PenTest.WS Pro Enters Private Beta

With the release of PenTest.WS version 1.5.2 earlier this week, PTWS Pro has officially entered its Private Beta phase.

PenTest.WS Pro is an offline stand-alone version of the online web application designed to run directly inside your Kali Linux virtual machine. The Pro Tier was developed for professional penetration testers who must comply with strict non-disclosure agreements or those who operate within a restricted network environment.

PTWS Pro, once setup is complete, is an offline web application which does not connect to the internet unless instructed to do so by the user. During setup the application will need to verify its licensing and download copies of the Exploit Database, Metasploit Modules and Nmap Scripts. These locally cached repositories can be refreshed at anytime through the administrator panel.

Screenshot from 2019-03-09 17-06-48

Version 1.5.2 – Export / Import Account Items

Earlier this week version 1.5.2 was released bringing with it the ability to export and import account items. These items include:

  • Templates: Shells, Port Scans, Subnet Scans
  • Global Service Notes
  • Service Command Library (Hobby Tier)
  • Default Service Checklist (Hobby Tier)

This capability is useful for backing up your valuable notes & commands but it is essential if you’re planning to migrate from the online version to the soon to be released Pro Tier. The export routine creates a single json file which then can be loaded into your local offline Pro Tier application.

The Export & Import Account Items functionality is available now under the user menu located in the top right corner of PenTest.WS

Progress on the Pro Tier has been very exciting and public availability is expected in the second quarter of 2019.

Stay Tuned!

Version 1.5 Released – Scratchpad

scratchpad-demo-01

Scratchpad Now Available

  • Code editing with syntax highlighting for over 150 programming languages.
  • Hierarchical file structure with drag-and-drop.
  • Download files through the browser or using wget/curl/downloadstring.
  • Instantly switch between code & rich text editing.
  • Import CherryTree XML files!

* Scratchpad functionality is limited on the Free Tier

Also New In Version 1.5

Dark Theme
Hacking late at night? Switch over to Dark Mode and give your eyes a rest

Hostnames
Add hostnames to a host and select between IP address or hostnames for Service Commands

Updated Port List
See more information from the port list on the sidebar

And Much More
Import username:hashes – Ncat links – Fixed UDP nmap script links

 

Version 1.4 Released – Note Pages, Note History, Keyword Search

Notes, Notes & More Notes

v1.4-Note-Pages-02

Create Note Pages for Engagements, Hosts & Ports

Keep your notes organized by creating additional note pages for categories such as Discovered URLs, Possible Vulnerabilities, or Interesting Directories

* Note Pages are available on the Hobby Tier

Also New In Version 1.4

  • Note History
    Never lose a note again with a detailed change history for every note

  • Keyword Search
    Quickly scan your entire account for keywords

  • Code Snippets
    Add source code to notes & reporting data with syntax highlighting

  • And Much More…
    ◦ Export your data to JSON
    ◦ Revamped Dashboard & Engagement Console
    ◦ URL HashIDs & Clientside Error Logging

What’s coming in version 1.5?

Periscope – gain better situational awareness by viewing your engagements and hosts from 10,000 feet

Scratchpad – edit files in a hierarchical folder structure with syntax highlighting and Vim style keyboard bindings

 

HackTheBox – Dropzone – Custom MOF Dropper (Stuxnet)

Hacking the Dropzone machine from HackTheBox.eu

Resources from the video

Playing with MOF files on Windows, for fun & profit
http://poppopret.blogspot.com/2011/09/playing-with-mof-files-on-windows-for.html

Managed Object Format (MOF)
https://docs.microsoft.com/en-us/windows/desktop/wmisdk/managed-object-format–mof-

WMI Architecture
https://docs.microsoft.com/en-us/windows/desktop/wmisdk/wmi-architecture

Windows Sysinternals
https://docs.microsoft.com/en-us/sysinternals/

HackTheBox – DevOops – XXE Injection & Git Repo Enumeration

PenTest.WS demonstration hacking the DevOops machine from HackTheBox.eu. This video demonstrates using an XXE Injection vulnerability to pull sensitive files off a remote server. The privilege escalation is to search through a git repository to find root’s private ssh key.

2:26 – Web page extension enumeration
5:21 – XML fuzzing
7:49 – XXE Injection
10:53 – Stealing an SSH key
14:19 – Searching a Git repo
17:53 – Extracting root’s SSH key

HackTheBox – Sunday – Brute Forcing

PenTest.WS demonstration hacking the Sunday machine from HackTheBox.eu. This video includes brute forcing the finger and ssh services. John the Ripper is used to brute force a password. Privilege escalation is to use sudo and the wget command to read & write protected files.

2:14 – Downloading the corncob word list
4:18 – Brute forcing the finger service with a custom bash script
8:12 – Brute forcing ssh using hydra
12:02 – John the Ripper brute forcing a shadow.bak file
15:05 – sudo & the wget command for privilege escalation