WebSploit Tutorial install/use

What is WebSploit

WebSploit is a framework with some modules for network, web and more….


First we have to install the “dependencies”:

sudo apt-get install scapy

Next download WebSploit from their website.

$ wget http://downloads.sourceforge.net/project/websploit/WebSploit%20Framework%20V.2.0.4/WebSploit%20Framework%20V.2.0.4.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fwebsploit%2F&ts=1378135332&use_mirror=kent

Now unpack the file with the following command:

$ tar xzf WebSploit\ Framework\ V.X.X.X.tar.gz

Now change the directory to the “Easy Install” directory:

$ cd Easy\ Install

Next you have to run the install script as root:

$ sudo ./install.sh
[sudo] password for USER:
Welcome To Websploit Framework Easy Install Script
Installing , Please Wait ...
Installed Directory : /usr/share/websploit
Run From Terminal : sudo websploit
Installation Complete.

Using WebSploit

Now WebSploit has been installed to the directory “/usr/share/websploit/”.
We can run WebSploit by running the following command:

$ websploit

Now you will see a menu simlar to metasploit.
by typing show modules you will get a list of all available attacks.
For example if you want to run the “PHPMyAdmin Login Page Scanner” that is used to search for a phpmyadmin page at the webserver you run
use web/pma
Now we have to set the options for the exploit so it knows what to do.
First we have to show the options by running
show options
Now you get the list of all available options, in my example i just had to set one option.
You set an option by running the following:
set OPTION value
When you’re ready and already set all options you run the exploit by running

Now the exploit will run.

I hope you liked the Tutorial.

lg Darcade

Leave a Reply

Your email address will not be published. Required fields are marked *