Download and install Samurai for VMWARE Workstation (https://sourceforge.net/projects/samurai/files/)
Unzip and double click on the *.vmx file
Default Username/password: samurai/samurai
Samurai has vulnerable websites:
Allow network access to the them by modifying the *.conf files which can be found /etc/apache2/sites-available.
To open the file use this command: sudo gedit bwapp.conf
Check to see which services are running on which ports by using this command: grep -ri listen /etc/apache2
Modify the IP address from <IP>:<port> to *.<port>
Save the files
Restart Apache using this command: /etc/init.d/apache2 restart
This error means more than one service is running on the same ports
To change the screen resolution in Kali using the Terminal type
Then choose your desired dimension by typing
The Bigger They Come, The Harder They Fall
Earlier this year a vulnerability was exploited which used the PingBack feature in WordPress. I am going to show how to create a request to recreate the attack. The attack send upwards of 400 Gbps through the internet. By comparison you’re home network is, on a good day, theoretically 100 Mbps. This attack pumped 40x more traffic than your home network can ever do.
I created the request in BURP PROXY:
POST /xmlrpc.php HTTP/1.0
Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!