Discover cyber security by finding 14 breaches in a website.
In the folder for each breach you will find:
-
README.md
- Breach - how to exploit a vulnerability in the website
- Use - how attackers could use this breach
- Prevention - how to prevent this breach
-
flag - A hash revealed by the breach
See the subject for more details.
First download from 42 Darkly_i386.iso.
On Mac OSX, install VirtualBox.
In VirtualBox create a new VM (click new).
- Name and operating system - Type: Linux, Version: (Oracle 64-bit)
Continue through all the next steps with the default settings:
- Memory size: 4MB
- Hard disk: Create a disk now
- Hard disk file type: VDI(VirtualBox Disk Image)
- Storage on physical hard disk: Dynamically allocated
- File size: 12,00GB
Next click Settings > Network > Adapter 1 > Attached to: Bridged Adapter.
Still in settings click Storage > Right of "Controller: IDE", there is a CD icon with a + sign (add optical drive). Click Add Disk Image, and select Darkly_i386.iso.
Click Start to start the VM, once runnning it should show the IP address.
Open a web browser and go to the IP address provided.
Find 14 different exploitable breaches, each successful breach should reveal a flag.
SQL_Injection:
XSS:
I wrote this project in a team with the awesome @dfinnis.