Ratproxy is a tools use to scan the web vulnerable. The author of the ratproxy is Michal Zalewski, who is the famous greyhat in europe, the p0f also created by him as well.
The way of ratproxy works is act as proxy in between your browser and server. Then capture the all transaction from both sides. See below : -
browser --- ratproxy --- server
Requirement:
make the life easier, get a BT4. Then, boot the live CD will do
login = root password = toor
change directory to /pentest/web/ratproxy
root@bt:/#cd /pentest/web/ratproxy
make a directory for trace file create by ratproxy later root@bt:/pentest/web/ratproxy# mkdir /root/ratproxy
Then, run the ratproxy root@bt:/pentest/web/ratproxy# ./ratproxy -v /root/ratproxy/ -w e.log -d xxxxx.com.my -XCl2efxiscmg -p 8080 ratproxy version 1.58-beta by lcamtuf@google.com]lcamtuf@google.com Proxy configured successfully. Have fun, and please do not be evil. WARNING: Disruptive tests enabled. use with care. [+] Accepting connections on port 8080/tcp (local only)...
Simple explantion:
-v the directory i want to store the trace files
-w create a log file based on this project
-d xxxx.com.my is refer to my domain name
-p 8080 is the proxy port
for other parameters,please refer to http://code.google.com/p/ratproxy/wiki/RatproxyDoc
cause it is a bit longer
then, set up browser point to the proxy..Because i testing in my own box. So i use local host,port 8080 will do
go to that website,then login to that site。
after login you have to visit every single pages of this site.
for this example, i only visited for few pages
root@bt:/pentest/web/ratproxy# ./ratproxy -v /root/ratproxy/ -w e.log -d e-market.com.my -XCl2efxiscmg -p 8080
ratproxy version 1.58-beta by
lcamtuf@google.com]lcamtuf@google.com
Proxy configured successfully. Have fun, and please do not be evil.
WARNING: Disruptive tests enabled. use with care.
[+] Accepting connections on port 8080/tcp (local only)...
^C
back to this console, press CTRL+C to stop the ratproxy once you finish visit all the pages
Generate the html report
root@bt:/pentest/web/ratproxy# ./ratproxy-report.sh e.log > ratproxy_report.html
root@bt:/pentest/web/ratproxy# ls -lah ratproxy_report.html
-rw-r--r-- 1 root root 61K Jan 14 14:41 ratproxy_report.html
Then, open the browser to read the html report
see the screenshot, it can be categorized as few severity.
You can click the VIEW TRACE to see the whole process
also can click the EDIT to edit value。
look, the result of VIEW TRACE。
you can see the transaction from user browser to server
how is this tools ? coolz ??
this tool is used by Google as well.
No comments:
Post a Comment