EOC - Post #1
Tip
White-box testing keywords mega list
Here is a list of keywords to look for when reading source code.
api
api_key
api_secret_key
secret_key
secret
BEGIN
PRIVATE
private
PRIVATE_KEY
private_key
key
token
CSRF
Arrays.equals
HMAC
random
mt_rand
rand
random.org
iv
encrypt
crypt
MCRYPT
RIJNDAEL
MCRYPT_RIJNDAEL_256
ECB
ecb
password
passwd
pass
hash
hashlib
hashed
md5
sha1
sha-1
sha2
sha-2
salt
bcrypt
$2a$
PBKDF2
blake2
CVE
vulnerable
stackoverflow
SO
base64
Base64
admin
rot13
tmp
system
exec
popen
backtick operator
pcntl_exec
eval
preg_replace
create_function
exec
passthru
system
shell_exec
popen
proc_open
pcntl_exec
assert
preg_replace('/.*/e',
create_function
include
include_once
require
require_once
$_GET
phpinfo
posix_mkfifo
posix_getlogin
posix_ttyname
getenv
get_current_user
proc_get_status
get_cfg_var
disk_free_space
disk_total_space
diskfreespace
getcwd
getlastmo
getmygid
getmyinode
getmypid
getmyuid
extract
parse_str
putenv
ini_set
mail
header
proc_nice
proc_terminate
proc_close
pfsockopen
fsockopen
apache_child_terminate
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
chmod
chown
shell=True
pickle.loads
yaml.load
debug
DebuggedApplication
Debug=True
evalex=True
Math.random
The keyword text file can be found here: http://bugbountyworld.com/other/keywords.txt.
Challenge
Write a script that greps for these keywords in source code and then prints them into a file with line numbers.
Here are the different categories that you can compete in:
- Smallest script.
- Most obscure language.
- Fastest script.
- Most user-friendly.
I will test the scripts against:
- https://github.com/clarkio/vulnerable-app
- https://github.com/adamdoupe/WackoPicko
Rules
As always the rules are:
- DM me (@EdOverflow) your solution. Please send me a little write-up so that I can see how you went about solving the challenge.
- Do not post solutions in the channel.
- You may work in teams to solve challenge.
- Challenges end when at least 5 people have solved the challenge.
- If you have questions you can contact me. Please do not ask for solutions before the challenge ends.
References
- https://stackoverflow.com/questions/3115559/exploitable-php-functions