bwapp 简单介绍-------by veek

Track-mss   ·   发表于 2021-08-24 19:50:25   ·   CTF&WP专版

Bwapp(漏洞集成环境)

介绍

bwapp是一款非常好用的漏洞演示平台,包含有100多个漏洞

SQL, HTML, iFrame, SSI, OS Command, XML, XPath, LDAP,
PHP Code, Host Header and SMTP injections
Authentication, authorization and session management issues
Malicious, unrestricted file uploads and backdoor files
Arbitrary file access and directory traversals
Heartbleed and Shellshock vulnerability
Local and remote file inclusions (LFI/RFI)
Server Side Request Forgery (SSRF)
Configuration issues: Man-in-the-Middle, Cross-Domain policy file,
FTP, SNMP, WebDAV, information disclosures,…
HTTP parameter pollution and HTTP response splitting
XML External Entity attacks (XXE)
HTML5 ClickJacking, Cross-Origin Resource Sharing (CORS)
and web storage issues
Drupal, phpMyAdmin and SQLite issues
Unvalidated redirects and forwards
Denial-of-Service (DoS) attacks
Cross-Site Scripting (XSS), Cross-Site Tracing (XST) and
Cross-Site Request Forgery (CSRF)
AJAX and Web Services issues (JSON/XML/SOAP)
Parameter tampering and cookie poisoning
Buffer overflows and local privilege escalations
PHP-CGI remote code execution
HTTP verb tampering
And much more

特点:

开源的php应用
后台Mysql数据库
可运行在Linux/Windows Apache/IIS
支持WAMP或者XAMPP

因为是类似DVWA的应用,此处不做太多演示(左转百度)。此处只复现一个简单的XSS漏洞:

可知 $name的值由我们输入,所以在投票处闭合a标签:
payload:/><img src=a.png onerror=alert(1)>

可见已触发xss弹窗:

打赏我,让我更有动力~

0 Reply   |  Until 10个月前 | 531 View
LoginCan Publish Content
返回顶部 投诉反馈

© 2016 - 2022 掌控者 All Rights Reserved.