Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Vanguard"

From NetSec
Jump to: navigation, search
(Application Dependencies)
(Configuration)
Line 23: Line 23:
  
 
===Perl Dependencies===
 
===Perl Dependencies===
 +
  
 
==Configuration==
 
==Configuration==
 +
 +
===Main Configuration===
 +
---
 +
rewrite: 0
 +
use_whitelist: 1
 +
module_whitelist:
 +
  - WEBAPPS
 +
  - SHELL
 +
  - NMAP
 +
  - CRAWL
 +
  - XSS_GET
 +
  - SQL_GET
 +
  - LFI_GET
 +
  - RCI_GET
 +
 +
===CRAWL.yml===
 +
---
 +
depth: 20
 +
 +
===NMAP.yml===
 +
---
 +
flags: "-P0 --defeat-rst-ratelimit -sSV -F"
 +
{{protip|The '''S''' in -sSV is the reason this scan requires root.}}
 +
 +
===Local File Inclusion===
 +
---
 +
lfi_test: '%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
 +
lfi_match: "root\:.\:0\:0"
 +
lfi_exits:
 +
  - '%00'
 +
  -
 +
 +
===LDAP===
 +
---
 +
ldap_true:
 +
  - ")(&"
 +
  - ")(&)("
 +
ldap_false:
 +
  - ")(|"
 +
  - ")(|)("
 +
 +
===RFI===
 +
---
 +
rfi_test: http://asdf.com/
 +
rfi_match: 89asdf.gi
 +
 +
===Command Injection===
 +
---
 +
entries:
 +
  - '|'
 +
  - ';'
 +
  - '&&'
 +
 +
===SQL injection===
 +
{{code|text=<source lang="yaml">---
 +
sql_spacers:
 +
  - '%20'
 +
  - '+'
 +
sql_entries:
 +
  - ""
 +
  - '%27'
 +
  - '%bf%27'
 +
sql_exits:
 +
  - --
 +
  - /*
 +
  - )--
 +
  - )/*</source>}}
  
 
=Download=
 
=Download=

Revision as of 05:12, 9 January 2012

RPU0j.png The end-user is liable for his-or her own actions with the use of this software. Running this against a system you do not own without written authorization is a criminal act.

Description

c3el4.png Vanguard is a comprehensive web pen testing tool that identifies vulnerabilities in web applications.

Features

Main application features:

  • Fully Configurable
  • WebCrawlers crawl all open HTTP and HTTPS ports output from nmap
  • LibWhisker2 For HTTP IDS Evasion (Same options as nikto)
  • Tests via GET,POST, and COOKIE

Web penetration tests:

Usage

 perl scan.pl -h [hostname] -e [evasion option]

Installation

Application Dependencies

c3el4.png You must have nmap from http://nmap.org installed to run this application correctly.
Notice: You must run this application as root.
Protip: You can undo the root requirement by removing the check for root and modifying the nmap configuration.


Perl Dependencies

Configuration

Main Configuration

--- rewrite: 0 use_whitelist: 1 module_whitelist:

 - WEBAPPS
 - SHELL
 - NMAP
 - CRAWL
 - XSS_GET
 - SQL_GET
 - LFI_GET
 - RCI_GET

CRAWL.yml

--- depth: 20

NMAP.yml

--- flags: "-P0 --defeat-rst-ratelimit -sSV -F"

Protip: The S in -sSV is the reason this scan requires root.


Local File Inclusion

--- lfi_test: '%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd' lfi_match: "root\:.\:0\:0" lfi_exits:

 - '%00'
 -

LDAP

--- ldap_true:

 - ")(&"
 - ")(&)("

ldap_false:

 - ")(|"
 - ")(|)("

RFI

--- rfi_test: http://asdf.com/ rfi_match: 89asdf.gi

Command Injection

--- entries:

 - '|'
 - ';'
 - '&&'

SQL injection

---
sql_spacers:
  - '%20'
  - '+'
sql_entries:
  - ""
  - '%27'
  - '%bf%27'
sql_exits:
  - --
  - /*
  - )--
  - )/*

Download