Home

Awesome

<p align="center"> <img src="./LogoVLA.png" alt="Dojo-101" style="width: 400px;" /> </p>

License: GNU GPL v3 GitHub last commit .NET Docker

⚠️ Disclaimer : This repository, together with its tools, is provided by Taisen-Solutions on an "as is" basis. Be aware that this application is highly vulnerable, including remote command and code execution. Use it at your own risk. Taisen-Solutions makes no representations or warranties of any kind, express or implied, as to the operation of the information, content, materials, tools, services and/or products included on the repository. Taisen-Solution disclaims, to the full extent permissible by applicable law, all warranties, express or implied, including but not limited to, implied warranties of merchantability and fitness for a particular purpose.

🎱 Use Case

UseCase

🐞 Vulnerabilities

MITRE ReferenceDescriptionDifficulty
CWE-22Path TraversalMedium
CWE-78OS Command InjectionEasy
CWE-79Cross-site ScriptingEasy
CWE-89SQL InjectionEasy
CWE-94Code InjectionHard
CWE-91XML InjectionHard
CWE-98Remote File InclusionHard
CWE-184Incomplete List of Disallowed InputsMedium
CWE-200Exposure of Sensitive Information to an Unauthorized ActorMedium
CWE-213Exposure of Sensitive Information Due to Incompatible PoliciesEasy
CWE-284Improper Access ControlMedium
CWE-287Improper AuthenticationMedium
CWE-319Cleartext Transmission of Sensitive InformationEasy
CWE-326Inadequate Encryption StrengthEasy
CWE-434Unrestricted Upload of File with Dangerous TypeHard
CWE-502Deserialization of Untrusted DataHard
CWE-521Weak Password RequirementsEasy
CWE-532Insertion of Sensitive Information into Log FileEasy
CWE 639Insecure Direct Object ReferenceMedium
CWE-611XML External Entity ReferenceHard
CWE-787Out-of-bounds WriteEasy
CWE-798Use of Hard-coded CredentialsEasy
CWE-829Local File InclusionEasy
CWE-912BackdoorHard
CWE-918Server-Side Request ForgeryMedium
CWE-1270Generation of Incorrect Security TokensMedium

🏭 Context

VLA is designed as a vulnerable backend application, running in the following environment :

Context

πŸ”‘ Hint & Write Up

⬇️ Download

git clone https://github.com/Aif4thah/VulnerableLightApp.git
cd .\VulnerableLightApp\

πŸ”§πŸ”₯ Build and Run

You can use Dotnet or Docker

Dotnet

Check .csproj file to get the current dotnet version and install .NET SDK

dotnet run [--url=<url>]

Alternatively, you can use bin files :

dotnet build
.\bin\Debug\net8.0\VulnerableWebApplication.exe [--url=<url>]

Docker

docker build -t vulnerablelightapp .
docker run -p 3000:3000 vulnerablelightapp 

first request

Default : 127.0.0.1:3000

curl -k https://127.0.0.1:3000

πŸ› οΈ Debug

401 Unauthorized

Your first request may return a 401 code due to unsuccessful authentication. It's ok, Start Hacking !

Dotnet Framework

Verify you use the intended .NET Framework

where dotnet
dotnet --version
dotnet --list-sdks

Dotnet on Linux

Ubuntu / Debian exemple

wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
dpkg -i packages-microsoft-prod.deb
apt update && apt install -y dotnet-sdk-8.0 dotnet-runtime-8.0

Certificates

To trust the certificate

dotnet dev-certs https --trust

Dependancies

dependancies have to be dowloaded from standard sources

dotnet nuget add source "https://api.nuget.org/v3/index.json" --name "Microsoft"

Misc

πŸ’œ CrΓ©dits