CSC/ECE 517 Spring 2014/security audit: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
(Added basic wmap scan data)
 
(Added nslookup results)
Line 1: Line 1:
== Overview ==
= Overview =


This page will document a security audit of Expertiza.
This page will document a security audit of Expertiza.
= Scans =
== Basic server info ==
[~]$ nslookup http://expertiza.ncsu.edu
Server: 209.18.47.61
Address: 209.18.47.61#53
Non-authoritative answer:
Name: http://expertiza.ncsu.edu
Address: 198.105.251.210
Name: http://expertiza.ncsu.edu
Address: 66.152.109.110


== Metasploit wmap ==
== Metasploit wmap ==

Revision as of 07:19, 21 April 2014

Overview

This page will document a security audit of Expertiza.

Scans

Basic server info

[~]$ nslookup http://expertiza.ncsu.edu Server: 209.18.47.61 Address: 209.18.47.61#53

Non-authoritative answer: Name: http://expertiza.ncsu.edu Address: 198.105.251.210 Name: http://expertiza.ncsu.edu Address: 66.152.109.110

Metasploit wmap

[~]$ msfconsole

       =[ metasploit v4.9.2-2014040906 [core:4.9 api:1.0] ]
+ -- --=[ 1299 exploits - 791 auxiliary - 217 post ]
+ -- --=[ 334 payloads - 35 encoders - 8 nops      ]

msf > load wmap

.-.-.-..-.-.-..---..---.
| | | || | | || | || |-'
`-----'`-'-'-'`-^-'`-'
[WMAP 1.5.1] ===  et [  ] metasploit.com 2012
[*] Successfully loaded plugin: wmap
msf > wmap_sites -a http://expertiza.ncsu.edu/
[*] Site created.
msf > wmap_sites -l
[*] Available sites
===============

     Id  Host            Vhost           Port  Proto  # Pages  # Forms
     --  ----            -----           ----  -----  -------  -------
     0   152.14.105.146  152.14.105.146  80    http   0        0
msf > wmap_targets -t http://152.14.105.146/home.html
msf > wmap_targets -t http://152.14.105.146/home
msf > wmap_targets -l
[*] Defined targets
===============

     Id  Vhost           Host            Port  SSL    Path
     --  -----           ----            ----  ---    ----
     0   152.14.105.146  152.14.105.146  80    false	/home.html
     1   152.14.105.146  152.14.105.146  80    false	/home
msf > wmap_run -t
[*] Testing target:
[*] 	Site: 152.14.105.146 (152.14.105.146)
[*] 	Port: 80 SSL: false
============================================================
[*] Testing started. 2014-04-21 02:33:20 -0400
[*] Loading wmap modules...
msf > wmap_run 
[*] 39 wmap enabled modules loaded.
<snip>
[*] Done.
msf > wmap_vulns -l
msf > # No vuls discovered