This course details the exploitation of a weakness in the authentication of a PHP website. The website uses Cipher Block Chaining (CBC) to encrypt information provided by users and use this information to ensure authentication. The application also leaks if the padding is valid when decrypting the information. We will see how this behaviour can impact the authentication and how it can be exploited.

Source: https://pentesterlab.com/exercises/padding_oracle/course

This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism

Quickly created an exercise for cve-2014-6271:

Source: https://twitter.com/PentesterLab/status/515079459284594688

Difficulty

Beginner

Details

This exercise covers the exploitation of a session injection in the Play framework

What you will learn?

  • Session injection
  • Play framework
  • Play's cookies

Difficulty

Beginner

Details

This exercise covers the exploitation of CVE-2008-1760. This vulnerability allows an attacker to gain access to unaccessible pages using crafted requests. This is a common trick that a lot of testers miss.

What you will learn?

  • Tomcat
  • Java WebShell
  • Exploitation of CVE-2008-1760

Difficulty

Beginner

Details

This exercise explains how you can use a Cross-Site Scripting vulnerability to get access to an administrator's cookies. Then how you can use his/her session to gain access to the administration to find a SQL injection and gain code execution using it.

What you will learn?

  • Cross-Site Scripting exploitation
  • MySQL injection with FILE privilege

Difficulty

Beginner

Details

This exercise explains how you can tamper with an encrypted cookies to access another user's account.

What you will learn?

  • Weakness in ECB encryption
  • Cookie tampering

Difficulty

Beginner

Details

This exercise is a set of the most common web vulnerabilities:

What you will learn?

  • SQL injections
  • Authentication issues
  • Captcha issues
  • Authorization issues
  • Mass Assignment attacks
  • Randomness Issues
  • MongoDB injections

Difficulty

Intermediate

Details

This exercise explains how you can, from a blind SQL injection, gain access to the administration console. Then in the administration console, how you can run commands on the system.

What you will learn?

Blind SQL injection exploitation using time-based exploitation Gaining code execution using a PHP webshell

Difficulty

Advanced

Details

This exercise explains how you can exploit CVE-2012-6081 to gain code execution. This vulnerability was exploited to compromise Debian's wiki and Python documentation website

What you will learn?

  • Exploiting CVE-2012-6081
  • Basics of the tar file format
  • Python code execution