EvilZone

Programming and Scripting => Web Oriented Coding => Topic started by: d4rkcat on April 17, 2014, 06:46:28 AM

Title: [PHP] d4rkcat's super secure-webapp
Post by: d4rkcat on April 17, 2014, 06:46:28 AM

Just a quick website I made up to demonstrate 4 common vulnerabilities found in websites today.
There are at least 2 different techniques you can use to get a shell.

The hacks are very basic but will give you a solid introduction to each of the 4 vulnerabilities present.
I won't give you any clues apart from it is not SQLi, also

if you read the source before doing it then that is cheating!

(http://noticiasenlinea.com/wp-content/uploads/2013/05/hackers.jpg)

To install the script:

Code: [Select]

git clone https://github.com/d4rkcat/SSWA
rm -rf /var/www/*
cp SSWA/index.php /var/www
service apache2 start

You should be able to get at it by visiting

Code: [Select]

localhost
In your browser! And everything is hackable from there, no tools at all other than a browser needed!

Happy Hacking!

Title: Re: [PHP] d4rkcat's super secure-webapp
Post by: proxx on April 17, 2014, 07:36:23 AM

Nice :)
Will try this tonight, thanks for sharing.
+cookah

Title: Re: [PHP] d4rkcat's super secure-webapp
Post by: Stackprotector on April 17, 2014, 01:05:14 PM

Maybe don't put the source on here? I can spot most vulns when scrolling over it.

Title: Re: [PHP] d4rkcat's super secure-webapp
Post by: DeXtreme on April 17, 2014, 07:36:58 PM

Awesome..Gonna try this asap ;) +1