/Web-Application-Cheatsheet

This cheatsheet is aimed at the CTF Players and Beginners to help them understand Web Application Vulnerablity with examples.

Web Application Cheatsheet (Vulnhub)

This cheatsheet is aimed at the CTF Players and Beginners to help them understand Web Application Vulnerablity with examples. There are multiple ways to perform the same tasks. We have performed and compiled this list on our experience. Please share this with your connections and direct queries and feedback to Pavandeep Singh.

Follow us on alt text

vulnhub-web-app

Table of Contents

Drupal

No. Machine Name Exploit/Vulnerability
1. Droopy Drupalgeddon
2. Billu Box 2 Drupalgeddon2
3. Lampiao : 1 Drupalgeddon2
4. Typhoon : 1.02 Drupalgeddon2
5. DC-1 Drupalgeddon2
6. RootThis : 1 Manual
7. DC:7 Manual
8. DC:8

Jenkins

No. Machine Name Exploit/Vulnerability
1. Jarbas : 1 Jenkins Script Console

Joomla

No. Machine Name Exploit/Vulnerability
1. Hackademic-RTB2 SQL Injection
2. Kevgir Joomla! 1.5.x - 'Token'
3. DC-3 Joomla! 3.7.0 - 'com_fields' SQL Injection
4. Born2Root: 2 Enumeration

WebMin

No. Machine Name Exploit/Vulnerability
1. pWnOS -1.0 Webmin File Disclosure
2. VulnOS: 1 DistCC Daemon Command Execution
3. Nezuko:1 Webmin 1.920 - Remote Code Execution

Wordpress

No. Machine Name Exploit/Vulnerability
1. Hackademic-RTB1 Enumeration
2. Mr. Robot Bruteforce
3. Stapler Enumeration/Bruteforce
4. Minotaur Wordpress SlideShow Gallery Authenticated File Upload
5. Freshly Manual
6. USV Enuemration
7. Quaoar Enumeration
8. Lazysysadmin WordPress Admin Shell Upload
9. BTRSys:dv 2.1 Enumeration
10. Basic Penetration WordPress Admin Shell Upload
11. DerpNStink Wordpress SlideShow Gallery Authenticated File Upload
12. BSides Vancuver: 2018 WordPress Admin Shell Upload
13. Raven Enumeration
14. HackinOS : 1 Enumeration
15. Web Developer : 1 WordPress Photo Gallery Unrestricted File Upload
16. DC-2 Enumeration/Bruteforce
17. DC6 Plainview Activity Monitor 20161228
18. symfonos : 1 WordPress Plugin Mail Masta 1.0 - Local File Inclusion
19. PumpkinFestival Enumeration
20. SP:Jerome WordPress Crop-image Shell Upload
21. dpwwn:2 Wordpress Plugin Site Editor 1.1.1
22. GrimTheRipper:1 Bruteforce
23. symfonos : 2 WordPress Plugin Mail Masta 1.0 - Local File Inclusion
24. Prime: 1 Enumeration
25. HA: Wordy Multiple Vulnerablities

Builder Engine

No. Machine Name Exploit/Vulnerability
1. Sedna builderengine_upload_exec

CMS Made Simple

No. Machine Name Exploit/Vulnerability
1. West Wild: 2 CMSMS Showtime2 File Upload RCE

CouchDB

No. Machine Name Exploit/Vulnerability
1. Moonraker:1 Node.js deserialization RCE

Cuppa

No. Machine Name Exploit/Vulnerability
1. W1R3S.inc '/alertConfigField.php' LFI/RFI
2. BRAVERY '/alertConfigField.php' LFI/RFI

Cute News

No. Machine Name Exploit/Vulnerability
1. Simple CuteNews 2.0.3 Remote File Upload

Impress

No. Machine Name Exploit/Vulnerability
1. Breach 1.0 Enumeration

Moodle

No. Machine Name Exploit/Vulnerability
1. Golden Eye:1 Moodle - Remote Command Execution

PHP Mailer

No. Machine Name Exploit/Vulnerability
1. Raven : 2 PHPMailer < 5.2.18 - Remote Code Execution

Playsms

No. Machine Name Exploit/Vulnerability
1. Dina PlaySMS import.php Authenticated CSV File Upload Code Execution

Rips

No. Machine Name Exploit/Vulnerability
1. Mercy RIPS 0.53 - Multiple Local File Inclusions

Simple PHP Blog

No. Machine Name Exploit/Vulnerability
1. pWnOS -2.0 Simple PHP Blog Remote Command Execution

Squirrel Mail

No. Machine Name Exploit/Vulnerability
1. DE-ICE:S1.140 Enumeration

PHPTax

No. Machine Name Exploit/Vulnerability
1. Kioprtix: 5 PhpTax Remote Code Injection

Wolf

No. Machine Name Exploit/Vulnerability
1. SickOS 1.1 Default Credential

Zenphoto

No. Machine Name Exploit/Vulnerability
1. Orcus Enumeration

Redis

No. Machine Name Exploit/Vulnerability
1. Gemini inc:2 Remote Code Execution(RCE)

Nano CMS

No. Machine Name Exploit/Vulnerability
1. LAMPSecurity: CTF 5 NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure

GUnet OpenEclass E-learning platform

No. Machine Name Exploit/Vulnerability
1. VulnUni 1.0.1 GUnet OpenEclass E-learning platform 1.7.3