Dear Readers: HWS has recently started a new project for the students of engineering ====> The Engineering Projects


Write at HWS !!!

Guest Posting

Thursday, January 19, 2012

BACKTRACK 5 R1 : using w3af to scan website for vulns.





Hey guys , you might be disappointed from HWS because its been a long since we made any tutorial.
Actually Xeo is busy with his projects and me , well m having my SEMESTERS .
okay , i get many queries regarding how to hack a website .So first step should be gathering information and second step must be finding vulnerability in that site so that you can exploit that vulnerability to gain access.

FOR EDUCATIONAL PURPOSE ONLY !

If you using BackTrack then it'll be much easier for you cause in BT w3af is already installed so lets get started !

For BackTrack users


Go to Application > BackTrack > Exploitation > Web Exploitation tools => w3af gui .
Click on w3af gui , a window will apear and there is your w3af.



For Windows


You have to install in manually if you using windows .
You can download it from HERE
When download is completed extract it and you'll find the installation file there. Install it

Using w3af


Now its time to use w3af , its pretty easy. When you start w3af you'll see a window like :


There is a Target text field , you have to enter the URL of the target website there . Below that there is a Plugin and Active tabs . After entering the URL of the website , you have to select the Scan type by selecting those plugins . More plugin you select , more will be the time to scan.

Select the Scan type and press the play button above .

Getting the results


When the scan is running or finished , you'll see a window like :


Can you see the lower right corner , there are 3 pointers with some signs and with numbers 2 0 0 . Those are vulnerabilities no. . If you get numbers on 2nd pointer then you'll have a high rate of success.


Now go to Results . There you'll find the result of the scan .
Above window is Exploits window , if you see anything on middle panel then the site is more vulnerable. Now when you have the vulnerabilities , you can exploit that according to your choice .

Guys plz comment and share and like .... thanks
Stay Tuned !!!!


Copyright © 2011. All rights reserved by “Kumar Sourav" & "xeo hacker

About the Author

I am XEO Hacker, the founder of Hack With Style (HWS). I am blogging since 2009 before that I just search things and now I am sharing my knowledge through this plateform.I'm also a freelance writer on topics related to Website Hacking,Website Optimization (SEO), blogger customizations and making money online.
In 61 people's circles

Subscribe To Get FREE Tutorials!


Respected Readers:
As a 21 year old student, the only income I rely on is my pocket money. Bearing the running costs of HWS Blog has become really difficult. We educate thousands of bloggers a week with our tutorials. To help us go forward with the same spirit, a small contribution from your side will highly be appreciated.

11 comments:

hey bro i downloaded dt soft n d file type is BZ2 File

so how to open dt :/

hi,
do you know anything about tor-resolve? i installed the tor bundle on my w 7 computer and it works as advertised except for tor-resolve. when i try to use it, either from the gui or windows command line all i see is something flash on the screen and nothing else. can you help?
thanks,
patrick

I just wanted to leave a comment to say that I enjoy your blog. Looking at the number of comments, I see others feel the same way! Congratulations on a very popular blog.

Car finance Australia

I just wanted to leave a comment to say that I enjoy your blog. Looking at the number of comments, I see others feel the same way! Congratulations on a very popular blog.

Car finance balloon

Buon blog! Grazie mille per la condivisione di questo post. Le vostre opinioni veramente aprire la mia mente.

Good article! Thank you so much for sharing this post. Your views truly open my mind.

I wonder how you got so good. This is really a fascinating blog, lots of stuff that I can Get into. One thing I just want to say is that your Blog is so perfect!

This is a great blog post. Thank you very much for the fantastic insight and we really appreciate the time you took to write this. Thanks again. http://celabrightreviews.com

Confused? Feel free to ask

Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.
Note:-
Please do not spam Spam comments will be deleted immediately upon my review.

Regards,
XEO Hacker

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 

Recent Posts

Join Me On Facebook

700+ Followers

Followers


meet women in Ukraine contatore visite website counter
DMCA.com

Recent Comments

Follow Me On Twitter

1112+ Followers