https://github.com/MindPatch/hacking-lab

Small Vulnerable Web App
https://github.com/MindPatch/hacking-lab

bugbounty cmdinjection flask hackable hacking-lab openredirect python sqlinjection ssrf ssti uploadfile xss

Last synced: 21 days ago
JSON representation

Small Vulnerable Web App

• Host: GitHub
• URL: https://github.com/MindPatch/hacking-lab
• Owner: MindPatch
• Created: 2019-09-13T17:44:18.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2024-11-20T16:11:21.000Z (22 days ago)
• Last Synced: 2024-11-20T17:19:45.945Z (22 days ago)
• Topics: bugbounty, cmdinjection, flask, hackable, hacking-lab, openredirect, python, sqlinjection, ssrf, ssti, uploadfile, xss
• Language: HTML
• Homepage:
• Size: 7.62 MB
• Stars: 50
• Watchers: 2
• Forks: 12
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - knassar702/hacking-lab - Small Vulnerable Web App (HTML)

README

        
# Hacking-Lab

* path traversal & XSS Stored : http://localhost/upload

* SQLI : http://localhost/posts/{ID}

* SSTI & XSS : http://localhost/search

* CSRF : http://localhost/login/edite/42

* SSRF & RCE : http://localhost/website?u=http://127.0.0.1

* open redirect : http://localhost/redirect?url=http://127.0.0.1/contact

Coded By khaled Nassar @knassar702

# Requirements :

- python2

- flask module

- jinja2 Template

# install requirements (Linux) :

````

$ apt install python2

````

````

$ pip2 install flask

````

````

$ pip2 install jinja2

````

# Run It :

````

$ git clone https://github.com/knassar702/hacking-lab && cd hacking-lab

````

````

$ python2 hackme.py

`````

# Login Page :

UserName : admin 


Password : p@ssword

 Good Luck :)