Jump to content
Matt

Ethical Hacking Lab to Test and Learn SQL injection,XSS, CSRF Vulnerability

By Matt, in Tutoriale in engleza

Recommended Posts

Matt Newbie

Matt

Posted
Posted

So far i have provided few Web Application Pen Testing tutorials . Now it is time to for practicing your hacking / pentesting skills in legal way. Last time , i explained about the Damn Vulnerable Web Application(DVWA).

Now, i've come with different web application that will help you to improve your knowledge in web app pentesting.

The BodgeIt Store

Like DVWA, This is also a Vulnerable web Application that will help you to develop your skills in Pen testing.

With this Vulnerable Application , you can practice the Following attacks:

  • Cross Site Scripting (XSS)
  • SQL injection (SQLi)
  • Hidden (but unprotected) content
  • Cross Site Request Forgery
  • Debug code
  • Insecure Object References
  • Application logic vulnerabilities

There is also a 'scoring' page (linked from the 'About Us' page) where you can see various hacking challenges and whether you have completed them or not.

How to setup the Pen Testing Lab?

Download the bodgeit.1.3.0.zip file and extract the zip file . Now you will get a WAR file(bodgeit.WAR).

step 1:Install the Tomcat

Install the Tomcat in your system. If you don't know how to do install the tomcat , do google search.

Step 2: Start the server

Start the tomcat server.

In Ubuntu, type the following command in Terminal:

sudo /etc/init.d/tomcat6 start

For windows users, just click the tomcat server in all programs.

Step 3:

Open the browser and type "localhost:8080". It will show a page "It works !". There you can access the manager webapp(http://localhost:8080/manager/html) page. Clicking the link will ask to enter the username and password. enter your computer username and password.

Step 4:

Now you are in "Tomcat Web Application Manager" page. Scroll down and there you can see the WAR file to deploy form.

Step 5: Deploying the WAR

click the Browse button and select the bodgeit.WAR file . Now click the Deploy button.

Yes, Now the Application successfully installed..

deployed.jpg

Access the BodgeIt in this location: http://localhost:8080/bodgeit/

Sursa BreakTheSecurity.Com

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...