cspf-founder / javavulnerablelab Goto Github PK

Running the downloaded jar file from http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download
results in the following error:

HTTP Status 500 - Unable to compile class for JSP:
attached screenshot

Everything seemed to be going ok (Windows 10 Pro) until the compilation phase.

Unfortunately, I'm not versed in Docker to be able to troubleshoot.

Downloaded from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.jar (640 kB at 1.1 MB/s)
[�[1;34mINFO�[m] Changes detected - recompiling the module!
[�[1;33mWARNING�[m] File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent!
[�[1;34mINFO�[m] Compiling 15 source files to /usr/local/tomcat/target/classes
[INFO] -------------------------------------------------------------
[ERROR�[m] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] Source option 5 is no longer supported. Use 6 or later.
[ERROR] Target option 1.5 is no longer supported. Use 1.6 or later.
[INFO] 2 errors
[�[1;34mINFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[�[1;34mINFO] ------------------------------------------------------------------------
[INFO] Total time: 12.798 s
[INFO] Finished at: 2020-04-29T14:55:00Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.1:compile�[m (default-compile) on project JavaVulnerableLab: Compilation failure: Compilation failure:
[ERROR] Source option 5 is no longer supported. Use 6 or later.
[ERROR] Target option 1.5 is no longer supported. Use 1.6 or later.
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e�[m switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[�[1;31mERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
cp: cannot stat 'target/.war': No such file or directory
ERROR: Service 'javavulnlab' failed to build: The command '/bin/sh -c mvn clean package ; cp target/.war /usr/local/tomcat/webapps/' returned a non-zero code: 1
PS C:\temp\JavaVulnerableLab-master>

In Method 4 using the WAR file, it would be nice to have some directions on how mySQL server needs to be installed and configured in order for the JDBC connection to work properly. I have spent a good 15-20 hours trying to get the install to work including attempting to debug the source code using Eclipse, but have not successfully gotten the db scripts to connect or run. I am running the application on the following:
Tomcat 8.5x - app is deployed and running successfully
Windows Server 2012
MySQL 5.5.62 - full install with all default values

The docker and VM methods work great, but I'd like to be able to show a full deployment of the application to new users.

数据库结构是什么样的？求建表语句

Hi,
According to lectures in udemy, if you try with the latest version of the code xsl and xml exceptions can not be reproduced due to null pointer exceptions.

Hello,
I would like to know if someone has already built a penetration testing script for all vulnerabilities included in Java Vulnerable Lab.
Thanks in advance,
Mario

Any chance you can put up some installation directions?

I'm getting below error when trying to create database from http://localhost:8080/JavaVulnerableLab/install.jsp.

Error in browser : Something went wrong. Unable to install

Error in logs:

javavulnlab_1 | 29-Apr-2021 02:35:50.446 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
javavulnlab_1 | 29-Apr-2021 02:35:50.483 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [1013] milliseconds
javavulnlab_1 | SQLException: Communications link failure
javavulnlab_1 |
javavulnlab_1 | The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
javavulnlab_1 | SQLState: 08S01
javavulnlab_1 | VendorError: 0

The md file says, "The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/"

But when you follow that link you get a message that the course has been removed from Udemy. Do you have a copy of it elsewhere?

Was there a problem with it that Udemy didn't like?

Can I help you fix it?