[go: up one dir, main page]
Scribd
Upload
4 views12 pages

SCRIPTING

The document outlines a Python script for scanning open ports on a target IP address using concurrent connections. It also describes the process of setting up and testing the OWASP Juice Shop application using Docker, Burp Suite, and Chromium for vulnerability assessment, including creating user accounts and performing fuzzing attacks. The document details the steps for capturing and analyzing login requests to test for vulnerabilities such as weak authentication.

Uploaded by

Princess Jenibell
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views12 pages

SCRIPTING

The document outlines a Python script for scanning open ports on a target IP address using concurrent connections. It also describes the process of setting up and testing the OWASP Juice Shop application using Docker, Burp Suite, and Chromium for vulnerability assessment, including creating user accounts and performing fuzzing attacks. The document details the steps for capturing and analyzing login requests to test for vulnerabilities such as weak authentication.

Uploaded by

Princess Jenibell
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

# Import necessary libraries

import socket # For handling network connections and checking open ports
from concurrent.futures import ThreadPoolExecutor # For scanning multiple ports concurrently

# Function to scan a single port on a target IP address


def scan_port(ip, port):
try:
# Create a new socket object for IPv4 (AF_INET) and TCP (SOCK_STREAM)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

# Set a timeout of 1 second for the connection attempt to avoid long delays
sock.settimeout(1)

# Attempt to connect to the specified IP and port


result = sock.connect_ex((ip, port))

# If the connection is successful (result == 0), the port is open


if result == 0:
print(f"Port {port} is open on {ip}")

# Close the socket after checking


sock.close()

# Handle any socket errors (e.g., unreachable host, invalid port)


except socket.error as err:
print(f"Error scanning port {port}: {err}")

# Function to scan a range of ports on a target IP address


def scan_ports(ip, start_port, end_port):
# Print a message to indicate that scanning has started
print(f"Scanning {ip} for open ports...")

# Use ThreadPoolExecutor to scan ports concurrently (max 10 threads)


with ThreadPoolExecutor(max_workers=10) as executor:
# Apply the scan_port function to each port in the given range
executor.map(lambda port: scan_port(ip, port), range(start_port, end_port + 1))

# Main function to handle user input and initiate the scanning process
def main():
# Ask the user to input the target IP address
ip = input("Enter target IP address: ")

# Ask the user for the starting port number


start_port = int(input("Enter starting port number: "))

# Ask the user for the ending port number


end_port = int(input("Enter ending port number: "))

# Start scanning the given port range on the provided IP


scan_ports(ip, start_port, end_port)

# Ensure the script runs only when executed directly (not when imported)
if __name__ == "__main__":
main() # Start the main function
To begin, open Docker on your machine to host the temporary web server for OWASP Juice
Shop. This will enable you to run the Juice Shop application in a contained environment,
ensuring that all dependencies are handled automatically.
Launch the OWASP Juice Shop container from Docker Platform after which you can move
forward with configuring Burp Suite and the Chromium browser for vulnerability assessment.
Open Burp Suite. Burp Suite functions as both a proxy tool and a web vulnerability scanner
which enables users to employ it for intercepting and altering web application traffic from their
browser to OWASP Juice Shop.
Launch the Chromium browser, this is the best browser to use because of easy integration with
Burp Suite.
Next step is to go 127.0.0.1:3001 which directs the Chromium browser to OWASP Juice Shop.
To begin targeting usernames and passwords in the OWASP Juice Shop application, the next step
is to create a new user account. This will allow you to test various vulnerabilities, such as weak
authentication, password policies, and user enumeration.
With your account created, you can now begin testing the system's handling of usernames and
passwords. This includes:
Fuzzing: Use Burp Suit tools to perform brute force or fuzzing attacks on the login page
targeting weak credentials
After logging in, the next step is to capture the login request using the Intercept feature. This
allows you to analyze the request to make sure the correct credentials were captured.
We will do this by ensuring the request contains the username and password that was entered.
After capturing the POST request, the next step is sending the request to the intruder tool.
The payload markers (§) are added around the email and password because it will tell the
payloads added in the payload column which details to attack.
Attack has been run.
Intercept is turned off and payloads will be used as login and password to test if the attack was
successful.
Success message indicates that the sql attack was successful.

You might also like