cowsecurity/gdg_kanpur_demo

Vulnerable webapp i found on github for demonstration

HTML

Hacking-Lab

SSTI & XSS : http://localhost/search
open redirect : http://localhost/redirect?url=http://127.0.0.1/contact
SQLI : http://localhost/posts/{ID}

Coded By khaled Nassar @knassar702

Requirements :

python2
flask module
jinja2 Template

install requirements (Linux) :

$ apt install python2

$ pip2 install flask

$ pip2 install jinja2

Run It :

$ git clone https://github.com/knassar702/hacking-lab && cd hacking-lab

$ python2 hackme.py

Login Page :

UserName : admin
Password : p@ssword

Good Luck :)