Exploit KB Vulnerable Web App

During my SQL Injection learning journey I needed a vulnerable web application for practice

I created a WebApp vulnerable to SQL Injection for my personal use, The result was an extremely vulnerable web site which I could test some SQLi techniques against MySQL.

I must confess, I am not a programmer and I have never coded in PHP before, I thought it would be a good practice to develop a PHP based site from scratch in order to learn the basic of PHP and MySQL.

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques and it is a fully functional web site with a content management system based on fckeditor.

I thought some of you may find it useful so i decided to share it via a SourceForge project page i created for it  at :

https://sourceforge.net/projects/exploitcoilvuln

The web app is available for download as a source code package or a VMware image.

Please report bugs to:  shai [ a t ] e  x p  l o i t  . c . o . i l

Read Me First

General Information

Installation Notes

Linux Installation

Windows Installation

VMware Image

ScreenShots

Spoilers

VMware Image Details:

The VMWare image was built in VMware Workstation 7.1.1 build-282343 and its based on UBUNTU server 10.04 32bit.

Network card is configured in Bridge Mode

IP Address: Assigned by DHCP

Linux,MySQL and PhpMyAdmin Login details:

Username: root

Password: toor

Web App Administration can be found at:

http://localhost/admin

PhpMyAdmin can be found at:

http://localhost/phpmyadmin

Post to Twitter

5 Comments


  1. oz
    Oct 06, 2010

    great job shai, when ill have time i will check it out and comment :]
    if there is any tips for which vulnerabilities/techniques are exist i will be happy to know , because i am not so good in web app security. (:


  2. NightRanger
    Oct 06, 2010

    The web app is vulnerable to SQL Injection Authentication bypass and database enumeration and data extraction,XSS and File Upload (maybe some other vulnerabilities can be found)

    I will try to upload some “Spoilers” soon…


  3. Rob
    Oct 17, 2010

    extremely helpful site. Am noob and looking to learn web hosting. Want to learn in detail hosting on Win Xp Pro.

  4. [...] exploit-kb-vulnerable-web-app [...]

  5. [...] Exploit.co.il-WA [...]

Recent Posts