Damn Vulnerable Web Application (DVWA) Installation script for Kali Linux


I recently needed to setup a series of labs for an introduction to security course.  I decided to use Kali Linux as the primary VM for all of the students and then install Damn Vulnerable Web Application (DVWA) to explore basic web security concepts.  Since this is an introductory course, I didn’t want anyone to get too hung-up on the installation of DVWA so I went looking for a scalable way to help automate (I still wanted the installation to be hands-on after all).  I found a script to install DVWA on BackTrack 5 posted by Travis Phillips on The Unl33t Blog, it didn’t quite work but was a great foundation for me to create an updated version.  The primary items that needed to be updated where the location to download DVWA, any file-handling commands based off of the download and then a few tweaks to creating and updating the database.  Create a script and copy/paste the contents below into the file.  Make sure to give the file execute permissions: Continue reading

Shellshock Bash Bug

Shellshock Bash Bug

Everyone’s probably heard of the Shellshock Bash bug by now, which was announced with CVE-2014-6271 on September 24, 2014.  According to the announcement:

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka “ShellShock.”

Continue reading

Drupal SQL Injection Vulnerability

Drupal SQL Injection – SA-CORE-2014-005

This posting discusses the Drupal SQL Injection vulnerability from https://www.drupal.org/SA-CORE-2014-005, which affected Drupal versions 7.0 – 7.31.  This security announcement was released on October 15, 2014 and was marked as Highly Critical.  By October 29th, the Drupal Security Team posted a follow-on Public Service Announcement (PSA), https://www.drupal.org/PSA-2014-003, which warned that all Drupal sites should be considered compromised if not patched by Oct 15th, 11pm UTC – only seven hours after the initial security release! Continue reading