Skip to content

flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.

License

Notifications You must be signed in to change notification settings

ShiftLeftSecurity/flask-webgoat

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

flask-webgoat

flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.

                                                (_(
                                                /_/'_____/)
                                                "  |      |
                                                   |""""""|
███████╗██╗      █████╗ ███████╗██╗  ██╗    ██╗    ██╗███████╗██████╗  ██████╗  ██████╗  █████╗ ████████╗
██╔════╝██║     ██╔══██╗██╔════╝██║ ██╔╝    ██║    ██║██╔════╝██╔══██╗██╔════╝ ██╔═══██╗██╔══██╗╚══██╔══╝
█████╗  ██║     ███████║███████╗█████╔╝     ██║ █╗ ██║█████╗  ██████╔╝██║  ███╗██║   ██║███████║   ██║
██╔══╝  ██║     ██╔══██║╚════██║██╔═██╗     ██║███╗██║██╔══╝  ██╔══██╗██║   ██║██║   ██║██╔══██║   ██║
██║     ███████╗██║  ██║███████║██║  ██╗    ╚███╔███╔╝███████╗██████╔╝╚██████╔╝╚██████╔╝██║  ██║   ██║
╚═╝     ╚══════╝╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝     ╚══╝╚══╝ ╚══════╝╚═════╝  ╚═════╝  ╚═════╝ ╚═╝  ╚═╝   ╚═╝

Run

python -m venv .venv
. .venv/bin/activate
pip install -r requirements.txt
FLASK_APP=run.py flask run

Vulnerabilities

This project contains the following vulnerabilities:

  • Remote Code Execution
  • SQL injection
  • Insecure Deserialization
  • Directory Traversal
  • Open Redirect
  • Sensitive Data Exposure
  • Broken Access Control
  • Security Misconfiguration

You can find each one in the codebase by grepping for the string vulnerability:

$ grep vulnerability . -R -n | grep -v README
./flask_webgoat/actions.py:43:    # vulnerability: Remote Code Execution
./flask_webgoat/users.py:37:    # vulnerability: SQL Injection
./flask_webgoat/auth.py:17:    # vulnerability: SQL Injection
./flask_webgoat/actions.py:60:    # vulnerability: Insecure Deserialization
./flask_webgoat/actions.py:35:        # vulnerability: Directory Traversal
./flask_webgoat/auth.py:45:        # vulnerability: Open Redirect
./flask_webgoat/__init__.py:12:        # vulnerability: Sensitive Data Exposure
./run.py:7:    # vulnerability: Broken Access Control
./run.py:9:    # vulnerability: Security Misconfiguration

How to test

$ curl -b cookie.txt -d'username=admin&password=admin' localhost:5000/login
$ curl -c cookie.txt localhost:5000/grep_processes?name=kworker
$ curl -c cookie.txt "localhost:5000/grep_processes?name=xxx%20%26%26%20touch%20%2Ftmp%2Fpwnd"

About

flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published