https://github.com/grrrdog/zeronights-hackquest-2015
ZeroNights HackQuest task
https://github.com/grrrdog/zeronights-hackquest-2015
Last synced: 8 months ago
JSON representation
ZeroNights HackQuest task
- Host: GitHub
- URL: https://github.com/grrrdog/zeronights-hackquest-2015
- Owner: GrrrDog
- License: gpl-2.0
- Created: 2016-01-10T23:13:09.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2017-03-23T22:44:57.000Z (over 8 years ago)
- Last Synced: 2025-01-15T13:34:32.604Z (9 months ago)
- Size: 13 MB
- Stars: 8
- Watchers: 4
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# BazaarNG
ZeroNights HackQuest 2015. The 3rd task: http://hackquest.zeronights.org/
It contains several typical vulnerabilities:
- Execution after redirect
- HQL injection (Hibernate + mysql)
- RCE via XMLDecoder or Java binary serialization in REST API (Restlet)
You can use BazarNG as a laboratory for testing the exploitation of these vulns.
##Installation steps for Ubuntu:
- install tomcat7, openjdk7, mysql
sudo apt-get install tomcat7 openjdk-7-jdk mysql-server
- put context.xml to /var/lib/tomcat7/conf
- download last mysql-jdbc-connector (https://dev.mysql.com/downloads/connector/j/) and put it to /usr/share/tomcat7/lib/
- put ZN_HQ.war to /var/lib/tomcat7/webapps/
- login to the mysql as root:
```
mysql -u root -p
```
- create a new db:
```
CREATE DATABASE webappdb
```
- create a new user for a db:
```
CREATE USER 'webappuser'@'localhost' IDENTIFIED BY 'n5pC6rVUOqxI';
GRANT SELECT,DELETE,INSERT,UPDATE, ON webappdb.* TO 'webappuser'@'localhost';
```
- add content to the db
```
USE webappdb
SOURCE /path/to/zn_hq_2015.sql
```
Then you can start the task:
```
service mysql start
service tomcat7 start
```
##Todo:
- create a docker container