Web Application Cheatsheet (Vulnhub)
This cheatsheet is intended for CTF participants and beginners to help them understand web application vulnerability through examples. There are multiple ways to perform the same task. We have performed and compiled this list based on our experience. Please share this with your connections and direct queries and feedback to Hacking Articles.
Follow us on
Table of Contents
- Drupal
- Jenkins
- Joomla
- WebMin
- Wordpress
- Builder Engine
- CMS Made Simple
- CouchDB
- Cuppa
- Cute News 2.0.3
- Impress
- LibreNMS
- Moodle
- Php Mailer
- Playsms
- Rips
- SPHP Blog
- Squirrel Mail
- PHPText
- Wolf
- Zenphoto
- Redis
- Nano CMS
- OpenEclass E-learning
⤴
Drupal No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Droopy | Drupalgeddon |
2. | Billu Box 2 | Drupalgeddon2 |
3. | Lampiao : 1 | Drupalgeddon2 |
4. | Typhoon : 1.02 | Drupalgeddon2 |
5. | DC-1 | Drupalgeddon2 |
6. | RootThis : 1 | Manual |
7. | DC:7 | Manual |
8. | DC:8 |
⤴
Jenkins No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Jarbas : 1 | Jenkins Script Console |
⤴
Joomla No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Hackademic-RTB2 | SQL Injection |
2. | Kevgir | Joomla! 1.5.x - 'Token' |
3. | DC-3 | Joomla! 3.7.0 - 'com_fields' SQL Injection |
4. | Born2Root: 2 | Enumeration |
⤴
WebMin No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | pWnOS -1.0 | Webmin File Disclosure |
2. | VulnOS: 1 | DistCC Daemon Command Execution |
3. | Nezuko:1 | Webmin 1.920 - Remote Code Execution |
⤴
Wordpress ⤴
Builder Engine No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Sedna | builderengine_upload_exec |
⤴
CMS Made Simple No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | West Wild: 2 | CMSMS Showtime2 File Upload RCE |
⤴
CouchDB No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Moonraker:1 | Node.js deserialization RCE |
⤴
Cuppa No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | W1R3S.inc | '/alertConfigField.php' LFI/RFI |
2. | BRAVERY | '/alertConfigField.php' LFI/RFI |
⤴
Cute News No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Simple | CuteNews 2.0.3 Remote File Upload |
⤴
Impress No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Breach 1.0 | Enumeration |
⤴
Moodle No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Golden Eye:1 | Moodle - Remote Command Execution |
⤴
PHP Mailer No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Raven : 2 | PHPMailer < 5.2.18 - Remote Code Execution |
⤴
Playsms No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Dina | PlaySMS import.php Authenticated CSV File Upload Code Execution |
⤴
Rips No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Mercy | RIPS 0.53 - Multiple Local File Inclusions |
⤴
Simple PHP Blog No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | pWnOS -2.0 | Simple PHP Blog Remote Command Execution |
⤴
Squirrel Mail No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | DE-ICE:S1.140 | Enumeration |
⤴
PHPTax No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Kioprtix: 5 | PhpTax Remote Code Injection |
⤴
Wolf No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | SickOS 1.1 | Default Credential |
⤴
Zenphoto No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Orcus | Enumeration |
⤴
Redis No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | Gemini inc:2 | Remote Code Execution(RCE) |
⤴
Nano CMS No. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | LAMPSecurity: CTF 5 | NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure |
⤴
GUnet OpenEclass E-learning platformNo. | Machine Name | Exploit/Vulnerability |
---|---|---|
1. | VulnUni 1.0.1 | GUnet OpenEclass E-learning platform 1.7.3 |