Skip to content

chheunpheara/phpmysqlpentester

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
config
config
 
 
controller
controller
 
 
model
model
 
 
schema
schema
 
 
.gitignore
.gitignore
 
 
autoloader.php
autoloader.php
 
 
index.php
index.php
 
 
index.php.ori
index.php.ori
 
 
readme.md
readme.md
 
 
upload.php
upload.php
 
 

Repository files navigation

Very small Pentest Project

PHP and Mysql Attack

  1. Inject Login Form
  2. Inject Query String
  3. Remote File Inclusion
  4. XSS Attack ==> Todo
  5. Session Hijack ==> Todo

Installation

  • create a database and copy the schema from schema/schema.sql
  • copy config/Database.sample.php to config/Database.php

Run the application

  • php -S localhost:9000

Todo:

  • Implement more topics for the web application attacks
  • Put more UI design (It is now very ugly)

Note:

  • If remote file inclusion does not work, please allow allow_url_include=On. Once this works, it will overwrite index.php. After the test, you can copy index.php.ori to index.php to rollback the replacement.

  • Source codes are written very ugly. Feel free to modify.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages