Module 08: Web Application Penetration Testing Methodology 2

Exercise 2: Web Application Vulnerability Assessment Using Vega

Scenario

Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help to find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information and other vulnerabilities. It is written in Java, GUI based and runs on Linux, OS X, and Windows. Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS, SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript.

The objective of this lab is to help students to learn how to:

• Use Vega and perform Web Application Vulnerability Assessment
• Generate reports and examine them

Lab Duration: 20 Minutes

1. Click Kali Linux (External Network).
   If the Kali Linux lock screen appears, click on the screen and press Enter. If it does not appear, skip to the next task.
   
2. Type root in the Username field and click Next.
   
3. Type toor in the password field and click Sign In.
   
4. Navigate to Applications --> 03 - Web Application Analysis and click Vega as shown in the screenshot.
   
5. Vega vulnerability scanner main window appears as shown in the below screenshot.
   
6. Click Scan from the menu bar and select Start New Scan.
   
7. Select a Scan Target Wizard appears on the screen. Select Enter a base URL for scan radio button under Scan Target section, enter the target URL in the text field and click Next.
   The target in this lab is luxurytreats, so the URL we enter is www.luxurytreats.com.
   
8. Select Modules section appears, check both Injection Modules and Response Processing Modules options.
   By checking these options, all the modules under these options will be selected.
   Click Finish.
   
9. Authentication Options window appears. Leave the options set to default and click Finish.
   
10. Vega scanner begins to perform a vulnerability assessment on the target website and lists down the Scan Alert Summary. Wait until the scanning is completed.
    
11. On completion of the scan, vega displays the scan alert summary, as shown in the screenshot.
    
12. To view the scan alerts, expand the following nodes under Scan Alerts section.
    Node containing the data and time --> http://luxurytreats.com --> High --> Cross Site Scripting (3) and click Contactus.aspx.
    This displays the vulnerabilities associated with the selected node under the Scan Info section in the right pane as shown in the screenshot.
    

    This is a screenshot for XSS Vulnerability present in the scanned website. We will be demonstrating how to exploit this vulnerability in the next exercise.

    
13. In the same way, you can expand SQL Injection (http://www.luxurytreats.com/) node to view information regarding the selected SQL Injection vulnerability.
    

    This is a screenshot for SQL Injection Vulnerability present in the scanned website. We will be demonstrating how to exploit this vulnerability in the next exercise.

    
14. Click on REQUEST content in the right-pane.
    
15. You will be redirected to Requests tab.
    In the bottom of the right-pane, click on Requesttab to view the request content as shown in the screenshot.
    Select and copy the complete content.
    
16. Minimize the Vega application. Open a new text file and paste the copied POST request.
    
17. Ensure that all the unwanted spaces and new line entries are removed i.e., the complete request content should be continuous.
    

    You can maximize Vega application and compare the content with the vega request and remove the new line entries from the request content.

    
18. Click File --> Save in the text editor.
    
19. Save As window appears. Enter the Name as SQL Injection Request and click Save. Ensure to save the file on the Desktop.
    
20. SQL Injection Request file will appear on your Desktop. This file will be used in next exercise for performing SQL Injection attack. Close all the opened windows.
    

    You will be using the scan result in the next exercise. So, do not close the Vega application.

    

In this lab, you have learned how to:

• Use and perform Web Application Vulnerability Assessment through Vega
• Generate reports and examine them