-form “/Login.asp:tfUName=^USER^&tfUPass=^PASS:Invalid” -t 10 -w 30 -o /root/Desktop/output-attack.txt

002.png

Note: – t for No. of threads , -w for timeout and -o for result output file

It will try the combination for users and passwords in the dictionary files

Also you can check the output file

03.png

For more examples , check the following URLs:

https://www.owasp.org/index.php/Testing_for_Brute_Force_(OWASP-AT-004)

http://insidetrust.blogspot.com/2011/08/using-hydra-to-dictionary-attack-web.html

http://blog.pusheax.com/2014/01/dictionary-and-brute-force-attack-using.html

 

W3af – WEB APPLICATION ANALYSIS TOOLS

Overview

  • http://w3af.org/
  • Scanner and expliot tool
  • Group risks and vulnerabilities by Profiles like for example OWASP Top 10 profile and you can create your custom profile
  • Also has tools like proxy , compare and encoder and decoder

How to use it

Start the tool in Kali Linux 2

02.png

Insert the website target and select the profile (each profile include actions like injection , crawl …) to run the scan

03.png

Check the log to see the running scan status

04.png

Check the result tab to see the risks

06.png

You can run the exploit using plug-in from external tools like sqlmap to validate the vulnerability

07.png

then exploit it

08.png

My experience with WiFi pineapple Nano

Overview

00.png

Let us assume one victim has compromised and connected to your testing Access point, the following screen show the number of users is connected including device name, IP and MAC address

01.png

For example, let us see DWall module which capture the HTTP traffic requested by victim users including URLs , images and cookies

03.png

Also another example for DNS spoofing to redirect the user to fake website

04.png

the user will get the compromised website for further attacks

05.png

And many other features ,for more details check https://www.troyhunt.com/the-beginners-guide-to-breaking-website/

VEGA – WEB APPLICATION ANALYSIS TOOLS

Overview

  • To crawl the website and analyze the page contents and form parameters
  • Proxy for intercepting
  • To scan the websites and find vulnerabilities
  • Can define scope like in burp suite and OWASP ZAP

How to use it

Lunch VEGA in Kali Linux 2

Start New Scan

01.png

Insert the target website

02.png

Select modules to scan

03.png

Add token cookies for authentication if available

04.png

Define the exclude listed parameters

05.png

Check the result and validate the risks

06.png

You can also check the request/response details in proxy tab

07.png

Maltego – WEB APPLICATION ANALYSIS TOOLS

Overview

  • https://www.paterva.com/web7/
  • A Reconnaissance tool to gather information from the public internet
  • Community edition built into Kali Linux with 12 scans without purchasing license
  • Gather information like Sub domains , DNS ,IPs , Emails , System banners , documents …
  • To Build graph representing the target domain and its information gathered

How to use it

Open Maltego in Kali linux 2

01.png

Follow the wizard , You need to register

02.png

You can select which types of scan to start (from basic Reconnaissance to more advanced)

Note : L1 = Basic scan , L3 = Intensive scan

03.png

for example Footprint L3 will go with the following scans

07.png

then select the domain target

04.png

Result represents the following gathered information and with its relations

05.png

Result as list

06.png

 

Public sources – WEB APPLICATION ANALYSIS TOOLS

Overview

  • Include anything related to website on public Internet which cause to disclose information
  • Hackers use these information in footprint process or social engineering attacks

Public source Examples

  • Search engine such as Google and Bing
  • Company website including contacts , job posting …
  • Robots.txt
  • View source or comments in HTML contents
  • http://archive.org , can view history of archived website
  • Social media websites like blogs and LinkedIn
  • Trusting fake websites and people (fake opening job in LinkedIn)
  • Geo location and addresses  (used with wireless attacks)
  • https://www.shodan.io , search engine help for system banners
  • Google hacking , review my whitepaper “Maximizing SharePoint Security” https://gallery.technet.microsoft.com/Maximizing-SharePoint-cf7f7efc
  • Google Hacking Database (GHDB) https://www.exploit-db.com/google-hacking-database/ , search engine help in find vulnerabilities and exploits by search queries
  • Document’s metadata , contains information like name of users , OS created the document …

FOCA tool

How to use it

Create new project

01.png

Fill the fields and click Create

02.png

Click Search All

03

It will show list of files found it for this domain and metadata of these documents , you can then right click to Analyze Metadata in Metadata Summary node

04.png

HTTrack – WEB APPLICATION ANALYSIS TOOLS

Overview

How to use it

In Kali linux 2, run the following command:

httrack

Enter the name of the website , directory to save the result and the website to capture

01.png

Choose Action 1 and ignore the rest questions

02.png