> about

Vulnerabilities

The main page contains the following vulnerabilities.

VULNERABILITY VIA

Cache Poisoning Coming soon!

Cookie Injection cookies

CORS Bypass header

CSRF header injection

CSS Injection css, css2

Header Injection cookie and header

Response splitting cookie and header

Template Injection Jinja in most fields

XSS practically everywhere

VULNERABILITY	VIA
Cache Poisoning	Coming soon!
Cookie Injection	cookies
CORS Bypass	header
CSRF	header injection
CSS Injection	css, css2
Header Injection	cookie and header
Response splitting	cookie and header
Template Injection	Jinja in most fields
XSS	practically everywhere

Secret Types

The main page contains the following secrets.

SECRET LOCATION

SECRET_KITTEN Cookie(secure)

SECRET_GUPPY Hidden Input

SECRET_SQUIRREL In BODY

SECRET_MONKEY Session Storage

SECRET_AGENT Cookie(HTTP only)

SECRET_SAMURAI HTTP header

SECRET_PANDA Server Side Local Variable

SECRET_NINJA Server Side Global Variable

SECRET_UNICORN Server Environmental Variable

SECRET	LOCATION
SECRET_KITTEN	Cookie(secure)
SECRET_GUPPY	Hidden Input
SECRET_SQUIRREL	In BODY
SECRET_MONKEY	Session Storage
SECRET_AGENT	Cookie(HTTP only)
SECRET_SAMURAI	HTTP header
SECRET_PANDA	Server Side Local Variable
SECRET_NINJA	Server Side Global Variable
SECRET_UNICORN	Server Environmental Variable

Why?

I got bored while creating yet another one-off test page to try out an attack technique, I decided to make a page that contains all the major vulnerabilities that can safely be hosted on a third party host. It also stores a bunch of secrets in the usual places so there's something to compromise. This is a work in progress, let me know if there's a change you'd like to see made. You can view the source code if you're curious what's happening server side (hint: not much).