Author Topic: How to configure recon-ng  (Read 6510 times)

zeroinf

  • Newbie
  • *
  • Posts: 3
    • View Profile
on: April 20, 2014, 10:11:25 PM
Hello guys! I have a question: anyone can tell me how can i configure step by step  recon-ng >xpath-brutter ? i dont find notting to help me .


 Thanks !



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #1 on: April 21, 2014, 02:41:39 PM
« Last Edit: April 22, 2014, 02:13:06 AM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


zeroinf

  • Newbie
  • *
  • Posts: 3
    • View Profile
Reply #2 on: April 21, 2014, 08:25:24 PM
That video & other witch i find it earlier not help me.  here my recon-ng [xpath]> options :

  Name        Current Value                                                                                          Req  Description
  ----------  -------------                                                                                          ---  -----------
  BASE_URL    http://www.mysite.com/Support/Forum/tabid/49/forumid/3/threadid/2006/scope/posts/Default.aspx?  yes  target resource url excluding any parameters
  BASIC_PASS  abcdefg                                                                                                no   password for basic authentication
  BASIC_USER  slax                                                                                                   no   username for basic authentication
  COOKIE                                                                                                             no   cookie string containing authenticated session data
  PARAMETERS  dnn$ctr387$Forum_Container$DNNForum$txtForumSearch=<inject>         yes  query parameters with '<inject>' signifying the injection
  POST        True                                                                                                   yes  set the request method to post. parameters should still be submitted in the url option
  STRING      Form                                                                                                   yes  unique string found when the injection results in 'True'

[recon-ng][default][xpath_bruter] > run
  • 'True' injection payload: =>' and '1'='1<=
  • 'True' injection test passed.
  • 'False' injection payload: =>' and '1'='2<=
  • [!] 'False' injection test failed.
[recon-ng][default][xpath_bruter] >



What i do wrong ?




ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #3 on: April 22, 2014, 02:15:25 AM
From my side, didn't try this attack. But I will when i get time. What i think before testing is that target can't be exploited. That is for now, i need to check from box.


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*