Skip to content

suryadina/simple-vuln-web-demo-01

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
poc
poc
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.py
app.py
 
 
docker-compose.yml
docker-compose.yml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

simple-vuln-web-demo-01

This repository contains vulnerable Flask App for demo/education purposes.

How to Use - Without Docker

  1. Clone the repository
git clone https://github.com/suryadina/simple-vuln-web-demo-01.git
  1. Setup python virtual environment
python3 -m venv myenv
  1. Activate virtual environment

on MacOs/Linux

source myenv/bin/activate

on Windows

myenv\Scripts\activate
  1. Install Flask
pip install Flask
  1. Change directory
cd simple-vuln-web-demo-01/
  1. Run the app
Flask run
  1. The app will run on localhost port 5000. Use web browser to access it http://127.0.0.1:5000.

How to use - With Docker

  1. Clone the repository
git clone https://github.com/suryadina/simple-vuln-web-demo-01.git
  1. Run
docker compose up --build -d
  1. The app will run on localhost port 5000. Use web browser to access it http://127.0.0.1:80.

⚠️ Warning: The app is vulnerable to Remote Command Injection. The steps above will only expose the app to localhost which prevent remote access to the app. Please don't expose the app to external connection unless you understand the risk. Exposing the app to remote connection might allow real hacker to exploit the vulnerability and compromise the Host!!

About

This repository contains vulnerable Flask App for demo/education purposes.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages