Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/knassar702/hacking-lab
Small Vulnerable Web App
https://github.com/knassar702/hacking-lab
bugbounty cmdinjection flask hackable hacking-lab openredirect python sqlinjection ssrf ssti uploadfile xss
Last synced: about 1 month ago
JSON representation
Small Vulnerable Web App
- Host: GitHub
- URL: https://github.com/knassar702/hacking-lab
- Owner: knassar702
- Created: 2019-09-13T17:44:18.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2022-07-16T08:23:42.000Z (about 2 years ago)
- Last Synced: 2024-04-12T19:49:03.880Z (5 months ago)
- Topics: bugbounty, cmdinjection, flask, hackable, hacking-lab, openredirect, python, sqlinjection, ssrf, ssti, uploadfile, xss
- Language: HTML
- Homepage:
- Size: 7.6 MB
- Stars: 51
- Watchers: 2
- Forks: 16
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - knassar702/hacking-lab - Small Vulnerable Web App (HTML)
README
# Hacking-Lab
* path traversal & XSS Stored : http://localhost/upload
* SQLI : http://localhost/posts/{ID}
* SSTI & XSS : http://localhost/search
* CSRF : http://localhost/login/edite/42
* SSRF & RCE : http://localhost/website?u=http://127.0.0.1
* open redirect : http://localhost/redirect?url=http://127.0.0.1/contact
Coded By khaled Nassar @knassar702
# Requirements :
- python2
- flask module
- jinja2 Template
# install requirements (Linux) :
````
$ apt install python2
````
````
$ pip2 install flask
````
````
$ pip2 install jinja2
````
# Run It :
````
$ git clone https://github.com/knassar702/hacking-lab && cd hacking-lab
````
````
$ python2 hackme.py
`````
# Login Page :
UserName : admin
Password : p@ssword
Good Luck :)