{"id":13649675,"url":"https://github.com/Aif4thah/VulnerableLightApp","last_synced_at":"2025-04-22T14:32:19.636Z","repository":{"id":217894727,"uuid":"733457829","full_name":"Aif4thah/VulnerableLightApp","owner":"Aif4thah","description":"Vulnerable API for research and education","archived":false,"fork":false,"pushed_at":"2025-04-10T09:08:25.000Z","size":118,"stargazers_count":41,"open_issues_count":0,"forks_count":54,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-15T18:13:59.754Z","etag":null,"topics":["api","cybersecurity-education","cybersecurity-training","docker","dotnet","educational-project","hacking","hacking-challenge","hacking-competitions","owasp-top-10","pentest","research","research-and-development","vulnerable","vulnerable-api","vulnerable-application","vulnerable-server","vulnerable-web-app","vulnerable-web-application","web-api"],"latest_commit_sha":null,"homepage":"https://taisen.fr/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Aif4thah.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"Aif4thah","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"lfx_crowdfunding":null,"custom":null}},"created_at":"2023-12-19T11:24:00.000Z","updated_at":"2025-04-15T07:29:34.000Z","dependencies_parsed_at":"2024-02-15T13:27:54.581Z","dependency_job_id":"b9d94d27-122d-44dc-87f1-820139f53738","html_url":"https://github.com/Aif4thah/VulnerableLightApp","commit_stats":null,"previous_names":["aif4thah/vulnerablelightapp"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aif4thah%2FVulnerableLightApp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aif4thah%2FVulnerableLightApp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aif4thah%2FVulnerableLightApp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aif4thah%2FVulnerableLightApp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Aif4thah","download_url":"https://codeload.github.com/Aif4thah/VulnerableLightApp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250259160,"owners_count":21401048,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","cybersecurity-education","cybersecurity-training","docker","dotnet","educational-project","hacking","hacking-challenge","hacking-competitions","owasp-top-10","pentest","research","research-and-development","vulnerable","vulnerable-api","vulnerable-application","vulnerable-server","vulnerable-web-app","vulnerable-web-application","web-api"],"created_at":"2024-08-02T02:00:22.194Z","updated_at":"2025-04-22T14:32:14.627Z","avatar_url":"https://github.com/Aif4thah.png","language":"C#","funding_links":["https://github.com/sponsors/Aif4thah","https://github.com/sponsors/Aif4thah?frequency=recurring\u0026sponsor=Aif4thah"],"categories":["Uncategorized","API"],"sub_categories":["Firmware"],"readme":"\u003cp align=\"center\"\u003e\n \u003cimg src=\"./LogoVLA.png\" alt=\"Dojo-101\" style=\"width: 400px;\" /\u003e\n\u003c/p\u003e\n\n[![License: GNU GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)\n![GitHub last commit](https://img.shields.io/github/last-commit/Aif4thah/VulnerableLightApp)\n[![.NET](https://github.com/Aif4thah/VulnerableLightApp/actions/workflows/dotnet.yml/badge.svg)](https://github.com/Aif4thah/VulnerableLightApp/actions/workflows/dotnet.yml)\n[![Docker](https://github.com/Aif4thah/VulnerableLightApp/actions/workflows/docker.yml/badge.svg)](https://github.com/Aif4thah/VulnerableLightApp/actions/workflows/docker.yml)\n\n\n\n\u003e ⚠️ **Disclaimer** : This repository, together with its tools, is provided by Taisen-Solutions on an \"as is\" basis. Be aware that this application is highly vulnerable, including remote command and code execution. Use it at your own risk. Taisen-Solutions makes no representations or warranties of any kind, express or implied, as to the operation of the information, content, materials, tools, services and/or products included on the repository. Taisen-Solution disclaims, to the full extent permissible by applicable law, all warranties, express or implied, including but not limited to, implied warranties of merchantability and fitness for a particular purpose.\n\n\n## 🎱 Use Case\n\n![UseCase](./VLAusecase.drawio.png)\n\n\n## 🐞 Vulnerabilities\n\n| MITRE Reference | Description | Difficulty |\n|----|---|----|\n| CWE-22 | Path Traversal | Medium |\n| CWE-78 | OS Command Injection | Easy |\n| CWE-79 | Cross-site Scripting | Easy |\n| CWE-89 | SQL Injection | Easy |\n| CWE-94 | Code Injection| Hard |\n| CWE-91 | XML Injection | Hard | \n| CWE-98 | Remote File Inclusion | Hard |\n| CWE-184 | Incomplete List of Disallowed Inputs | Medium |\n| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | Medium |\n| CWE-213 | Exposure of Sensitive Information Due to Incompatible Policies | Easy |\n| CWE-284 | Improper Access Control | Medium |\n| CWE-287 | Improper Authentication | Medium |\n| CWE-319 | Cleartext Transmission of Sensitive Information | Easy |\n| CWE-326 | Inadequate Encryption Strength | Easy |\n| CWE-434 | Unrestricted Upload of File with Dangerous Type | Hard |\n| CWE-502 | Deserialization of Untrusted Data | Hard |\n| CWE-521 | Weak Password Requirements | Easy |\n| CWE-532 | Insertion of Sensitive Information into Log File | Easy |\n| CWE 639 | Insecure Direct Object Reference | Medium |\n| CWE-611 | XML External Entity Reference | Hard |\n| CWE-787 | Out-of-bounds Write | Easy |\n| CWE-798 | Use of Hard-coded Credentials | Easy |\n| CWE-829 | Local File Inclusion | Easy |\n| CWE-912 | Backdoor | Hard |\n| CWE-918 | Server-Side Request Forgery | Medium |\n| CWE-1270 | Generation of Incorrect Security Tokens | Medium |\n\n\n## 🏭 Context\n\nVLA is designed as a vulnerable backend application, running in the following environment : \n\n![Context](./Context.png)\n\n\n## πŸ”‘ Hint \u0026 Write Up\n\n* Try reading [Dojo-101](https://github.com/Aif4thah/Dojo-101), this project contains all you need to hack this app.\n* [Become a sponsor](https://github.com/sponsors/Aif4thah?frequency=recurring\u0026sponsor=Aif4thah) and get access to the **full methodology** and **complete write-up**.\n\n\n## βœ… Prerequisites\n\nCheck `.csproj` file to get the current dotnet version and install [.NET SDK](https://dotnet.microsoft.com/en-us/download)\n\n\n## ⬇️ Download\n\n```PowerShell\ngit clone https://github.com/Aif4thah/VulnerableLightApp.git\ncd .\\VulnerableLightApp\\\n```\n\n\n## πŸ”§πŸ”₯ Build and Run\n\nYou can use **Dotnet** or **Docker**\n\n### Dotnet\n\n```PowerShell\ndotnet run [--url=\u003curl\u003e]\n```\n\nAlternatively, you can use bin files :\n\n```PowerShell\ndotnet build\n.\\bin\\Debug\\net8.0\\VulnerableWebApplication.exe [--url=\u003curl\u003e]\n```\n\n### Docker\n\n```bash\ndocker build -t vulnerablelightapp .\ndocker run -p 3000:3000 vulnerablelightapp \n```\n\n### first request \n\nDefault : `127.0.0.1:3000`\n\n```sh\ncurl -k https://127.0.0.1:3000\n```\n\n\n## πŸ› οΈ Debug \n\n### 401 Unauthorized \n\nYour first request may return a 401 code due to unsuccessful authentication. It's ok, Start Hacking !\n\n### Dotnet Framework\n\nVerify you use the intended .NET Framework\n\n```cmd\nwhere dotnet\ndotnet --version\ndotnet --list-sdks\n```\n\n### Dotnet on Linux \n\nUbuntu / Debian exemple\n\n```bash\nwget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb\ndpkg -i packages-microsoft-prod.deb\napt update \u0026\u0026 apt install -y dotnet-sdk-8.0 dotnet-runtime-8.0\n```\n\n\n### Certificates\n\nTo trust the certificate\n\n```PowerShell\ndotnet dev-certs https --trust\n```\n\n\n### Dependancies\n\ndependancies have to be dowloaded from [standard sources](https://go.microsoft.com/fwlink/?linkid=848054)\n\n```sh\ndotnet nuget add source \"https://api.nuget.org/v3/index.json\" --name \"Microsoft\"\n```\n\n### Misc\n\n* Be aware that VLA runs Linux and MacOS, but is only tested and supported on Windows.\n\n## πŸ’œ CrΓ©dits\n\n* **Special thanks to all the hackers and students who pushed me to improve this work**\n* Project maintened by [Michael Vacarella](https://github.com/Aif4thah)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAif4thah%2FVulnerableLightApp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAif4thah%2FVulnerableLightApp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAif4thah%2FVulnerableLightApp/lists"}