Educational penetration testing using Vulhub. Recreated and documented exploits for 11 high-impact vulnerabilities across popular web applications.
π₯ View the Full Report (PDF)
This repository contains exploit walkthroughs and PoCs for a curated list of known vulnerabilities, recreated using Vulhub β a Docker-based environment for learning and practicing exploitation techniques.
β οΈ Warning: This repository is for educational purposes only. Use these techniques responsibly and only in controlled environments. Unauthorized testing on systems without permission is illegal and unethical.
| # | Target Application | CVE ID | Type |
|---|---|---|---|
| 1 | Apache Superset 2.0.1 | CVE-2023-27524 | Authentication Bypass |
| 2 | Celery 3.1.23 + Redis | CVE-2020-11981 | Arbitrary Code Execution |
| 3 | ThinkPHP 5.0.9 | in-sqlinjection | SQL Injection |
| 4 | Apache Tomcat | CVE-2017-12615 | Remote Code Execution (JSP Upload) |
| 5 | Adobe ColdFusion 8.0.1 | CVE-2010-2861 | Directory Traversal |
| 6 | GitLab 13.10.1 | CVE-2021-22205 | Remote Code Execution |
| 7 | Jenkins 2.46.1 | CVE-2017-1000353 | Remote Code Execution |
| 8 | Metabase 2 | CVE-2023-38646 | Pre-authentication RCE |
| 9 | Nexus Repository Manager | CVE-2024-4956 | Directory Traversal |
| 10 | Glassfish 4.1.0 | CVE-2017-1000028 | Directory Traversal |
| 11 | phpMyAdmin 4.8.1 | CVE-2018-12613 | Local File Inclusion (LFI) |
-
Clone Vulhub:
git clone https://github.com/vulhub/vulhub.git cd vulhub -
Navigate to the Application Directory:
cd <application-directory>
-
Launch the Vulnerable Environment:
docker-compose up -d
-
Access and Test: Visit the service URL on your browser (e.g., http://localhost:8080) and follow walkthrough steps to exploit each vulnerability.
This project is a collaborative effort by:
- Cyril Thomas β Exploit research, testing, and documentation.
- Michelle Waldenmaier β Exploit research, testing, and documentation.
Equal contribution was made by both authors.
Inspired by the incredible work at Vulhub, which provides containerized vulnerable environments.
This repository is licensed under the MIT License.