All the great things are simple, and many can be expressed in a single word: freedom, justice, honor, duty, mercy, hope.

Wednesday, November 7, 2012

How To use Websploit?


Hey here is new tools which I found is WEBSPLOIT. First download WEBSPLOIT from here.Now install it. (it`s old article; view updated part at bottom to download latest version)

Installation process are as follow.

(1)First download WebSploit toolkit 
(2)Now unzip the file folder 
(3)Now change the permission of WebSploit file in WebSploit folder. Right click on websploit file and select properties.
(4)Select the Permission tab and click on Allow executing file as program now  click on close
(5)now open your terminal & type
    cd /Downloads/web/websploit
    ./websploit

Now open terminal and type websploit.
websploit

Now type show modules.
websploit

Web Modules Description
------------------- ---------------------
web/apache_users Scan Directory Of Apache Users
web/dir_scanner Directory Scanner
web/wmap Information Gathering From Victim Web Using (Metasploit Wmap)
web/pma PHPMyAdmin Login Page Scanner
Network Modules Description
------------------- ---------------------
network/arp_dos ARP Cache Denial Of Service Attack
network/mfod Middle Finger Of Doom Attack
network/mitm Man In The Middle Attack
network/mlitm Man Left In The Middle Attack
network/webkiller TCP Kill Attack
network/fakeupdate Fake Update Attack Using DNS Spoof
network/fakeap Fake Access Point
Exploit Modules Description
------------------- ---------------------
exploit/autopwn Metasploit Autopwn Service
exploit/browser_autopwn Metasploit Browser Autopwn Service
exploit/java_applet Java Applet Attack (Using HTML)
Wireless Modules Description
------------------- ---------------------
wifi/wifi_jammer Wifi Jammer
wifi/wifi_dos Wifi Dos Attack


This are attacks available in this toolkit. But for some attacks metasploit is necessary.
For example if you want to find php admin page then type
use web/pma

now type show options. it`s show next step. So now type 
set target “website url”
websploit

now at last type 
run 
& wait. It will find admin page of php website.

As I mention above you can use all options which are available in modules.

Update:
Now websploit is moved to github .So download and update instruction are as follow.

git clone https://github.com/websploit/update.git

cd update

chmod +x websploit

./websploit

For update of framework:-

cd update

git pull

websploit

You can also run update command in websploit.

No comments:

Post a Comment

UA-35960349-1