Achilles
Achilles is one of the most unstable but
remarkably powerful Web hacking tools available for Windows. It acts like a Web
proxy, capturing information being sent back to the Web server and then
allowing the user to manipulate that information and send it to the server. This
ability to modify on the fly what the user's browser is sending to the Web
server allows an attacker to attempt various nefarious attempts, including SQL
injection and impersonation.
Achilles contains the following features:
Proxy server (port configurable)
HTTP and SSL interception
Insert/alter data in HTTP stream
Recalculation of the required HTTP fields
Buffer overflow testing
Log of HTTP and SSL sessions
The main features that we demonstrate here
are HTTP and SSL interception and altering of data�by far the largest
components of Achilles.
of data
To use Achilles, we must start the application and then check
these options:
Intercept Mode ON
Intercept Client Data
Once we have selected them, we simply hit the Start button.
But before we can use Achilles to proxy our connections through to the Internet
and the Web site being tested, we must configure our Internet browser to use
the Achilles proxy server. By default, the Achilles proxy runs on port 5000, so
to enable our Internet Explorer browser to use this port for proxying, we
follow these steps:
1.
From the menu, select Tools->Internet Options.
2.
3.
4.
group.
5.
6.
you setup Achilles for).
Once we've set up the browser, we begin surfing the Web
through Achilles and observe every request sent to the target server. For
example,
made to the target and displays the header fields.
of a GET request
We've sent a GET request to the target Web
server, and Achilles has intercepted it. Now we must hit the Send button at the
bottom left to send the request as it is in the window to the target Web
server. If we wanted to modify the window in any way, we would simply change
the information in it and then hit Send.
In addition to client data interception,
Achilles also offers the ability to capture server data. We just click in the
Intercept Server Data(text) checkbox and make a request of the server. Not only
does the client's request get intercepted, but so too does the server's reply. The
server's response isn't critical to Web assessment, but it can be helpful in
understanding the cookies being set and general state management attempts made
by the Web server.
Unfortunately, Achilles can't tell us which
part of the request or response we're viewing in the edit box. In other words,
what we see in the edit box may be a request sent from our browser to the Web
server or a response from the Web server to our browser. An understanding of
this sequence (as detailed in
essential to effective Achilles use.
An example of Achilles in action is presented
next, in conjunction with Cookie Pal. For more information on
impersonation, see
No comments:
Post a Comment