Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Damn Vulnerable Web App

  1. Home
  2. Forum
  3. Web hacking
  4. Damn Vulnerable Web App

fuser's Avatar

fuser

Member
0 1

I've just found this interesting new Web app,true to it's name, is so damned vulnerable. The main purpose of this app is so that people can learn how to exploit web services in a legal way.

You can install this on a local system that runs Apache, MySQL and PHP.

You can exploit the app using : SQL Injection,XSS, LFI, RFI ,Command Execution,Uploads and HTTP Form Brute Force login.

This is especially useful for those that want to test their skills in a legal way other then hbh, and gain a better understanding of the common web exploits used nowadays.

Download: http://www.ethicalhack3r.co.uk/DVWA_BETA.zip


ghost's Avatar

ghost

0 0

You should change your nick to fuser-many-a-thread.


ghost's Avatar

ghost

0 0

Looks interesting; might have to check that out. It's just a web app that's not secured but, from the look of it, it's unsecured for specific vulnerabilities. At least, that's what the side navigation seems to imply. Anyways, could be fun securing it.

Oh, the link to just see it (not the download) is, of course, just the domain name: http://www.ethicalhack3r.co.uk/

whitecell wrote: You should change your nick to fuser-many-a-thread. You should stay on-topic.


fuser's Avatar

fuser

Member
0 1

whitecell wrote: You should change your nick to fuser-many-a-thread.

Should the revolution comes, I'll make sure smart asses like you get lined up against a wall and shot.


Mr_Cheese's Avatar

Mr_Cheese

0 1

thats an excellent thread, good find!

perhaps you could write an article including the link and how people can install and exploit on their own machine, that would help the beginners :)

thanks for sharing the link.


ghost's Avatar

ghost

0 0

i put this up on my free web host site and now the site is being reviewed for malicious content

damn

its a good find though! get to see the attack from both ends =]


ghost's Avatar

ghost

0 0

mambo wrote: i put this up on my free web host site and now the site is being reviewed for malicious content

… lol. Could be those nasty web hacking words in the navigation. :P

Use a local web server… probably Apache in whatever flavor of OS you run.


ghost's Avatar

ghost

0 0

fuser wrote: [quote]whitecell wrote: You should change your nick to fuser-many-a-thread.

Should the revolution comes, I'll make sure smart asses like you get lined up against a wall and shot.[/quote]

Okay, Che. If the revolution comes you'll be buried very quickly by the Illuminati. Dammit, line me up again. :@

Zephyr_Pure wrote: You should stay on-topic.