Hey guys ,well moving forward. This post is about w3af .
I get many queries regarding how to hack a website .So first step should be gathering information and second step must be finding vulnerability in that site so that you can exploit that vulnerability to gain access.
FOR EDUCATIONAL PURPOSE ONLY !
If you using BackTrack then it'll be much easier for you cause in BT w3af is already installed so lets get started !
For BackTrack users
Go to Application > BackTrack > Exploitation > Web Exploitation tools => w3af gui .
Click on w3af gui , a window will apear and there is your w3af.
For Windows
You have to install in manually if you using windows .
You can download it from HERE
When download is completed extract it and you'll find the installation file there. Install it
Using w3af
Now its time to use w3af , its pretty easy. When you start w3af you'll see a window like :
There is a Target text field , you have to enter the URL of the target website there . Below that there is a Plugin and Active tabs . After entering the URL of the website , you have to select the Scan type by selecting those plugins . More plugin you select , more will be the time to scan.
Select the Scan type and press the play button above .
Getting the results
When the scan is running or finished , you'll see a window like :
Can you see the lower right corner , there are 3 pointers with some signs and with numbers 2 0 0 . Those are vulnerabilities no. . If you get numbers on 2nd pointer then you'll have a high rate of success.
Now go to Results . There you'll find the result of the scan .
Above window is Exploits window , if you see anything on middle panel then the site is more vulnerable. Now when you have the vulnerabilities , you can exploit that according to your choice .
Guys plz comment and share and like .... thanks
Stay Tuned !!!!
aWw
ReplyDelete