-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathREADME
30 lines (24 loc) · 1.4 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Piti's blog is a very vulnerable web app written to illustrate a php security training
The app is at least vulnerable to
SQL INJECTION
XSS
Code and instruction injection
Cross site request forgery
Copyright (C) 2012 Manuel Silvoso
STIDIA Code Audit - VulnerableApp.ods contains an exhaustive code review
done by an independent company (I am not affiliated in any way with this company).
This document has been provided as a 'solution' to this exercice.
trap.php - Challenge taken from tdhack.com - Challenge Net 26
babyphp.php - Challenge taken from the capture de flag challenge - hack.lu 2018 - (c) Fluxfingers
lolcat.html, lolcat.php - inspired by Saumil Shah's talk at the hack.lu 2014 http://archive.hack.lu/2014/hacking_with_pictures.pdf
----------------------------------------------------------------------
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.