# **ZARARLI GİRDİ KONTROLÜ** - SQL Injection (',",#, *, /*) - XSS (<script>) - Command Injection (;ls) - Directory Traversal (../../etc/passwd) # **Zafiyetli Ortam** - Ubuntu 14.04 - mysql - apache2 - php5.6 - ssh - vstfpd vulnerable - tomcat # **KİMLİK DOĞRULAMA KONTROLÜ** - ID Enumeration (id=0 root) # **YETKİ KONTROLÜ** - Authorization Bearer - JWT (easy pass) # **PROTOKOL KONTROLÜ** - VSFTPD (21) - SSH (22) - apache2 (80) - mysql (3306) - tomcat - ftp anon (21) # **VERİTABANI GÜVENLİĞİNİN KONTROLÜ** - Brute force - local file access and write ## Pass list ubuntu - root:r00t_n3w_p4ssw0rd - user:r34ly_h4rd_p4ssw0rd mysql - root:d4s_1st_mysql0001 ## Applications DVWA BWAPP # DONE - [x] Zararlı Girdi Kontrolü Rapor - [x] SQL Injection App - [x] HTML Injection (Reflected GET on bWAPP) - [x] XSS App ( on bWAPP) - [X] Command Injection App - [ ] Directory Traversal App - [ ] BoF App VSFTPD Backdoored (21) 1.user:) 2.pass 3.nc $host 6200 Apache - PHP 5.6 - PhpMyAdmin (80) MySQL (3306) load_file() load local infile() Misconfigured Secure Path ($PATH=/) Tomcat Default Pass (8080) tomcat:tomcat