Darkly
42 Web Application related Security project
Introduction
Darkly is one of the 42's project related to Web applications
security and pentesting where you learn to exploit a web application. The project is similar to OWASP-VWAD.
We are given a Linux (ubuntu x32) iso containing a vulnerable web application and we are suppose to exploit it in different ways and obtain the flags
. We are asked to at least do 13 challenges (find vulnerabilities) during the correction even though there are more. The followings are the names of the challenges provided during the correction and asked to explain them.
Challenges | Dificulty |
---|---|
SQL injection Advace | Difficult |
include | Medium |
XSS basic | Easy |
XSS advance | Medium |
Cookies | Easy |
Spoof (Curl) | Easy |
Admin (htpasswd) | Easy |
Brutforce (member) | Medium |
File upload | Medium |
Redirect | Easy |
Guess (dossier cache) | Medium |
Survey | Easy |
Recover | Easy |
And there are also a bonus part which will be take to account only if the mandatory part is done entirely and done "well"
Bpnus part |
---|
Understanding of XSS |
Understanding of SQL |
Understanding of Redirection |
Understanding of brutforce |
Understanding of robot.txt |
Resources
- Project link for 42's students
- You can find the iso in the 42's server or in Mega (Darkly_i386.iso:
66d1a5d77c33a935ccb219b97f207b6a
) - Subject fr fr_backup
- The video for this project in Intra and in RAW format (for which no login is required) HD SD
Finding the flags and validating them
A sepcific file structure must be respected to validate project.
- We must create a directory for each vulnerability found.
- The directory name must be the same as the exploit name or the challenge name.
- The directory contains a file called
flag
that contains the flag for the particular challenge. - It also called a directory called
Ressources
which contains the writeup for the challenge and other stuffs to solve the challenge.
- The directory should not contain anything else.
Anything present in the
Ressources
directory must be clearly explained during the correction without any hasitation. No binary should be present in this directory.
Exemple of project directory
$> ls -al
[..]
drwxr-xr-x 2 root root 4096 Dec 3 XX:XX {Name of the exploit}
drwxr-xr-x 2 root root 4096 Dec 3 XX:XX {Name of the exploit}
drwxr-xr-x 2 root root 4096 Dec 3 XX:XX {Name of the exploit}
[..]
$> ls -alR {Name of the exploit}
{Name of the exploit}:
total 16
drwxr-xr-x 3 root root 4096 Dec 3 15:22 .
drwxr-xr-x 6 root root 4096 Dec 3 15:20 ..
-rw-r--r-- 1 root root 5 Dec 3 15:22 flag
drwxr-xr-x 2 root root 4096 Dec 3 15:22 Ressources
{Name of the exploit}/Ressources:
total 8
drwxr-xr-x 2 root root 4096 Dec 3 15:22 .
drwxr-xr-x 3 root root 4096 Dec 3 15:22 ..
-rw-r--r-- 1 root root 0 Dec 3 15:22 whatever.wahtever
$> cat {Name of the exploit}/flag | cat -e
XXXXXXXXXXXXXXXXXXXXXXXXXXXX$
$>
Get started with the project
To start the project just open the ISO in a virtual machine such as VMware or VirtualBox (or whatever you want)
If you are using Virtual Box, set your network option to bridge
according to the 42 subject all you need to do is
- Boot the iso
- Go to the ip address shown when you boot the iso (in the web server) and the port