Skip to content

hallo1144/AIS3-DVWA

BranchesTags

Repository files navigation

run directly

install

git clone https://github.com/hallo1144/AIS3-DVWA.git
cd AIS3-DVWA
npm install
npm audit fix
cd frontend
npm install
npm audit fix

run

npm run merge

modify db options

AIS3-DVWA/api/tools/DbOptions.json:
{
    "host"     : "ip or domain name",
    "port"     : "port, default: 3306",
    "user"     : "username",
    "password" : "password",
    "database" : "database name"
}

modify session options

{
    "key": "name of your session",
    "secret": "session secret",
    "resave": false,
    "saveUninitialized": true,
    "cookie": {
		"httpOnly": true,
        "maxAge": 3600000
    }
}

... or run in docker

sudo docker-compose up --build -d

Holes

  • XSS [name=陳信榞]
  • Injection [name=賴侃軒]
  • CSRF [name=賴侃軒]
  • SSRF [TBD]
  • LFI [name=賴侃軒]
  • module with cve [name=黃爾群]
  • broken access control [name=楊東翰]
  • source leak [name=賴侃軒]
  • deserialization (optional) [name=黃爾群]
  • JWT bad authentication [name=賴侃軒]

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages