Neurohazard
暮雲煙月,皓首窮經;森羅萬象,如是我聞。

访问 Acunetix WVS 的 PostgreSQL 数据库

wpadmin~August 26, 2019 /InfoSec

访问 Acunetix WVS 的 PostgreSQL 数据库

正文

注意 AWVS 中的 PostgreSQL 的端口也做了修改, Windows 下为 35432, Linux 下为 45432。
直接用 Navicat 或者 PgAdmin 连接。

关键配置文件路径
C:\ProgramData\Acunetix\settings.ini

wvs/wvs

内容如下

[root]
logging.file.file_name=C:\ProgramData\Acunetix\logs\backend.log
base_storage=C:\ProgramData\Acunetix\shared
logging.file.level=DEBUG
server.address=127.0.0.1
server.port=3443
server.host=localhost
server.frontend.session_secret=Pw6ac1orvEX7M0T9LmQpfdNkryJSKNio
wvs.temp_dir=C:\ProgramData\Acunetix\temp
target_secret_salt=vSPsQiEo42K8U5sQUj2m4Re1TkfAIOWLi
uploads_salt=ejEOiij8vnZv3It9Uvanc9x5JAjjuyhw
app_id=AAAAAAAA-EA62-4DB4-38B0-17AB7CA37ABD
server.ssl.certificate=C:\ProgramData\Acunetix\certs\server.cer
server.ssl.private_key=C:\ProgramData\Acunetix\certs\server.key
databases.connections.master.connection.user=wvs
databases.connections.master.connection.host=localhost
databases.connections.master.connection.port=35432
databases.connections.master.connection.db=wvs
databases.connections.master.connection.password=kUl5zQ40jOyygFfH36y15QE3pv12DaCH
admin_email=admin@admin.com
server.static_document_root=C:\Program Files (x86)\Acunetix\12.0.180911134\ui
wvs.app_dir=C:\Program Files (x86)\Acunetix\12.0.180911134
pdf_converter=C:\Program Files (x86)\Acunetix\12.0.180911134\pdf.exe

PostgreSQL 配置文件路径
C:\ProgramData\Acunetix 11 Trial\db\pg_hba.conf

项目路径
C:\ProgramData\Acunetix 11 Trial\settings.ini

参考资料

@FatJeRry
https://github.com/jerrychan807

XSStrike源码-waf检测
https://jerrychan807.github.io/2019/07/23/XSStrike%E6%BA%90%E7%A0%81-waf%E6%A3%80%E6%B5%8B/

Crawler-利用Simhash做URL去重
https://jerrychan807.github.io/2019/08/26/Crawler-%E5%88%A9%E7%94%A8Simhash%E5%81%9AURL%E5%8E%BB%E9%87%8D/

Two vulnerabilities in Acunetix
https://www.cybersecurity-help.cz/vdb/SB2017053005?affChecked=1

https://jerrychan807.github.io/2019/06/17/awvs-linux版配置文件修改/

Acunetix Web Vulnerability Scanner(网络漏洞扫描工具) V12.0 – 当下软件网
http://www.downxia.com/downinfo/235973.html

14 Best Open Source Web Application Vulnerability Scanners [Updated for 2019]
https://resources.infosecinstitute.com/14-popular-web-application-vulnerability-scanners/#gref

Testing Web Application Security Scanners against a Web 2.0 Vulnerable Web Application
https://www.sans.org/reading-room/whitepapers/tools/paper/38630

Leave a Reply

Your email address will not be published. Required fields are marked *