When it comes to collaboration and sharing data during a penetration test, it is hard to beat the benefits and options available in Dradis. This is one of the two primary data collection tools we discussed in Chapter 3, Assessment Planning, and is often the tool of choice for data collection. As always, there needs to be some data available to us prior to being able to start. For this example, we will assume that a small business has asked us to perform a penetration test on their web server, which is still in the development stage and not available on the Internet. According to the rules of engagement, we are not allowed to access anything other than this one particular server, which can be reached locally on the 192.168.75.0/24 subnet. We are given VPN access to the 192.168.75.0/24 network and are allowed up to two simultaneous connections. The timeframe for testing is limited, and as such we intend to use two people to perform our test.
In order to follow along with this example, you will need the following virtual environment up-and-running:
This setup should allow you to effectively follow along with the remainder of this chapter. Reporting is an area of great flexibility, and as such it will require some time to find the right template and format that you would like to use for your tests.
To start Dradis while binding to a different port, we will need to explore the start.sh command with the -h feature to display the available options:
# cd /usr/lib/dradis # ./start.sh -h
An example of the output of this command is shown in the following screenshot:
At this point, we can bind to 192.168.75.11 on port 3004 (use the IP address of the Kali machine you are using to host the Dradis server) by typing:
# ./start.sh -b 192.168.75.194 -p 3004 => Booting WEBrick => Rails 3.2.0 application starting in production on https://192.168.75.194:3004 => Call with -d to detach => Ctrl-C to shutdown server
Test your configuration by starting up a browser and typing https://192.168.75.194:3004 on the localhost and on the other Kali machine. Note that, in the following screenshot, we are able to determine that the Dradis server on 192.168.75.194 is reachable by both machines.
Changes made by either system will be updated to be seen by both users.
Effectively using tools such as Dradis will enable your team to be more efficient and thorough when performing testing.