Results 1 to 3 of 3

Thread: Metasploit Unleashed Creating a vulnerable WebApp

  1. #1
    Just burned his ISO B4Linux's Avatar
    Join Date
    May 2010
    Posts
    8

    Default Metasploit Unleashed Creating a vulnerable WebApp

    Hello,

    i have a problem with the setup of a vulnerable Webapp. I followed the instructions and got to the login screen.
    The instructions say that i have "to verify that the query is running correctly on the database" by entering a bogus set of credentials.
    This is where I get an error message (see below). I already checked the setup and used the search function in the forums but didn't find any solution.

    Code:
    Server Error in '/' Application.
    --------------------------------------------------------------------------------
    
    An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) 
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 
    
    Exception Details: System.Data.SqlClient.SqlException: An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
    
    Source Error: 
    
    
    Line 66: //cmd.Parameters.AddWithValue("@txtPassword", txtPassword.Text);
    Line 67: 
    Line 68: objConn.Open();
    Line 69: 
    Line 70: if (cmd.ExecuteScalar() != DBNull.Value)
     
    
    Source File: c:\Inetpub\wwwroot\Default.aspx.cs    Line: 68 
    
    Stack Trace: 
    
    
    [SqlException (0x80131904): An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)]
       System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +734931
       System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +188
       System.Data.SqlClient.TdsParser.Connect(Boolean& useFailoverPartner, Boolean& failoverDemandDone, String host, String failoverPartner, String protocol, SqlInternalConnectionTds connHandler, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, SqlConnection owningObject, Boolean aliasLookup) +820
       System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +628
       System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +170
       System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +359
       System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) +28
       System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) +424
       System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) +66
       System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) +496
       System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +82
       System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +105
       System.Data.SqlClient.SqlConnection.Open() +111
       _Default.Login() in c:\Inetpub\wwwroot\Default.aspx.cs:68
       _Default.btnSubmit_Clicked(Object o, EventArgs e) in c:\Inetpub\wwwroot\Default.aspx.cs:50
       System.Web.UI.WebControls.Button.OnClick(EventArgs e) +105
       System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +107
       System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7
       System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11
       System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5102
    
     
    
    
    --------------------------------------------------------------------------------
    Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42

  2. #2
    Junior Member
    Join Date
    Jun 2010
    Posts
    31

    Default Re : Metasploit Unleashed Creating a vulnerable WebApp

    Had the same problem. The answer I got on here was "try harder" lol. I finally after what was probably weeks just gave up. PLease post if you figure it out! good luck!

  3. #3
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    8

    Default Re: Re : Metasploit Unleashed Creating a vulnerable WebApp

    Well, I guess I tried hard enough, because I got it working. The app you download has an error in it (or the book does). The book clearly states several times the password is password123. But the file web.config has the password as password1. Just edit the file and add the 23.

    One further tip for anyone reading this. At least in my copy of the book, it's incomplete and somewhat unclear what you have to enter to do the sql injection (step 4). I'll explain it.

    The ' closes the inital ' that is in the select statement. Then you add a space and the "or 1=1" which always evaluates to true. But you have to deal with the closing '. You do that by making it look like a comment. There are 3 standard comment symbols you can use in sql statements. Two require a closing comment symbol and therefore can't be used. But the -- (that's two dashes, with a space before AND after; leave out the trailing space and it won't work) doesn't have a closing symbol, so everything afterwards is treated as a comment.

    Summary is to enter the following, with _ standing in for spaces: '_or_1=1_--_

Similar Threads

  1. Metasploit Unleashed Question
    By wark1tten in forum Beginners Forum
    Replies: 4
    Last Post: 04-20-2011, 02:15 PM
  2. Metasploit Unleashed Course, adding another application to the mix
    By Lincoln in forum OLD BackTrack 4 Howto
    Replies: 5
    Last Post: 12-13-2009, 03:00 AM
  3. Metasploit Unleashed - Mastering the Framework
    By muts in forum OLD BackTrack News
    Replies: 27
    Last Post: 08-20-2009, 12:54 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •