Web
Tools
-
BurpSuite
-
Web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.
-
Cyberchef.io
-
Dirsearch/dirb
Alternatives: ffuf, feroxbuster
Common Attacks
- SQL Injection
- Cross-Site Scripting (XSS)
- Directory Traversal
- Cross-Site Request Forgert (CSRF)
- Command Injection
- Server-Side Request Forgery (SSRF)
Practice Platforms
- DVWA - Damn Vulnerable Web App
- OWASP Juice Shop
- OWASP crAPI (Completely ridiculous API)
- HackTheBox - Web Challenges
Walkthrough
-
/api/modbus
requests in Burp have base64 data in raw. -
"the length points towards a block cipher, next step is to look at the wasm to find a key to decrypt comms"
-
"That's a disassembly of the wasm right? Could you look at the raw wasm and search for strings?" > "securepassword"
The 32 byte messages look like they're encrypted. If you look more into the wasm you can also find that it uses AES libraries