Watobo/Usage/Plugins

From aldeid
Jump to: navigation, search

Description

In this lesson, you will learn to use two available plugins:

  • the Catalog-Scanner which is a brute-forcer useful for discovering *hidden* files/directories based on db_tests file.
  • the SSL-Checker which checks if certificate supports strong ciphers.

Catalog-Scanner

First of all, we have to create a valid db_tests file in our plugins/catalog/ directory. The simpliest thing to do is to use the one available in Page in French Nikto since the format is exactly the same.

Install Nikto (eventually adapt path):

$ cd /opt/
$ sudo wget wget http://www.cirt.net/nikto/nikto-current.tar.gz
$ sudo tar xzvf nikto-current.tar.gz

Go to Nikto's plugins directory and copy db_tests to Watobo's plugins directory (eventually adapt path):

$ cd nikto-2.1.3/plugins/
$ cp db_tests /opt/watobo/plugins/catalog/

For more information on Nikto refer to this article: Page in French Nikto.

Once you have copied db_tests file, you can use the plugin. Open Watobo, click on the plugins icon from the icons toolbar, then click on the first available plugin: Catalog-Scanner.

From the dropdown lists:

  • select a site from "Select Sites" (e.g. 127.0.0.1)
  • select a Root Directory (e.g. /dvwa)
  • eventually check "test all subdirectories" if you wish to make the analyzes of all sub-directories (warning: this could drastically increase the time of the scan)

Then click "Start". It starts the scan:

Watobo-plugins-catalog-scanner.png

It adds a new section in the findings tab with all discovered files/directories:

Watobo-plugins-catalog-results.png

SSL-Checker

Description

In this example, we are going to analyze 2 websites that have a SSL connection and compare the results.

Example

First of all, create a new project in Watobo. Then, open Firefox and browse these two sites:

Go back to Watobo, click on the plugin icon, then click on the SSL-Checker button.

It should show a similar window:

Watobo-plugins-sslchecker-001.png

Now, select the first site (ssltube:443) in the "Available Sites" dropdown list and click on the "Start" button.

Watobo-plugins-sslchecker-002.png

Do the same for the second site (www.google.com:443):

Watobo-plugins-sslchecker-003.png

Here are the results:

Cipher ssltube:443 www.google:443
AES256-SHA 256 256
AES128-SHA 128 128
DES-CBC3-SHA 168 168
DES-CBC-SHA 56 -
RC4-SHA 128 128
RC4-MD5 128 128

We can easily conclude that Google's certificate supports stronger ciphers than Ssltube.

Comments

Talk:Watobo/Usage/Plugins