Module 08: Web Application Penetration Testing Methodology 1

Exercise 1: Gathering Information About a Target Using WhatWeb

Scenario

WhatWeb identifies websites. It recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.
The objective of this lab is to help students learn how to:
Identify the target website technologies
Perform aggressive scans
Log output in an xml format

Lab Duration: 10 Minutes

1. Click Kali Linux (External Network).
   If Kali Linux lock screen appears, click on the screen and press Enter. If it does not appear, skip to the next task.
   
2. Type root in the Username field and click Next.
   
3. Type toor in the Password field and click Unlock.
   
4. Launch a command line terminal from the taskbar, type whatweb and press Enter. It displays the list of commands used by whatweb.
   
5. Assume www.luxurytreats.com is the target website. In this lab, you will be performing website fingerprinting on this website.
   Type the command whatweb www.luxurytreats.com and press Enter.
   
6. whatweb returns the luxurytreats website infrastructure as shown in the screenshot.
   

   Ignore the warning messages.

   
7. Since the result returned by whatweb is difficult to analyze, you can apply verbosity so that whatweb arranges the result in a clear way.
   Type the command whatweb -v www.luxurytreats.com and press Enter.
   
8. WhatWeb re-arranges the result in a better understandable manner as shown in the screenshot.
   

   You may set WhatWeb in aggressivemode to obtain the version numbers of plugins used in the website.

   
9. You can export the result returned by WhatWeb. To export the result to a text file, type the command whatweb --log-verbose=luxurytreats_report www.luxurytreats.com and press Enter.
   This will generate a report with the name luxurytreats_report and saves this file in rootfolder.
   
10. Navigate to root folder to find the report containing the result. To open root folder, go to Places --> Computer and double-click rootfolder.
    
11. root folder appears, double-click luxurytreats_report.
    
12. The report appears in the text file as shown in the screenshot. Analyze the result to get an idea about the website infrastructure.
    
13. Close all the opened windows

In this lab, you have learned how to:

• Identify the target website technologies
• Perform aggressive scans
• Log output in an xml format