-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathsetup.php
More file actions
331 lines (256 loc) · 20.2 KB
/
setup.php
File metadata and controls
331 lines (256 loc) · 20.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
<html>
<title>Setup/Create Database</title>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
<meta name="description" content="" />
<meta name="author" content="" />
<title>WAVS</title>
<link href="css/styles.css" rel="stylesheet" />
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.2/css/all.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap">
<link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css" rel="stylesheet">
<script src="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/js/all.min.js" crossorigin="anonymous"></script>
</head>
<body class="sb-nav-fixed">
<nav class="sb-topnav navbar navbar-expand-sm bg-dark navbar-dark"><a href="./index.php">
</a><a class="navbar-brand" href="index.php"><font size="7" face="Revamped" color="white">WAVS</font></a><button class="btn btn-link btn-sm order-1 order-lg-0" id="sidebarToggle" href="#"><svg class="svg-inline--fa fa-bars fa-w-14" aria-hidden="true" focusable="false" data-prefix="fa" data-icon="bars" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512" data-fa-i2svg=""><path fill="currentColor" d="M16 132h416c8.837 0 16-7.163 16-16V76c0-8.837-7.163-16-16-16H16C7.163 60 0 67.163 0 76v40c0 8.837 7.163 16 16 16zm0 160h416c8.837 0 16-7.163 16-16v-40c0-8.837-7.163-16-16-16H16c-8.837 0-16 7.163-16 16v40c0 8.837 7.163 16 16 16zm0 160h416c8.837 0 16-7.163 16-16v-40c0-8.837-7.163-16-16-16H16c-8.837 0-16 7.163-16 16v40c0 8.837 7.163 16 16 16z"></path></svg><!-- <i class="fa fa-bars"></i> --></button>
<!-- Navbar Search-->
<form class="d-none d-md-inline-block form-inline ml-auto mr-0 mr-md-3 my-2 my-md-0">
<div class="input-group">
<div class="input-group-append">
</div>
</div>
</form>
<!-- Navbar-->
<ul class="navbar-nav ml-auto ml-md-0">
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" id="userDropdown" href="#" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"><svg class="svg-inline--fa fa-user-secret fa-w-14" aria-hidden="true" focusable="false" data-prefix="fa" data-icon="user-secret" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512" data-fa-i2svg=""><path fill="currentColor" d="M383.9 308.3l23.9-62.6c4-10.5-3.7-21.7-15-21.7h-58.5c11-18.9 17.8-40.6 17.8-64v-.3c39.2-7.8 64-19.1 64-31.7 0-13.3-27.3-25.1-70.1-33-9.2-32.8-27-65.8-40.6-82.8-9.5-11.9-25.9-15.6-39.5-8.8l-27.6 13.8c-9 4.5-19.6 4.5-28.6 0L182.1 3.4c-13.6-6.8-30-3.1-39.5 8.8-13.5 17-31.4 50-40.6 82.8-42.7 7.9-70 19.7-70 33 0 12.6 24.8 23.9 64 31.7v.3c0 23.4 6.8 45.1 17.8 64H56.3c-11.5 0-19.2 11.7-14.7 22.3l25.8 60.2C27.3 329.8 0 372.7 0 422.4v44.8C0 491.9 20.1 512 44.8 512h358.4c24.7 0 44.8-20.1 44.8-44.8v-44.8c0-48.4-25.8-90.4-64.1-114.1zM176 480l-41.6-192 49.6 32 24 40-32 120zm96 0l-32-120 24-40 49.6-32L272 480zm41.7-298.5c-3.9 11.9-7 24.6-16.5 33.4-10.1 9.3-48 22.4-64-25-2.8-8.4-15.4-8.4-18.3 0-17 50.2-56 32.4-64 25-9.5-8.8-12.7-21.5-16.5-33.4-.8-2.5-6.3-5.7-6.3-5.8v-10.8c28.3 3.6 61 5.8 96 5.8s67.7-2.1 96-5.8v10.8c-.1.1-5.6 3.2-6.4 5.8z"></path></svg><!-- <i class="fa fa-user-secret"></i> --></a>
<div class="dropdown-menu dropdown-menu-right" aria-labelledby="userDropdown">
<a class="dropdown-item" href="index.php">Home</a>
<!--<a class="dropdown-item" href="About.php">Team</a>-->
<a class="dropdown-item" href="#">Setup/Reset Machine</a>
</div>
</li>
</ul>
</nav>
<div id="layoutSidenav">
<div id="layoutSidenav_nav">
<nav class="sb-sidenav accordion sb-sidenav-dark" id="sidenavAccordion">
<div class="sb-sidenav-menu">
<div class="nav">
<!-- <div class="sb-sidenav-menu-heading">Dashboard</div> -->
<br><a class="nav-link" href="index.php">
<div class="sb-nav-link-icon"><i class="fa fa-home"></i></div>
HOME</a>
<div class="sb-sidenav-menu-heading">Vulnerable Machines</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse1" aria-expanded="false" aria-controls="collapse1">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
SQL Injection
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse1" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/injections/inject.php">About</a>
<a class="nav-link" href="attacks/injections/auth.php">Authentication Bypass</a>
</nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse2" aria-expanded="false" aria-controls="collapse2">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Broken Authentication and Session Management
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse2" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/broken/broken_main.php">About</a>
<a class="nav-link" href="attacks/broken/lesson1.php">Weak Login Credentials</a></nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse3" aria-expanded="false" aria-controls="collapse3">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Cross-Site Scripting (XSS)
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse3" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/xss/xss_main.php">About</a>
<a class="nav-link" href="attacks/xss/xss_r.php">Reflected XSS</a>
<a class="nav-link" href="attacks/xss/xss_s.php">Stored XSS</a></nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse4" aria-expanded="false" aria-controls="collapse4">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Security Misconfiguration
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse4" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/security_misconfiguration/sec.php">About</a>
<a class="nav-link" href="attacks/security_misconfiguration/bruteforce.php">Brute Force Attack</a></nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse5" aria-expanded="false" aria-controls="collapse5">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Sensitive Data Exposure
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse5" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/senstive_data_exposure/sde.php">About</a>
<a class="nav-link" href="attacks/senstive_data_exposure/plaintext.php">User Credentials Sent in Plaintext</a>
<a class="nav-link" href="attacks/senstive_data_exposure/plaintext_db.php">Plaintext Passwords from Database</a>
</nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse6" aria-expanded="false" aria-controls="collapse6">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Missing Function Level Access Control
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse6" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/missing_function/msflac.php">About</a>
<a class="nav-link" href="attacks/missing_function/unauthenticated.php">Unauthenticated User Access to Admin</a>
</nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse7" aria-expanded="false" aria-controls="collapse7">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Cross-Site Request Forgery (CSRF)
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse7" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/csrf/csrf_main.php">About</a>
<a class="nav-link" href="attacks/csrf/gmail.php">CSRF in Gmail
</a><a class="nav-link" href="attacks/csrf/comment.php">CSRF in Comment Box</a>
</nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse8" aria-expanded="false" aria-controls="collapse8">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Unvalidated Redirects And Forwards
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse8" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/unvalidated_redirects/unvalidated.php">About</a>
<a class="nav-link" href="attacks/unvalidated_redirects/manual.php">Manual Redirects
</a><a class="nav-link" href="attacks/unvalidated_redirects/automatic.php">Automatic Redirects</a>
</nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse9" aria-expanded="false" aria-controls="collapse9">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Unrestricted File Upload
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse9" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/file_inclusion/fi.php">About</a>
<a class="nav-link" href="attacks/file_inclusion/arbitrary.php">Arbitrary File Upload</a></nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapse10" aria-expanded="false" aria-controls="collapse10">
<div class="sb-nav-link-icon"><i class="fa fa-unlock-alt"></i></div>
Click Jacking
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div>
</a>
<div class="collapse" id="collapse10" aria-labelledby="headingOne" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="attacks/click_jacking/click_jack.php">About</a>
<a class="nav-link" href="attacks/click_jacking/Click.html">Click Jacking Practical</a>
</nav>
</div>
<!-- <a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#collapsePages" aria-expanded="false" aria-controls="collapsePages">
<div class="sb-nav-link-icon"><i class="fas fa-book-open"></i></div>
Pages
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i>
</div></a>
<div class="collapse" id="collapsePages" aria-labelledby="headingTwo" data-parent="#sidenavAccordion">
<nav class="sb-sidenav-menu-nested nav accordion" id="sidenavAccordionPages">
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#pagesCollapseAuth" aria-expanded="false" aria-controls="pagesCollapseAuth"
>Authentication
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i></div
></a>
<div class="collapse" id="pagesCollapseAuth" aria-labelledby="headingOne" data-parent="#sidenavAccordionPages">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="login.html">Login</a><a class="nav-link" href="register.html">Register</a><a class="nav-link" href="password.html">Forgot Password</a></nav>
</div>
<a class="nav-link collapsed" href="#" data-toggle="collapse" data-target="#pagesCollapseError" aria-expanded="false" aria-controls="pagesCollapseError"
>Error
<div class="sb-sidenav-collapse-arrow"><i class="fas fa-angle-down"></i></div
></a>
<div class="collapse" id="pagesCollapseError" aria-labelledby="headingOne" data-parent="#sidenavAccordionPages">
<nav class="sb-sidenav-menu-nested nav"><a class="nav-link" href="401.html">401 Page</a><a class="nav-link" href="404.html">404 Page</a><a class="nav-link" href="500.html">500 Page</a></nav>
</div>
</nav>
</div> -->
</div>
</div>
</nav>
</div>
<div id="layoutSidenav_content">
<main>
<div class="container-fluid">
<!-- <h1 class="mt-4" align="center"><b>Web Application Vulnerability Simulation</b></h1> -->
<h1 class="mt-4" align="center"><b>Web Application Vulnerability Simulation</b></h1>
<ol class="breadcrumb mb-4">
<li class="breadcrumb-item active"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active"><a href="#">Setup Reset Machine</a></li>
</ol>
</div>
<div>
<center><h1><b>Database Setup</b></h1></center>
<div class="card text-dark bg-white mb-3 z-depth-2" style="max-width: 80rem;">
<div class="card-body">
<!-- <h5 class="card-title">Hint</h5> -->
<p class="card-text"><ul>
<li>For Setup the Database again, click on the "Create / Reset Database" Button below to Create or Reset your Database.</li>
<li>By clicking on the "Create / Reset Database" Button below, You'll get a page saying "Database has been Created".</li>
<li>If the Database already exists, clicking this will Overwrite it and the data in the previous Database will be Reset.</li>
<li>You can also use the "Create / Reset Database" Button below anytime when you want to clear the data of the Functionalities of the Simulator.</li>
</ul></p>
</div>
</div>
<br>
<br>
<a href="reset.php">
<center><button>Create/Reset Database</button></center>
</a>
<!-- <div class="z-depth-5" style="max-width: 50rem;">
.z-depth-5
</div> -->
</div>
</main>
<footer class="py-4 bg-light mt-auto">
<div class="container-fluid">
<div class="d-flex align-items-center justify-content-between small">
<div class="text-muted">Copyright © WAVS 2020</div>
<div>
<a href="#">Privacy Policy</a>
·
<a href="#">Terms & Conditions</a>
</div>
</div>
</div>
</footer></div>
</div>
<div class="w3-overlay w3-hide-large" onclick="w3_close()" style="cursor:pointer" title="close side menu" id="myOverlay"></div>
<section class="content">
<br>
<style>
button {
background-color: #4CAF50;
color: white;
padding: 5px 20px;
margin: auto;
border: none;
cursor: pointer;
}
button:hover {
opacity: 0.8;
}
</style>
</section>
<!-- page end -->
</div>
<script src="https://code.jquery.com/jquery-3.4.1.min.js" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js" crossorigin="anonymous"></script>
<script src="js/scripts.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js"></script>
</body>
</html>