Information Gathering

• Have you ever wondered what sort exposure an old email might have?
• Perhaps an employee, old or new, is using Facebook to discuss sensitive business information?
• Or maybe your just curious about your digital footprint across the internet?

We’ve got you covered! by using the latest open source techniques, methodology and software, with just a few pieces of identifiable information were able to offer you a complete picture. From correlations with forgotten accounts, to places you’ve forgotten you used. it’s always worth knowing.

Network Penetration Test

With network security being an over looked issue among many businesses, it’s often the golden bullet for malicious attackers. when everything from Wi-Fi to physical network devices can be incorrectly configured, it’s hard to ignore the chills.

That is why having an all in one place information management system is good for business’ in keeping information secure.

We provide peace of mind, either at home, on site or anywhere else of your choosing. We’ll figure out your weak spots, patch them up, and away you go!

What is HTTPS/SSL?

HyperText Transfer Protocol Secure is the communication between the browser and web server. HTTPS encrypts the communication between your browser and the webserver so that the data you transmit remains secure from external sources (ie your neighbour or the government). HTTPS indicates the websites authenticity and can be recognised by the green lock icon in the address bar.

HTTPS uses the protocol Secure Sockets Layer (SSL) to achieve this. HTTPS and SSL have different meanings but most people in the SEO industry will use the words interchangeably as they effectively mean the same thing.

If you don’t have a domain name yet or thinking about changing your domain, please read this guide on how to choose a domain name.

Why use HTTPS?

Because Google says so! Google has officially declared that https is one of the 200+ ranking signals used for determining a site’s Search Engine Ranking Position. How much of a factor it is as a ranking signal is the big question. It certainly doesn’t weigh as much as quality backlinks or good on-site optimisation but every little helps, according to Moz.com search engine ranking factors for 2015, there is a correlation between higher website ranking and https.

Another important reason to use https aside from the SEO benefits is because it is due to be the industry standard in the future, and browsers are looking to display website address lacking https with a red X so that it appears broken and unsecure to users. This of course affects user experience, bounce rate and indirectly SEO.

HTTPS Setup and the Cost

I guess the biggest reason why people aren’t jumping at the chance of using https if it has additional benefits is because of cost and expertise required to set it up. The cost will typically set you back $100 a year and over $1000 for the more expensive certificates.

Setting up https/SSL does require some server and webmaster knowledge. Many hosting providers offer the service to set it up for free or with additional cost if you purchase the SSL certificate from them. I hear Hostingstep has some awesome coupon deals you could try out. If you are looking to set it up yourself, then make sure you do it correctly and have the following:

• Make sure the url is working – so https://via.vision works and the website can be viewed. This is obvious but many people set up their https whilst unable to visit their https address!
• Redirect all address to the canonical address which is the https version, for example http://graftene.co.uk should redirect to https://via.vision.
• Use 301 permanent redirect, not 302 temporary redirect.

The above tips will make sure you don’t lose any SEO points for attempting to use https on your website poorly.

Conclusion

The conclusion is that switching to HTTPS will have additional immediate benefits in the form of better security and hitting one of Googles ranking signals for SEO, as well as long term benefits as Google intends for all websites in the future to use https. So why not get in there sooner rather than later?

The obvious drawback is the cost and the sheer hassle of setting it up. You would first need to purchase a certificate from $0-$1000, and then configure your website and server to set it up. After that you would need SEO knowledge to make sure your new website address with the https does not affect your site ranking negatively. You can do this by following the best practices for setup mentioned above.

If you’ve recently switched to HTTPS or are thinking about it, let us know about your experience or if you have any questions post in the comments below.

If you’re still confused then our good friends at Blank are great technical seo consultants that may be able to help!

Good ol’ command execution

First Lesson: DVWA Lesson 1: Installing on Windows.

Now we have everything set up on our Windows machine, we can finally begin we some fun! Login in with the password set during the previous lesson, and head towards the ‘DVWA Security’ tab on the bottom left hand side. Continue by setting the ‘Script Security’ level to ‘Low’, and clicking ‘submit’.

If you’ve installed DVWA on Windows or Linux, keep in mind which when executing commands!

Head over towards the ‘Command Execution’ tab:

• Try entering ‘192.168.1.1’, what happens?
• Are you able to execute any other commands?
• No? Time to read the source, located at: DVWA-1.0.8/vulnerabilities/exec/source/low.php

<?php

if( isset( $_POST[ 'submit' ] ) ) {

$target = $_REQUEST[ 'ip' ];

// Determine OS and execute the ping command.
if (stristr(php_uname('s'), 'Windows NT')) {

$cmd = shell_exec( 'ping ' . $target );
$html .= '<pre>'.$cmd.'</pre>';

} else {

$cmd = shell_exec( 'ping -c 3 ' . $target );
$html .= '<pre>'.$cmd.'</pre>';

}

?>

As we can see, the $target variable contains our user input. Fortunately for us it’s not being sanitized when passed to the shell_exec function. Allowing for our commands to cause malicious behaviour. As we’re hosting DVWA on a Windows Operating System we’re able to run commands consecutively by using ‘&’ in-between each one.

Try out the commands bellow, or your own, if you feel confident in a Windows Terminal environment.

Examples

• “127.0.0.1 & tasklist” – List the hosts current processes
• “127.0.0.1 & netstat -a”- Gives us the current ports opened on the host

Further reading

• Stack Overflow Post
  Code Injection

Damn vulnerable what?!

DVWA (Damn Vulnerable Web App) was made by security professionals, for researchers and enthusiasts to practice and learn different types of vulnerabilities in relation to web applications which can also be used for other things such as software activation keys. Before continuing it must be stressed that the testing of DVWA should be done on an isolated host with either VMware or Virtual Box, separated by a Host-only connection. This is for your safety, not doing so could lead to the compromise of your system. You can store the files on an external hard drive or a USB drive. You can purchase USB drives online from Amazon.

Software:

• Xampp – Download
• DVWA – Download
• VMware Player – Download

Further reading:

• Host-Only Networking
• Difference Between NAT/Bridged/Host-Only
• Understanding NAT

WARNING: THIS IS FOR EDUCATIONAL PURPOSES ONLY!

• Firstly install Xampp for windows. Then continue on by opening up the Xampp Control Panel, either placed on your desktop, Program files or already started on the bottom left of the screen. Lastly, start your MySQL and Apache services.

• Extract the dvwa folder to this location C:\xampp\htdocs\dvwa. We now open our webrowser and enter ‘localhost/dvwa’ (127.0.0.1/dvwa) into the url bar. If we are presented with a mysql.error() that means the database was unable to be created, but easily fixed in step 3.

• Go on over to C:\xampp\htdocs\dvwa\config\config.inc.php and use your favourite editor to open the file, scroll down to line 20. We now enter the default PHPMyAdmin, in the db_password field, replacing the current one with nothing. Leaving it empty (no spaces)

• Jump to your browser and go to 127.0.0.1/dvwa/setup.php, and click ‘create Database’ Then go to localhost/dvwa/login.php and enter your user name ‘admin’ and password ‘password’.

Next Lesson: DVWA Lesson 2: Command execution Low