DOMAIN CENTRIC SECURITY

ASSIGNMENT-1
WEB BASED VULNERABILITIES

B.MEGHANA,
121006099,
3RD YEAR,
EIE-B SECTION.
 Domain Centric security- ASSIGNMENT-1

Report on web based vulnerabilities using ACUNETIX tool version 7

® What is ACUNETIX ?

 Acunetix is a tool which is used to find the web based vulnerabilities.

 Acunetix Web Vulnerability Scanner is an automated web application security
testing tool that audits your web applications by checking for vulnerabilities like
SQL Injection, Cross site scripting, and other exploitable vulnerabilities.
 It contains many modules which will help the user to find all the vulnerabilities.
®INSTALLATION

 Acunetix tool is available in various versions . We are using the version 7 acunetix tool which
is a 32 bit .
 The tool requires licence in order to save the scan reports in the computer .
 We can only perform the scanning of URL’s and can know the threats but cannot save them.
 It is available to everyone. This can be downloaded from the below link
 https://acunetix-web-vulnerability-
scanner.software.informer.com/download/#downloading
 Once the executable file is downloaded we need to setup the software in the system’

STEP 1:
STEP 2: Accept the agreement

STEP 3: Select the folder in which you need the software to be installed.
STEP 4: Create an icon on the desktop.

STEP 5: Install the software.

STEP 6: Click finish to install the software .

 In this way we can install and setup the Acunetix tool.

®WORKING OF ACUNETIX

 As mentioned earlier there are many modules present in the software.

 When the too is opened you can find all the modules in the task bars.
 When we need to scan a website new scan should be clicked which will open the URL setting
up window as shown below.

 There are many tools present in it like site crawler, target finder, domain scanner, blind SQL
injector, HTTP sniffer, HTTP editor, HTTP fuzzer , Auth tester, compare results.
 It also provides web services like web service scanner, webs service editor.

 It contains the configuration settings and scanning profiles.

 It also has some general settings as shown below.

®SCANNING OF URL’S USING ACUNETIX:

SCAN 1: Knowafest.com
 As mentioned above for performing a scan we need to click on the new scan and setup the
URL.
 The procedure that we need to follow for setting up the URL is as follows

STEP 1: Enter the URL of the website.

STEP 2: The information about the target is displayed and we can select the additional information
about the website like on what language is the website script was written.

STEP 3: Now we need to select crawling options .

 Site crawling means scans a website and collect details about each page: titles,
images, keywords, other linked pages, etc. It also discovers updated content on the
web, such as new sites or pages, changes to existing sites and dead links.

STEP 4: Next step is that we need to select the scan options .By default the profile will be set to XSS
which means CROSS SITE SCRIPTING.

 Here we need to select the kind of scan which we need to perform. Usually we prefer a quick
scan process. The other kinds of scans are heuristic and extensive scans.
  The differences between these three scans are as follows.

QUICK SCAN HEURISTIC SCAN EXTENSIVE SCAN

1. Takes less time to 1 .Time taken by this scan is 1.Takes more time to
complete the scan. more than quick scan. complete the scan.
2. only scans for critical 2. It is used as an efficient 2 .It is used for knowing all
vulnerabilities way of reducing false kind of vulnerabilities
positives. present.
3 .This is based on signatures. 3 .It is not a signature based 3 .It is also based on the
scan. signatures.
 The selection of scan type is as follows.

STEP 5: The new login sequence should be recorded.

STEP 6: The detection of URL.

STEP 7: The login action has to be recorded.

STEP 8: The pattern should be detected.

STEP 9: Review of login sequence.

STEP 10: The login sequence is recorded successfully .

STEP 11: Check whether the target is created or not.

 Click FINISH ,if the target is found .

 Now the scan process starts and when the scan is finished the threat level and the
vulnerabilities present are displayed as shown below.

 And the vulnerabilities are as follows.

 So in this way the vulnerabilities are present.
 The modules in which these vulnerabilities are present are as follows:
 http://knowafest.com/assests9/include.
 http://knowafest.com/assests9/vendor/hs-megamenu/src
 http://knowafest.com/assests9/vendor/table-edits/src
 http://knowafest.com/assests9/college-fests/files.
 http://knowafest.com/assests9/college-fests/config.
 http://knowafest.com/assests9/college-fests/database.
 http://knowafest.com/assests9/college-fests/tests.I
 http://knowafest.com/assests9/college-fests/web.config.
 http://knowafest.com/assests9/college-fests/events.
 http://knowafest.com/index.html
 So in these modules the vulnerabilities are present .The details about about the kind of
vulnerabilities are present in the above shown pictures.
 In the above scan results we can find 8 vulnerabilities which are considered as the low level
ones. These threats cause loss of data present in the site. The remaining two vulnerabilities
are not considered as threat but are stated for information purpose.

 In the similar way now we shall proceed for another two websites and at last compare the
threats.

SCAN 2: Orchid.myspecies.info
 The steps stated above are same for any website URL.
 So ,the scan results for this website are as follows:
 For this website we have got 19 threats .
 Of these 19 threats, 16 threats are rated as medium level threats and 3 threats are based on
information about the website.

SCAN 3:milk.com

 The results are as follows :

 There are a total of 8 threats out of which 6 threats are rated as high and 2 threats are rated
as medium level threats.
 This site has the vulnerability of XSS- CROSS SITE SCRIPTING.
 ®COMPARING OF SCANS:

 The first website which we scanned has the low threat level when compared to other two
websites.
 The last website milk.com has a vulnerability of cross site scripting ,which is considered as
the profile of our scan.

®ENCODING AND DECODING OF URL’s:

 Concept of URL encoding:

 Encoding scheme that converts binary data into text format so that encoding textual
data can be easily transported over network un-corrupted and without any data loss.
 So, in order to encode the URL’s we are going to use a website called base64.guru
in which we can encode as well as decode the URL’s.
 The URL that has to be encoded is milk.com
 So the encoded base64 URL using ACUNETIX tool is as follows:

 “bWlsay5jb20=”
 Now let us try decoding the generated encoded URL using the base64.guru and
check whether we are getting the same URL back or not.
 So ,after decoded the text which we got is as follows:

 As we can see ,we have got the same URL .

 In this way the URL coding and encoding happens.

®MANIPULATION OF HTTP HEADER INFORMATION:

 We can manipulate the header information using the tool ACUNETIX.

 It is done as follows:

 So, in this way acunetix can be not only used for web vulnerability scanning but also for URL
encoding, decoding and also for manipulation of header information.