{"id":13292257,"url":"https://github.com/abaykan/Labs","last_synced_at":"2025-03-10T07:32:53.158Z","repository":{"id":56682645,"uuid":"166710815","full_name":"abaykan/Labs","owner":"abaykan","description":"Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com","archived":false,"fork":false,"pushed_at":"2020-10-25T15:19:12.000Z","size":397,"stargazers_count":6,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-02T03:43:32.977Z","etag":null,"topics":["bug","bug-bounty","bugbounty","bugs","command-injection","hack","hacking","lab","labs","lfi","local-file-inclusion","writeup","xss"],"latest_commit_sha":null,"homepage":"https://abaykan.com/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abaykan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-20T21:22:02.000Z","updated_at":"2024-03-24T22:55:49.000Z","dependencies_parsed_at":"2022-08-15T23:10:52.455Z","dependency_job_id":null,"html_url":"https://github.com/abaykan/Labs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abaykan%2FLabs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abaykan%2FLabs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abaykan%2FLabs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abaykan%2FLabs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abaykan","download_url":"https://codeload.github.com/abaykan/Labs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242811858,"owners_count":20189140,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bug","bug-bounty","bugbounty","bugs","command-injection","hack","hacking","lab","labs","lfi","local-file-inclusion","writeup","xss"],"created_at":"2024-07-29T17:07:40.406Z","updated_at":"2025-03-10T07:32:53.151Z","avatar_url":"https://github.com/abaykan.png","language":"PHP","readme":"\u003cimg align=\"left\" height=\"220\" src=\"https://cdn.shopify.com/s/files/1/1787/8943/products/887305559810685529a3f34aec898494_600x.png\"\u003e\n\n# Labs\n[![Code Climate](https://codeclimate.com/github/abaykan/Labs.svg)](https://codeclimate.com/github/abaykan/Labs)\n[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)\n[![Open Source Love](https://badges.frapsoft.com/os/v1/open-source.svg?v=102)](https://github.com/ellerbrock/open-source-badge/)\n\n**https://github.com/abaykan/Labs**\u003cbr\u003e\nRepositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di **[abaykan.com](https://abaykan.com/)**.\n\u003cbr/\u003e\u003cbr/\u003e\n\u003chr\u003e\n\n## Local File Inclusion\n[Local File Inclusion](https://abaykan.com/local-file-inclusion/) berarti akses tidak sah ke file yang ada di sistem. Kerentanan ini memungkinkan penyerang mendapatkan akses ke file sensitif di server, dan itu mungkin juga menyebabkan mendapatkan shell.\n\n![Local File Inclusion](https://abaykan.com/wp-content/uploads/2019/01/1-1024x571.png)\n\nPostingan tersebut menjelaskan cara kerja, contoh source-code yang vuln, teknik bypass filter dan juga Cheatsheet yang bisa berguna pada saat melakukan Local File Inclusion.\nPOST: [Local File Inclusion](https://abaykan.com/local-file-inclusion/).\n\n## Cross Site Scripting: Dasar - Dasar XSS\n[Cross Site Scripting (XSS)](https://abaykan.com/cross-site-scripting-dasar/) pada dasarnya menyuntikkan skrip atau HTML ke halaman web, seberapa burukkah akibatnya? Jika kita melihat XSS sebagai bug yang tidak berbahaya, sepertinya harus dipikir ulang. Jika Google saja membayar hingga `$3,133.7` untuk satu bug XSS, itu berarti itu sangat buruk, kan?\n\n![Cross Site Scripting](https://abaykan.com/wp-content/uploads/2019/01/2-1.png)\n\nPada artikel tersebut saya menjelaskan dasar - dasar XSS. Terkait apa itu XSS, contoh source-code yang vuln serta sedikit cara pencegahan.\nPOST: [Cross Site Scripting: Dasar - Dasar XSS](https://abaykan.com/cross-site-scripting-dasar/).\n\n## Command Injection\nCommand Injection adalah kerentanan format string yang terjadi ketika input pengguna yang tidak difilter lalu diteruskan ke shell sistem (`system()`, `exec()`, dll). Seorang penyerang dapat mengeksploitasi kerentanan ini dengan urutan perintah yang ditambahkan ke format yang sesuai untuk mengeksekusi perintah shell. \n\n![Command Injection](https://abaykan.com/wp-content/uploads/2019/01/command-injection-code-1024x600.png)\n\nPostingan ini menjelaskan tentang mengapa terjadi Command Injection, contoh source-code dan beberapa cara penanganannya.\nPOST: [Command Injection](https://abaykan.com/command-injection-basic/).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabaykan%2FLabs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabaykan%2FLabs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabaykan%2FLabs/lists"}