bodgeit
BodgeitStore是一个软弱的Web使用程序,这是现在针对新的浸透测试的人。安装时首要需求装J2sdk和tomcat,J2sdk资源大家去网上找,tomcat顺便上传了,安装完毕后,将解压的bodgeit放在webapps目录文件下,然后指向您的浏览器:localH/OST:8080/bodgeitBodgeit包括以下明显的漏洞:跨站点脚本SQL注入躲藏内容(但无维护)跨站点恳求伪造调试代码不安全的目标引证使用程序逻辑漏洞本资料共包括以下附件:bodgeit.war
.....
(BodgeitStore is a weak web application, which is now targeted at new penetration testers. When installing, you need to install J2sdk and tomcat first. You can find J2sdk resources online, and tomcat is uploaded by the way. After installation, put the decompressed bodgeit in the webapps directory file, and then point to your browser: localH/OST:8080/bodgeitBodgeit Including the following obvious vulnerabilities: Cross-site scripting SQL injection Hide content (but not maintained) Cross-site solicitation forgery debug code Unsafe target citation use program logic vulnerabilities This document includes the following attachments:
bodgeit.war
.....)
页:
[1]