--- A single Vulnerability in web server configuration may lead to security breach on websites
--- Attacker can exploit poor configured web server web server with known vulnerabilities to compromise web application
--- We perform Web Server Security Reconnaisance
--- Detect unpatched security flaws like Shellshock bug and Crack remote passwords
1. Performing Web Server Reconnaissance using Skipfish
--- It is perform recursive crawl and dictionary based probes in applications
Tool : Skipfish (Linux)
---> Open a terminal and type
# skipfish -o /root/test -S /usr/share/skipfish/dictionaries/complete.wl http://[address of website]:8080
---> It is perform heavy brute force attack on webserver using complete.wl dictionary file and file save in root folder as index.html
---> It takes very time to complete the scan
---> Show trace next to URL to exmine vulnerability in details
2. Footprinting a Web Server Using the httprecon Tool
--- It is performs banner grabbing atttacks , status code enumeration and header ordering analysis on web server
Tool : httprecon (windows)
---> Install the application
---> Target section choose http:// [address of the URL]:8080/ceh and click the Analyze the website
---> We analyze the result for example we found apche version 2.4.7 so attacker take advantage of vulnerability
3. Footprinting a Web Server Using ID Serve
--- Use the ID serve tool
--- Get a webserver footprint
Tool : ID Serve (windows)
---> Install the ID Serve application
---> Click the Server Query and enter URL you want to footprint then click the Query the server to start recon website
---> We have obtaining the information
4. Cracking FTP Credentials Using Dictionary Attack
--- Perform nmap scan to find whether ftp port is open
--- Perform a dictionary attack using hydra
Tool : Nmap and Hydra (Linux)
---> Open a linux terminal to perform nmap scan
# nmap -p 21 [ip address] --- check port 21 is open or not
---> If FTP port is open then type
# ftp [ip address of host]
---> In new terminal
# hydra -L path of Usernames.txt -P path of Password.txt ftp://[ip address]
---> Login with FTP server with getting a credentials we can create directory and files
5. Uniscan Web Server Fingerprinting in Kali Linux
Tool : uniscan
# uniscan -h
# uniscan -u http://ip address/ceh -q --- Scan for directories
# uniscan -u http://ip address/ceh -we --- robots.txt and sitemap.xml use with -w -e
# uniscan -u http://ip address/ceh -d -- for dynamic testing /scan
