Pown-Duct - Essential Tool For Finding Blind Injection Attacks
Credits
This tool is business office of secapps.com open-source initiative.
___ ___ ___ _ ___ ___ ___ / __| __/ __| /_\ | _ \ _ \/ __| \__ \ _| (__ / _ \| _/ _/\__ \ |___/___\___/_/ \_\_| |_| |___/ https://secapps.comNB: This tool is taking payoff of http://requestbin.net service. Future versions volition purpose a dedicated, custom-built infrastructure.
Quickstart
This tool is meant to last used equally business office of Pown.js simply it tin last invoked separately equally an independent tool.
Install Pown get-go equally usual:
$ npm install -g pown@latest$ pown duct$ npm install @pown/duct --save$ ./node_modules/.bin/pown-cli duct$ POWN_ROOT=. pown ductUsage
pown duct Side-channel assail enabler Commands: pown duct dns DNS ducting Options: --version Show version release [boolean] --help Show assistance [boolean] pown duct dnspown duct dns DNS ducting Options: --version Show version release [boolean] --help Show assistance [boolean] --channel Restore channel [string] --output Output format [string] [choices: "string", "hexdump", "json"] [default: "string"]Tutorial
There are cases when nosotros ask to perform an assail such equally sql injection, XSS, XXE or SSRF simply the target application is non providing whatever indication that it is vulnerable. One agency to last certain if a vulnerability is acquaint is to endeavour to inject a valid assail vector which forces a DNS resolver to enquire for a controlled domain. If the resolution is successful, the assail volition last considered successful.
NOTE: You mightiness last familiar amongst Burp Collaborator which provides a like service for customers.First, nosotros ask a disposable dns mention to resolve:
$ pown duct dns
Using the provided DNS, compose your payload. For example, the next could trigger a DNS resolution if a XXE vulnerability is present.
]> &bar; 