Making Vulnerable Web-Applications: XXS, RCE, SQL Injection and Stored XSS ( + Buffer Overflow)
In this post I will write some simple vulnerable web applications in python3 and will show how to attack them. This is all for educational purposes and for complete beginners. So please don’t be too hard on me. 😉
As a first step I will create a basic web-application using twisted python web server (you can learn more about it in “Making simple Nmap SPA web GUI with Apache, AngularJS and Python Twisted“).
#Concept #bash #bufferoverflow #c #CentOS #Chromium #Debian #Firefox #GoogleChrome #MySQL #python #python3 #RCE #SQL #SQLinjection #StoredXSS #Ubuntu #XXS
Read more: https://avleonov.com/2018/11/29/making-vulnerable-web-applications-xxs-rce-sql-injection-and-stored-xss-buffer-overflow/
In this post I will write some simple vulnerable web applications in python3 and will show how to attack them. This is all for educational purposes and for complete beginners. So please don’t be too hard on me. 😉
As a first step I will create a basic web-application using twisted python web server (you can learn more about it in “Making simple Nmap SPA web GUI with Apache, AngularJS and Python Twisted“).
#Concept #bash #bufferoverflow #c #CentOS #Chromium #Debian #Firefox #GoogleChrome #MySQL #python #python3 #RCE #SQL #SQLinjection #StoredXSS #Ubuntu #XXS
Read more: https://avleonov.com/2018/11/29/making-vulnerable-web-applications-xxs-rce-sql-injection-and-stored-xss-buffer-overflow/
Open Positioner: my new project for tracking IT and security jobs
The idea of my new project is to retrieve the data from job-searching websites and provide better filtering, searching and visualization.
I think for the most people who read this, searching for a job in Internet is a pretty common activity. Even if you are not going to change job right now, it might be quite interesting to know what skills are currently the most valuable for your specialization and what is going on on the Global labor market.
#vacancy #python3 #openposition #HERE #H1B #folium #VulnerabilityManagement #OpenPositioner
Read more: https://avleonov.com/2019/02/04/open-positioner-my-new-project-for-tracking-it-and-security-jobs/
The idea of my new project is to retrieve the data from job-searching websites and provide better filtering, searching and visualization.
I think for the most people who read this, searching for a job in Internet is a pretty common activity. Even if you are not going to change job right now, it might be quite interesting to know what skills are currently the most valuable for your specialization and what is going on on the Global labor market.
#vacancy #python3 #openposition #HERE #H1B #folium #VulnerabilityManagement #OpenPositioner
Read more: https://avleonov.com/2019/02/04/open-positioner-my-new-project-for-tracking-it-and-security-jobs/
How to make Email Bot service in Python
First of all, why you may want to use such service? Despite the fact that currently there are so many different channels of communication (including various messaging apps), Email is still a default and universal way to do it.
* Literally every enterprise service supports #email notifications, even if it’s #integration capabilities are rather limited. So, with Email Bot you can automatically process such notifications.
* Email is good, simple, reliable and familiar way to communicate with humans. Send an #email – get response. Everyone can do it. So, #email #bot can make basic routine operations, like organizing the external meetings, pretty much like a human secretary.
* It’s easier to code Email #bot than any other interface, and the code can be reused for other communication channels, for example messaging apps.
I get #email messages from IMAP server in python3 using #easyimap module.
#systemd #smtp #python3 #python #MIME #integration #imap #email #easyimap #cron #bot #API
Read more: https://avleonov.com/2019/02/18/how-to-make-email-bot-service-in-python/
First of all, why you may want to use such service? Despite the fact that currently there are so many different channels of communication (including various messaging apps), Email is still a default and universal way to do it.
* Literally every enterprise service supports #email notifications, even if it’s #integration capabilities are rather limited. So, with Email Bot you can automatically process such notifications.
* Email is good, simple, reliable and familiar way to communicate with humans. Send an #email – get response. Everyone can do it. So, #email #bot can make basic routine operations, like organizing the external meetings, pretty much like a human secretary.
* It’s easier to code Email #bot than any other interface, and the code can be reused for other communication channels, for example messaging apps.
I get #email messages from IMAP server in python3 using #easyimap module.
#systemd #smtp #python3 #python #MIME #integration #imap #email #easyimap #cron #bot #API
Read more: https://avleonov.com/2019/02/18/how-to-make-email-bot-service-in-python/
I spent a lot of time last week working with the new API of Kaspersky Security Center 11. KSC is the administration console for Kaspersky Endpoint Protection products. And it has some pretty interesting features besides the antivirus/antimalware, for example, vulnerability and patch management. So, the possible integrations with other security systems might be quite useful.
A fully functional API was firstly presented in this latest version of KSC. It’s is documented pretty well, but in some strange way. In fact, the documentation is one huge .chm file that lists the classes, methods of these classes and data structures with brief descriptions. It’s not a cookbook that gives a solution for the problem. In fact, you will need to guess which methods of which classes should be used to solve your particular task.
For the first task, I decided to export the versions of Kaspersky products installed on the hosts. It is useful to control the endpoint protection process: whether all the necessary agents and products were installed on the hosts or not (and why not). So, see the python code with my comments in my blog. 😉
#API #EndpointProtection #Kaspersky #KSC #KSC11 #python #python3
A fully functional API was firstly presented in this latest version of KSC. It’s is documented pretty well, but in some strange way. In fact, the documentation is one huge .chm file that lists the classes, methods of these classes and data structures with brief descriptions. It’s not a cookbook that gives a solution for the problem. In fact, you will need to guess which methods of which classes should be used to solve your particular task.
For the first task, I decided to export the versions of Kaspersky products installed on the hosts. It is useful to control the endpoint protection process: whether all the necessary agents and products were installed on the hosts or not (and why not). So, see the python code with my comments in my blog. 😉
#API #EndpointProtection #Kaspersky #KSC #KSC11 #python #python3
Alexander V. Leonov
Kaspersky Security Center 11 API: getting information about hosts and installed products
Kaspersky Security Center 11 API: getting information about hosts and installed products. I spent a lot of time last week working with the new API of Kaspersky Security Center 11. KSC is the administration console for Kaspersky Endpoint Protection products.
I recently figured out how to work with Microsoft Active Directory using Python 3. I wanted to get a hierarchy of Organizational Units (OUs) and all the network hosts associated with these OUs to search for possible anomalies.
Some code examples are in my blog: https://avleonov.com/2019/08/12/how-to-get-the-organization-units-ou-and-hosts-from-microsoft-active-directory-using-python-ldap3/
#API #AssetManagement #ActiveDirectory #AD #BeyondTrust #LDAP #ldap3 #Microsoft #MicrosoftADExplorer #OU #PowerShell #python #python3
Some code examples are in my blog: https://avleonov.com/2019/08/12/how-to-get-the-organization-units-ou-and-hosts-from-microsoft-active-directory-using-python-ldap3/
#API #AssetManagement #ActiveDirectory #AD #BeyondTrust #LDAP #ldap3 #Microsoft #MicrosoftADExplorer #OU #PowerShell #python #python3
I decided to publish my simple console Password Manager. I called it barapass (github). I've been using It for quite some time in Linux and in Windows (in WSL). Probably it will also work natively in Windows and MacOS with minimal fixes, but I haven’t tried it yet.
I've also described in my blog:
* Why do people use password managers?
* How to use barapass? (installation, encrypting and decrypting files, earching in encrypted file)
* Is it safe to copy passwords to clipboard?
Read here: https://avleonov.com/2019/09/17/barapass-console-password-manager/
#barapass #concept #AES #CLI #crypto #Linux #password #python #python3 #WSL #xclip
I've also described in my blog:
* Why do people use password managers?
* How to use barapass? (installation, encrypting and decrypting files, earching in encrypted file)
* Is it safe to copy passwords to clipboard?
Read here: https://avleonov.com/2019/09/17/barapass-console-password-manager/
#barapass #concept #AES #CLI #crypto #Linux #password #python #python3 #WSL #xclip
A small update on #Zbrunk. First of all, I created a new API call that returns a list of object types in the database and number of this types for a certain period of time. Without it, debugging was rather inconvenient.
$ curl -k https://127.0.0.1:8088/services/searcher -d '{"get_types":"True", "search": {"time":{"from":"1471613579","to":"1471613580"}}, "output_mode": "json", "max_count":"10000000", "auth_token":"8DEE8A67-7700-4BA7-8CBF-4B917CE23512"}'
{"results": ["test_event"], "results_count": 1, "all_results_count": 0, "text": "Types found", "code": 0}
I also added some examples of working with Zbrunk http API from #python3. Rewriting them from pure curl was not so trivial. 😅 Flask is rather moody, so I had to abandon the idea of making requests exactly the same as in Splunk. 😓 But the differences are cosmetic. It is now assumed that events will be passed to collector in valid json (not as a file with json events separated by '\n'). I also send all params of requests as json, not data. But for the compatibility reasons previous curl examples will also work. 😉GitHub
zbrunk/tests/zbrunk_examples.py at master · leonov-av/zbrunk
Universal data analysis system. Contribute to leonov-av/zbrunk development by creating an account on GitHub.
Media is too big
VIEW IN TELEGRAM
This will be an update to my post from 2017. In that post, I presented a small python script that parses Nessus XML reports and returns a dictionary with all the data. It worked pretty well for me until the most recent moment when I needed to get compliance data from Nessus scan reports, and it failed. So I researched how this information is stored in a file, changed my script a bit, and now I want to share it with you.
This video on YouTube
#Video #VulnerabilityManagement #etree #lxml #Nessus #python #python3 #Tenable #TenableSecurityCenter #xml
This video on YouTube
#Video #VulnerabilityManagement #etree #lxml #Nessus #python #python3 #Tenable #TenableSecurityCenter #xml