Locked Vucsa v1.0.0 - Vulnerable Client-Server Application

By itsMe
September 14, 2022 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted September 14, 2022

- Share

Posted September 14, 2022

This is the hidden content, please

A vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface).

Currently, the vulnerable application contains the following challenges:

    Buffer Over-read (simulated)
    Command Execution
    SQL Injection
    Enumeration
    XML
    Horizontal Access Control
    Vertical Access Control

If you want to know how to solve these challenges, take a look at the PETEP website, which describes how to use the open-source tool PETEP to exploit them.

Tip: Before you start hacking, do not forget to check the data structure of the messages below.

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- Rose Injector v1.0.0 + RAT
  
  By itsMe, March 26, 2023
  - rose
  - injector
  - (and 2 more)
    
    Tagged with:
    
    rose
    
    injector
    
    v1.0.0
    
    rat
  - 0 replies
  - 282 views
- Gotestwaf v0.4 - test different web application firewalls (WAF) for detection logic and bypasses
  
  By itsMe, March 23, 2023
  - gotestwaf
  - v0.4
  - (and 11 more)
    
    Tagged with:
    
    gotestwaf
    
    v0.4
    
    test
    
    different
    
    web
    
    application
    
    firewalls
    
    (waf)
    
    for
    
    detection
    
    logic
    
    and
    
    bypasses
  - 0 replies
  - 129 views
- Invoke-PSObfuscation v1.0.0
  
  By itsMe, March 2, 2023
  - powershell
  - components
  - (and 6 more)
    
    Tagged with:
    
    powershell
    
    components
    
    individual
    
    the
    
    obfuscating
    
    v1.0.0
    
    invoke-psobfuscation
    
    payload
  - 0 replies
  - 164 views
- ObfSRC v1.0.0 - an experimental way to obfuscate Java source code
  
  By itsMe, February 27, 2023
  - obfsrc
  - v1.0.0
  - (and 6 more)
    
    Tagged with:
    
    obfsrc
    
    v1.0.0
    
    experimental
    
    way
    
    obfuscate
    
    java
    
    source
    
    code
  - 0 replies
  - 241 views
- URL-CRAWLER V1.0.0
  
  By dEEpEst, February 19, 2023
  - url-crawler
  - v1.0.0
  - 0 replies
  - 202 views

Sign In

Locked Vucsa v1.0.0 - Vulnerable Client-Server Application

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

Rose Injector v1.0.0 + RAT

Gotestwaf v0.4 - test different web application firewalls (WAF) for detection logic and bypasses

Invoke-PSObfuscation v1.0.0

ObfSRC v1.0.0 - an experimental way to obfuscate Java source code

URL-CRAWLER V1.0.0

Browse

Activity

Store

Important Information