By Tim Brown
Recently myself and a colleague were asked to give some training to some ASP.net developers. My colleague was asked to give the main training session whilst I was asked to run a post training game to test the developers retention of the concepts. After looking at some of the existing ASP.net applications I decided I'd like to write my own. The result of this is VulnApp, a BSD licensed ASP.net application implementing some of the most common applications we come across on our penetration testing engagements. Whilst I'm not intending to package this up into a standalone install, today I committed the source to my CVS server so that others can, if they like, make use of it.
To make it easier for developers to learn, I've logged tickets for all of the intentional vulnerabilities I've introduced along the way. Be aware that there might be others I've missed, particularly gaps in the enforcement of ACLs and logic bugs. I'd encourage you to log any other vulnerabilies you find along the way. Since the application was developed in alignment with OWASP's top 10, the following mapping may help:
A2: Cross-Site Scripting (XSS):
A3: Broken Authentication and Session Management:
A4: Insecure Direct Object References:
A5: Cross-Site Request Forgery (CSRF):
A6: Security Misconfiguration:
A7: Insecure Cryptographic Storage:
A8: Failure to Restrict URL Access:
A9: Insufficient Transport Layer Protection:
A10: Unvalidated Redirects and Forwards:
Music: Nothing playing right now
You are unknown, comment?