How to use Websploit

WebSploit Is an Open Source command line tool for vulnerability assessment.It is a powerful tool for social engineering,scans,automatic exploitations and wide range of network attacks,

Features of WebSploit

In this article we will be using websploit . For this tutorial we will be using module directory scanner . Directory scanner scans for directories on a server. So open your terminal and type the following command:

root@seven:~# websploit

start websploit

Step 2: Type show modules and press enter. This command will display all the modules inside websploit.As you can see there plenty of attacks you can choose from. For the demonstration purpose i am going to show you how to use PHPMyAdmin Login Page Scanner.The exploit finds login pages of websites(Only PHP).

show modules

Now write the following command to use PHPMyAdmin module.

wsf > use web/pma

Now type the following command to see the configurations to set the attack.By default it's google you can set your own. It requires only one option that is url.Set your URL.

 wsf:PMA > show options

Options		 Value
---------	--------------

Set your target.write your target url after the TARGET .

wsf:PMA > set TARGET

set target

Everything is good just run the following command.Now just wait until it finds login page.

wsf:PMA > run
run the exploit

i hope it helped thanks.