bWAPP
bWAPP, It is a free, open-source application that helps security enthusiasts, developers, and students learn web vulnerabilities using a hands-on approach[2]. In this article, we will provide detailed examples of some of the vulnerabilities in bWAPP.
1. SQL Injection
SQL injection is a common vulnerability in web applications that allows attackers to execute malicious SQL statements. In bWAPP, there are several SQL injection vulnerabilities that can be exploited. For example, in the "SQL Injection (GET/Search)" section, you can enter a SQL injection payload in the search box to retrieve sensitive information from the database[1].
2. Cross-Site Scripting (XSS)
Cross-site scripting (XSS) is another common vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. In bWAPP, there are several XSS vulnerabilities that can be exploited. For example, in the "Reflected XSS (GET)" section, you can enter a script in the search box to execute it in the browser of the victim[1].
3. File Inclusion
File inclusion vulnerabilities allow attackers to include files from the server or remote locations. In bWAPP, there are several file inclusion vulnerabilities that can be exploited. For example, in the "Local File Inclusion (LFI)" section, you can enter a path to a file on the server to retrieve its contents[3].
4. Command Injection
Command injection vulnerabilities allow attackers to execute arbitrary commands on the server. In bWAPP, there are several command injection vulnerabilities that can be exploited. For example, in the "Command Injection" section, you can enter a command in the search box to execute it on the server[1].
5. Directory Traversal
Directory traversal vulnerabilities allow attackers to access files outside of the web root directory. In bWAPP, there are several directory traversal vulnerabilities that can be exploited. For example, in the "Directory Traversal (Low)" section, you can enter a path to a file outside of the web root directory to retrieve its contents[1].
6. Insecure Password Storage
Insecure password storage vulnerabilities allow attackers to retrieve passwords from the server. In bWAPP, there are several insecure password storage vulnerabilities that can be exploited. For example, in the "Insecure Password Storage (MD5)" section, you can retrieve the MD5 hash of a password from the server[1].
In conclusion, bWAPP is a great tool for learning about web vulnerabilities and how to exploit them. It is important to note that bWAPP should only be used for educational purposes and should not be used to attack real websites. By practicing on bWAPP, you can gain valuable experience in identifying and exploiting web vulnerabilities.
Citations:
[1] https://l1cafe.blog/2019/03/17/bwapp-writeup.html
[2] https://blog.qualys.com/product-tech/2022/09/28/optimizing-a-web-application-security-scan-for-bwapp
[3] https://wooly6bear.files.wordpress.com/2016/01/bwapp-tutorial.pdf
[4] https://www.acunetix.com/blog/docs/scanning-bwapp-with-acunetix/
[5] http://www.itsecgames.com/downloads/bWAPP_intro.pdf