178 lines
4.1 KiB
Markdown
178 lines
4.1 KiB
Markdown
# CodePress CMS Penetration Test Suite
|
|
|
|
## 🔒 Overview
|
|
Comprehensive security testing script voor CodePress CMS. Test 10 kritieke attack vectors met 40+ individuele tests.
|
|
|
|
## ⚠️ WAARSCHUWING
|
|
**Gebruik dit script ALLEEN op systemen waar je toestemming voor hebt!**
|
|
Ongeautoriseerde penetration testing is illegaal.
|
|
|
|
## 📋 Test Categorieën
|
|
|
|
### 1. **XSS (Cross-Site Scripting)**
|
|
- Page parameter injection
|
|
- Search parameter injection
|
|
- Language parameter injection
|
|
- HTML entity encoding
|
|
- SVG/IMG tag injection
|
|
|
|
### 2. **Path Traversal**
|
|
- Basic `../` attacks
|
|
- URL encoding bypass
|
|
- Double encoding
|
|
- Backslash variants
|
|
- Mixed separators
|
|
- Config file access
|
|
|
|
### 3. **PHP Code Injection**
|
|
- PHP wrapper attacks
|
|
- Data URI execution
|
|
- Expect wrapper exploitation
|
|
|
|
### 4. **Null Byte Injection**
|
|
- Null byte in parameters
|
|
- Extension bypass attempts
|
|
|
|
### 5. **Command Injection**
|
|
- Shell command injection in search
|
|
- Backtick command execution
|
|
- Pipe operator injection
|
|
|
|
### 6. **Template Injection**
|
|
- Mustache SSTI (Server-Side Template Injection)
|
|
- Config disclosure via templates
|
|
|
|
### 7. **HTTP Header Injection**
|
|
- CRLF injection
|
|
- Header manipulation
|
|
|
|
### 8. **Information Disclosure**
|
|
- PHP version leakage
|
|
- Directory listing
|
|
- Config file exposure
|
|
- Dependency disclosure
|
|
|
|
### 9. **Security Headers**
|
|
- X-Frame-Options
|
|
- Content-Security-Policy
|
|
- X-Content-Type-Options
|
|
- Referrer-Policy
|
|
|
|
### 10. **Denial of Service (DoS)**
|
|
- Large parameter attacks
|
|
- Resource exhaustion
|
|
|
|
## 🚀 Gebruik
|
|
|
|
### Vereisten
|
|
- bash
|
|
- curl
|
|
- python3 (voor lange strings)
|
|
- Lopende CodePress CMS instance
|
|
|
|
### Uitvoeren
|
|
|
|
```bash
|
|
# Start de server
|
|
php -S localhost:8080 -t public
|
|
|
|
# In een andere terminal
|
|
./pentest.sh
|
|
```
|
|
|
|
### Output
|
|
|
|
Het script genereert:
|
|
1. **Console output** - Real-time test resultaten met kleuren
|
|
2. **pentest_results.txt** - Gedetailleerd rapport
|
|
|
|
### Resultaat Codes
|
|
|
|
- 🟢 **[SAFE]** - Aanval geblokkeerd ✅
|
|
- 🔴 **[VULNERABLE]** - Kwetsbaarheid gevonden ❌
|
|
- 🟡 **[POTENTIAL]** - Mogelijk kwetsbaar ⚠️
|
|
- 🟡 **[UNKNOWN]** - Onverwachte response ⚠️
|
|
|
|
## 📊 Voorbeeld Output
|
|
|
|
```
|
|
========================================
|
|
1. XSS VULNERABILITY TESTS
|
|
========================================
|
|
|
|
Testing: XSS in page parameter...[SAFE] ✅
|
|
Testing: XSS in search parameter...[SAFE] ✅
|
|
Testing: XSS in lang parameter...[SAFE] ✅
|
|
|
|
========================================
|
|
PENETRATION TEST SUMMARY
|
|
========================================
|
|
|
|
Total tests: 40
|
|
Vulnerabilities found: 0
|
|
Safe tests: 40
|
|
|
|
✅ All tests passed! System appears secure.
|
|
```
|
|
|
|
## 🛡️ Verwachte Resultaten
|
|
|
|
CodePress CMS zou **ALLE** tests moeten doorstaan:
|
|
|
|
| Categorie | Verwacht Resultaat |
|
|
|-----------|-------------------|
|
|
| XSS | ✅ Blocked |
|
|
| Path Traversal | ✅ Blocked |
|
|
| PHP Injection | ✅ Blocked |
|
|
| Command Injection | ✅ Blocked |
|
|
| Template Injection | ✅ Blocked |
|
|
| Security Headers | ✅ Present |
|
|
| Info Disclosure | ✅ Hidden |
|
|
|
|
## 🔧 Aanpassen
|
|
|
|
### Target wijzigen
|
|
```bash
|
|
# Bewerk bovenaan pentest.sh
|
|
TARGET="http://your-domain.com"
|
|
```
|
|
|
|
### Tests toevoegen
|
|
```bash
|
|
test_vulnerability \
|
|
"Jouw test naam" \
|
|
"$TARGET/?param=payload" \
|
|
"search_pattern" \
|
|
"true" # true = vulnerable if found
|
|
```
|
|
|
|
## 📚 OWASP Top 10 Coverage
|
|
|
|
- ✅ A01:2021 - Broken Access Control
|
|
- ✅ A02:2021 - Cryptographic Failures
|
|
- ✅ A03:2021 - Injection
|
|
- ✅ A05:2021 - Security Misconfiguration
|
|
- ✅ A06:2021 - Vulnerable Components
|
|
- ✅ A07:2021 - Authentication Failures
|
|
|
|
## 🐛 Gevonden Vulnerability?
|
|
|
|
1. Stop met testen
|
|
2. Documenteer de vulnerability in `pentest_results.txt`
|
|
3. Fix de code
|
|
4. Run de test opnieuw
|
|
5. Commit NIET de vulnerability voor de fix klaar is
|
|
|
|
## 📝 Licentie
|
|
|
|
Deel van CodePress CMS - Gebruik alleen voor security testing van eigen systemen.
|
|
|
|
## 🔗 Meer Informatie
|
|
|
|
- [OWASP Testing Guide](https://owasp.org/www-project-web-security-testing-guide/)
|
|
- [OWASP Top 10](https://owasp.org/www-project-top-ten/)
|
|
- [Web Application Penetration Testing](https://portswigger.net/web-security)
|
|
|
|
---
|
|
|
|
**Remember:** Ethical hacking = Permission + Documentation + Responsible Disclosure |