当前位置:网站首页>入侵检测——WebCrack
入侵检测——WebCrack
2022-07-08 01:13:00 【lainwith】
介绍
WebCrack是一款web后台弱口令/万能密码批量检测工具,在工具中导入后台地址即可进行自动化检测。项目地址:https://github.com/yzddmr6/WebCrack
使用测试
就拿dvwa的登录页面来测试一下
明明都爆破出dvwa的默认密码了,最后结果却显示失败,只能说作者对于爆破成功的判断标准很有待提升。
一些啰嗦
关于弱口令的检测问题,并不是WebCrack的作者能力不足,而是这个东西确实不好做, Tide安全团队曾经也做过相关工具,评价是:
- web页面类型繁杂,很难准确获取并提交正确参数;
- 很多页面都有验证码,目前这个小脚本还没法自动识别验证码;
- 有些站点会因为访问频率过高触发防护会封ip或账户锁定;
- 为了平衡时间和效率,使用了比较简单的用户名和密码字典,所以稍微复杂的密码就破解不出来了。
相关文章参见:Web弱口令通用检测方法探究
但是吧,这个问题也不是完全无解,盛邦安全做了款弱口令检测系统(密码猎人RayHunter)
产品彩页:https://www.webray.com.cn/channel/RayHunter.html
产品介绍:https://mp.weixin.qq.com/s/3CldAw1Z4v41HR9BOfM21A
检测规则
在流量检测上,作者的出发点是好的,想搞个虚假ip,正因此有两处强特征,是如下两个位置,此外还有UA头,UA头只有两种类型。综上,此工具很容易被识别出来。
规则的设计上,我是很愿意把UA头加进入的,毕竟,准确率会高很多,再者说,谁家的产品还没有反爆破功能啊。
限制速率的规则可以再调调,我这里为了让snort告警,频率限制的比较松。
alert tcp any any -> any any (msg:"1"; flow:to_server; content:"POST"; http_method; content:"X-Forwarded-For"; nocase; http_header; content:"Client-IP"; nocase; http_header; content:"Referer|3a 20|http|3a 2f 2f|www.baidu.com|2f|"; nocase; http_header; fast_pattern; content:"User-Agent|3a 20 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 3b 20 55 3b 20 57 69 6e 64 6f 77 73 20 4e 54 20 35 2e 31 20 3b 20 78 36 34 3b 20 65 6e 2d 55 53 3b 20 72 76 3a 31 2e 39 2e 31 62 32 70 72 65 29 20 47 65 63 6b 6f 2f 32 30 30 38 31 30 32 36 20 46 69 72 65 66 6f 78 2f 33 2e 31 62 32 70 72 65|"; nocase; detection_filter:track by_src, count 3, seconds 5; metadata:service http; sid:1; rev:1;)
alert tcp any any -> any any (msg:"2"; flow:to_server; content:"POST"; http_method; content:"X-Forwarded-For"; nocase; http_header; content:"Client-IP"; nocase; http_header; content:"Referer|3a 20|http|3a 2f 2f|www.baidu.com|2f|"; nocase; http_header; fast_pattern; content:"User-Agent|3a 20 4f 70 65 72 61 2f 31 30 2e 36 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 35 2e 31 3b 20 55 3b 20 7a 68 2d 63 6e 29 20 50 72 65 73 74 6f 2f 32 2e 36 2e 33 30 20 56 65 72 73 69 6f 6e 2f 31 30 2e 36 30|"; nocase; detection_filter:track by_src, count 3, seconds 5; metadata:service http; sid:2; rev:1;)
边栏推荐
- Completion report of communication software development and Application
- JVM memory and garbage collection-3-runtime data area / method area
- 谈谈 SAP 系统的权限管控和事务记录功能的实现
- Dnn+yolo+flask reasoning (raspberry pie real-time streaming - including Yolo family bucket Series)
- BizDevOps与DevOps的关系
- Learn face detection from scratch: retinaface (including magic modified ghostnet+mbv2)
- Thread deadlock -- conditions for deadlock generation
- 需要思考的地方
- Discrimination gradient descent
- 入侵检测——jsql
猜你喜欢
JVM memory and garbage collection -4-string
CBAM for in-depth understanding of the attention mechanism in CV
入侵检测——Uniscan
Spock单元测试框架介绍及在美团优选的实践_第三章(void无返回值方法mock方式)
leetcode 866. Prime Palindrome | 866. 回文素数
How does the bull bear cycle and encryption evolve in the future? Look at Sequoia Capital
Ncnn+int8+yolov4 quantitative model and real-time reasoning
关于TXE和TC标志位的小知识
Ml self realization /knn/ classification / weightlessness
Semantic segmentation | learning record (3) FCN
随机推荐
Introduction to Microsoft ad super Foundation
1331:【例1-2】后缀表达式的值
JVM memory and garbage collection -4-string
Introduction to QT: video player
Semantic segmentation | learning record (3) FCN
leetcode 869. Reordered Power of 2 | 869. Reorder to a power of 2 (state compression)
Give some suggestions to friends who are just getting started or preparing to change careers as network engineers
Direct addition is more appropriate
Leetcode question brushing record | 485_ Maximum number of consecutive ones
For friends who are not fat at all, nature tells you the reason: it is a genetic mutation
image enhancement
UFS Power Management 介绍
Disk rust -- add a log to the program
mysql报错ORDER BY clause is not in SELECT list, references column ‘‘which is not in SELECT list解决方案
Ml self realization / linear regression / multivariable
leetcode 866. Prime Palindrome | 866. prime palindromes
Learn CV two loss function from scratch (1)
In depth analysis of ArrayList source code, from the most basic capacity expansion principle, to the magic iterator and fast fail mechanism, you have everything you want!!!
[knowledge map paper] Devine: a generative anti imitation learning framework for knowledge map reasoning
[knowledge map] interpretable recommendation based on knowledge map through deep reinforcement learning