pen testing the web with firefox: add-ons
TRANSCRIPT
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
1/69
Pen Testing the Webwith Firefox: Add-ons
Michael theprez98 Schearer
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
2/69
Penetration testing add-ons
n Display capabilities
n Information gathering
n (Mostly) anonymous browsing
n Vulnerability assessment
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
3/69
Display capabilities
n IETab
n User Agent Switcher
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
4/69
IE Tab
n Embeds of Internet Explorer in Firefoxtabs
n Allows viewing of pages in differentbrowser without having to start/restart IE
n Switch rendering engine option allows
quick comparison of page viewsn Safari View, Opera View, Chrome View
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
5/69
javascript:SnapshotWin()
client.html
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
6/69
javascript:SnapshotWin()client.html
setup/config.html
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
7/69
User Agent Switcher
n Allows viewing of pages in differentbrowser configurations
n Allows comparison of page views indifferent formats without having to pre-load multiple conditions
n
Caveat: does not necessarily make thebrowser render a page like anotherbrowser
n
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
8/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
9/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
10/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
11/69
Information gathering
n Information gathering is the process ofcollecting as much information about a
target as possiblen Passive
n Active
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
12/69
Passive information gathering
n PassiveRecon
n Passive Cache
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
13/69
PassiveRecon
n Provides information securityprofessionals with the ability to perform
"packetless" discovery of targetresources utilizing publicly availableinformation
n
Executes 20+ pre-configured searchesregarding IP, DNS, mail serverinformation, and Google searches
n Demo
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
14/69
Passive Cache
n Uses Google's text-only cache service andArchive.org Wayback Machine to display
historical versions of a specified web linkn Allows for the viewing of a page, or site,
while avoiding active connections to a
target site
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
15/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
16/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
17/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
18/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
19/69
Active information gathering
n ShowIP
n Asnumber
n Server Spy / Header Spyn Host Spy
n WorldIP
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
20/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
21/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
22/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
23/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
24/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
25/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
26/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
27/69
(Mostly)* anonymous browsing
n Third party website tools
n Public internet terminals
n Web-based HTTP proxiesn Proxy add-ons
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
28/69
Third party website tools
n Allows you to view content through a thirdparty so as to not alert the target
n Content may be datedn Allows gathering of:
Metadata (i.e., centralops.net)
Context (Google cache, WaybackMachine)
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
29/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
30/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
31/69
Public internet terminals
n Provides a degree of anonymity due tothird party location, multiple users, and
lack of authentication mechanismsn Some (i.e., libraries) are free, but many
cost (airports, hotels, etc.)
n
Ability to install or add functionality may belimited
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
32/69
Web-based HTTP proxies
n Hides IP address from target by using athird party (proxy)
n Works best if the third party is trusted notto reveal the attackers information
n Some proxies may be blocked depending
upon your source location
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
33/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
34/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
35/69
Anonymouse.org add-on
n Creates an entry in right click (context)menu to open links anonymously using
Anonymouse.orgn Does not appear to work correctly
(yet?)
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
36/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
37/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
38/69
Proxy add-ons
n Browser-based proxy configuration
n Permits tunneling through open proxies
n Provides plausible deniability duringpenetration tests by obscuring thesource of your traffic
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
39/69
Torbutton
n Simple on-off button that switches yourproxy settings between the default (off)
and Tors settings (on)n Requires Tor to be installed
n Does not work with other proxy
configurations
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
40/69
FoxyProxy
n Supports multiple proxy configurations
n Supports Tor (when installed); otherwise
no additional software requiredn Initial setup can be a little confusing
n
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
41/69
See also
n SwitchProxy
n QuickProxy
n AutoProxyn Toggle Proxy
n
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
42/69
*Caveats
n Some proxy servers (i.e., Squid) use theX-Forwarded-For tag which can reveal
the originating IP addressn Owners of proxy servers may be subject
to court orders to reveal log information
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
43/69
Vulnerability assessment
n Discover and assess potentialvulnerabilities associated with a
particular targetPassive
Active
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
44/69
Passive assessment: SHODAN
n Server metadata is collected by a thirdparty so searching via SHODAN does
not reveal any intent to the targetn In many ways this is just like using a
combination of cached data and a proxyserver
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
45/69
Active assessment (1)
n Generally speaking, the most accuratemethods of vulnerability assessments
are active in nature and thus will alertthe target in some way
n Depending on the tool and technique, thismay appear to be normal activity or thesignature of a major attack
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
46/69
Active assessment (2)
n Exploit-Me
n SQL Injection
n HackBarn Firebug
n Key-logger
n Tamper Datan
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
47/69
47
Exploit-Me
n Suite of lightweight security testing toolsn Introduced at SecTor 07 by Nishchal Bhalla and
Rohit Sethi of Security Compass
n XSS-Me to test for Cross-Site Scriptingvulnerabilities (www.xssed.com)
n SQL Inject-Me to test for SQL injectionvulnerabilities
n
Access-Me tests access vulnerabilitiesn Future: Web Service-Me, Overflow-Me,Enumerate-Me, BruteForce-Me
http://www.xssed.com/http://www.xssed.com/ -
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
48/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
49/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
50/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
51/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
52/69
HackBar
n Web developer tool designed to help withsecurity audits on code
n Assists in testing SQL injections, XSSholes and general site security
n Test security with obfuscation and de-
obfuscation
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
53/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
54/69
Firebug
n Edit, debug, and monitor CSS, HTML, andJavaScript live in any web page
n Includes a powerful JavaScript debuggerthat lets you pause execution at anytime
n
Gives detailed and useful informationabout errors in JavaScript, CSS, andXML
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
55/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
56/69
Key-logger
n Advertised as never lose a messageboard post or email again
n If you have physical access to the targetmachine
n Records all keystrokes typed in web
pagesn Icon can be hidden from status bar
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
57/69
Tamper Data
n Acts like a proxy server
n Allows you to view and modify HTTP/HTTPS
headers and post parametersn Trace and time http response/requests
n Popular for hacking e-commerce sites thatdont do server-side validation (i.e., ofprice)
n Changing high scores on flash-based games
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
58/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
59/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
60/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
61/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
62/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
63/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
64/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
65/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
66/69
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
67/69
Authors and add-ons (1)
n Johann Adriaans (HackBar)n Alrond (WorldIP)n arrumi (Key-logger)
n ASNumber (ASnumber)n chrispederick (User Agent Switcher)n Brian Baskin (Passive Cache)n danielneto (SQL Injection)n
Jan Dittmer (ShowIP)n erginbulut (Host Spy)n FirebugWorkingGroup (Firebug)
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
68/69
Authors and add-ons (2)
n IronNem (Header Spy)n Christophe Jacquet (Server Spy)n Adam Judson (Tamper Data)n Eric H. Jung (FoxyProxy)n PC Man (IE Tab)n Justin Morehouse (PassiveRecon)n Mike Perry (Torbutton)n Security Compass (XSS Me, SQL Me, Access Me)n TechRaga (Anonymouse.org)n
-
8/14/2019 Pen Testing the Web With Firefox: Add-Ons
69/69
Pen Testing the Webwith Firefox: Add-ons
Michael theprez98 Schearer