I created a vulnerable hack commerce from scratch to do some prove of concepts used in my last talk about Web Security Attacks and Defense.
-
SQL attacks
- SQL injection (SQLi)
- Blind SQLi
- Server read files
- Upload shell
-
XSS
- Persistent XSS
- Reflected XSS
- Session hijacking & cookie stealing
- Content Security Police (SCP) in .htaccess
- Cookies activate flag http only
- Cookies under secure channel (https)
<li>Full Path Disclosure (FPD)</li>
<li>Weak passwords hash</li>
<li>Local File Inclusion</li>
<li>Bad Inputs Validation</li>
<li>More bugs, can you search one more? ;)</li>
This vulnerable app (aka hack-commerce) was developed using PHP 5.5.14 under Apache 2.4.9.
To install the app on your computer you need Apache 2 with php.
- Create apache virtualhost. You have my copy of virtualhosts under ./deployment/hack-commerce.local and ./deployment/evil-domain.local
- Restore database data. Import ./deployment/hackcommerce.sql and edit ./core/autoload.php with your mysql credentials