bwapp是一款非常好用的漏洞演示平台,包含有100多个漏洞
SQL, HTML, iFrame, SSI, OS Command, XML, XPath, LDAP,
PHP Code, Host Header and SMTP injections
Authentication, authorization and session management issues
Malicious, unrestricted file uploads and backdoor files
Arbitrary file access and directory traversals
Heartbleed and Shellshock vulnerability
Local and remote file inclusions (LFI/RFI)
Server Side Request Forgery (SSRF)
Configuration issues: Man-in-the-Middle, Cross-Domain policy file,
FTP, SNMP, WebDAV, information disclosures,…
HTTP parameter pollution and HTTP response splitting
XML External Entity attacks (XXE)
HTML5 ClickJacking, Cross-Origin Resource Sharing (CORS)
and web storage issues
Drupal, phpMyAdmin and SQLite issues
Unvalidated redirects and forwards
Denial-of-Service (DoS) attacks
Cross-Site Scripting (XSS), Cross-Site Tracing (XST) and
Cross-Site Request Forgery (CSRF)
AJAX and Web Services issues (JSON/XML/SOAP)
Parameter tampering and cookie poisoning
Buffer overflows and local privilege escalations
PHP-CGI remote code execution
HTTP verb tampering
And much more
特点:
开源的php应用
后台Mysql数据库
可运行在Linux/Windows Apache/IIS
支持WAMP或者XAMPP
因为是类似DVWA的应用,此处不做太多演示(左转百度)。此处只复现一个简单的XSS漏洞:
可知 $name的值由我们输入,所以在投票处闭合a标签:
payload:/><img src=a.png onerror=alert(1)>
可见已触发xss弹窗:
打赏我,让我更有动力~
© 2016 - 2024 掌控者 All Rights Reserved.