BufferOverflow lab 2: MiniShare

This time we’ll exploit Minishare 1.4.1. This is a web application that runs on port 80 as HTTP, you can share files and the users can download them from the site. I uploaded the application to GitHub (https://github.com/vry4n/BoF-MiniShare-1.4.1) Lab details…

BufferOverflow lab 1: FreeFloat FTP Server

This lab is intended to demonstrate how to exploit BoF in Windows. The vulnerable application is FreeFloat which can be downloaded from (https://www.exploit-db.com/apps/687ef6f72dcbbf5b2506e80a375377fa-freefloatftpserver.zip). The Freefloat FTP Server has many vulnerable parameters, which can be useful to practice on, and we…

Active Directory & DNS Lab

This time we will configure basic AD and DNS functionality. The terms object, organizational unit, domain, tree, and forest are used to describe the way Active Directory organizes its directory data. Like all directories, Active Directory is essentially a database…

PHP, HTML & MySQL lab (SQL Injection)

This document is intended to help understand what happens by PHP back-end processing of SQL queries, how to test SQL injections and how to secure code. Our goals here are the following Building MySQL database Create a PHP scripts to…

How to set up bWAPP - Linux

bWAPP, or a buggy web application, is a deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP is a PHP application that uses a MySQL database. It can be hosted…

How to set up Mutillidae - Linux

Mutillidae is a vulnerable framework where you can practice OWASP top 10, https://owasp.org/www-project-top-ten/ Download https://sourceforge.net/projects/mutillidae/ sudo git clone https://github.com/webpwnized/mutillidae.git 1. Install the required repositories (in this case I’m using php 7.3) sudo apt-get install php7.3-curl php7.3-mbstring php7.3-xml Extra Show php…

SMTP lab (hMailServer)

This has been writen to explain the steps to set a basic insecure SMTP lab. We are using hMailServer to act as a mail server & Thunderbird as mail client. https://www.hmailserver.com/ https://www.thunderbird.net/ Mail Server (hMailServer) 1. Start the wizzard 2.…