- SQL Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Using Components with known vulnerabilities
- Insufficient Logging & Monitoring
- .NET Core Version 3.1
- OWASP ZAP https://www.zaproxy.org/download/
- Docker
- Git https://git-scm.com/downloads
- Linux Kernel https://docs.microsoft.com/en-us/windows/wsl/install-win10#step-4---download-the-linux-kernel-update-package
- Clone the repository https://github.com/Sytechia/Exploit_me.git using Visual Studio
- Open the file in Visual Studio and run it
- Clone the repository https://github.com/Sytechia/Exploit_me.git
- Go to the directory of the folder.
- Build the app
docker build -t myapp .
- Run the web app for the first time
docker run -d -p 8080:80 --name myapp myapp
- Stop the app to move the database file from the folder to the container
docker stop myapp
- Go into the location of the database file
cd Exploit_Me
- Copy the file over
docker cp database.db myapp:/app/database.db
- Start the container
docker start myapp
- Go to
localhost:8080
Or
Typeipconfig
into the command prompt to check for your IP address. The url would be<your ipv4 address>:8080
Install Docker Desktop
https://docs.docker.com/docker-for-windows/install/
Install linux kernel
https://docs.microsoft.com/en-us/windows/wsl/install-win10#step-4---download-the-linux-kernel-update-package
- Open PowerShell as Administrator and run:
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
- Restart PC.
*** Known Issue
- Due to Docker containerizing our app, XML attack to read sensitive data in our database will not work, the challenge will still be counted as correct if you manage to put in the correct syntax.
- Billion Laughs atatck in Docker cannot be tracked due to docker being a seperate entity from the Host machine.