Giter VIP home page Giter VIP logo

firing-range's Introduction

What is Firing Range?

Firing Range is a test bed for web application security scanners, providing synthetic, wide coverage for an array of vulnerabilities.

It can be deployed as a Google App Engine application. A public instance is running at https://public-firing-range.appspot.com.

Local installation instructions

  1. sudo apt-get install git ant
  2. Download the Appengine SDK for Java from http://cloud.google.com/appengine/downloads and unzip it in a directory.
  3. mkdir github && cd github
  4. git clone https://github.com/google/firing-range.git
  5. cd firing-range
  6. Modify build.xml so that the appengine.sdk property points to the directory where you unpacked the appengine SDK (you could also unpack it on ../../, which is the default)
  7. ant runserver

The application then will be run locally at http://localhost:8080

License information

See the LICENSE file.

firing-range's People

Contributors

aibaars avatar inian avatar jasvir avatar paradoxengine avatar pborreli avatar qll avatar quanyang avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

firing-range's Issues

Where to find an exhaustive list of exposed vulnerabilities?

Is there a place where we can find an exhaustive list of all the vulnerabilities exposed by firing-range?

I wanted to compare the result found by some tools with the reality and opening the vulnerabilities pages one by one is quite time consuming.

Thanks,

public-firing-range needs updating

The public-firing-range is several versions old and a new version needs to be pushed. Note for example the difference between what is checked into the repo and what's hosted at public-firing-range.appspot.com/dom - specifically the lack of external script loading toxicdomscripts tests.

Header Manipulation

Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
image

image

Need Solutions for some of the challenges

Hello,
I am struggling in exploiting some of the challenges, can you provide the solutions for that it will be really helpful for me to learn and understand advanced level challenges of XSS as I solved all the Reflected XSS module but I am struggling in solving EscapedXSS module.

An error occured for ClassEnhancer "ASM"

When running 'ant runserver' on Mac OSX 10.13.4 I get the multiple instances of the following error:

[enhance] Apr. 10, 2018 12:29:57 VORM. org.datanucleus.enhancer.DataNucleusEnhancer addMessage [enhance] SCHWERWIEGEND: An error occured for ClassEnhancer "ASM" when trying to call the method "org.datanucleus.enhancer.asm.ASMClassEnhancer" on class "getClassNameForFileName" : null [enhance] java.lang.IllegalArgumentException [enhance] at org.objectweb.asm.ClassReader.<init>(ClassReader.java:170) [enhance] at org.objectweb.asm.ClassReader.<init>(ClassReader.java:153) [enhance] at org.objectweb.asm.ClassReader.<init>(ClassReader.java:424) [enhance] at org.datanucleus.enhancer.asm.ASMClassEnhancer.getClassNameForFileName(ASMClassEnhancer.java:155) [enhance] at jdk.internal.reflect.GeneratedMethodAccessor1.invoke(Unknown Source) [enhance] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [enhance] at java.base/java.lang.reflect.Method.invoke(Method.java:564) [enhance] at org.datanucleus.enhancer.DataNucleusEnhancer.getClassNameForFilename(DataNucleusEnhancer.java:920) [enhance] at org.datanucleus.enhancer.DataNucleusEnhancer.getFileMetadataForInput(DataNucleusEnhancer.java:736) [enhance] at org.datanucleus.enhancer.DataNucleusEnhancer.enhance(DataNucleusEnhancer.java:545) [enhance] at org.datanucleus.enhancer.DataNucleusEnhancer.main(DataNucleusEnhancer.java:1252) [enhance] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [enhance] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [enhance] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [enhance] at java.base/java.lang.reflect.Method.invoke(Method.java:564) [enhance] at com.google.appengine.tools.enhancer.Enhancer.execute(Enhancer.java:74) [enhance] at com.google.appengine.tools.enhancer.Enhance.<init>(Enhance.java:70) [enhance] at com.google.appengine.tools.enhancer.Enhance.main(Enhance.java:50)

I am using the following Java version:

$ java --version java 10 2018-03-20 Java(TM) SE Runtime Environment 18.3 (build 10+46) Java HotSpot(TM) 64-Bit Server VM 18.3 (build 10+46, mixed mode)

You can find the full log attached,
log.log

Deploying on Google App Engine

Hello,

I am trying to deploy firing-range on GAE however I'm running into issues.
First, trying to deploy as "gcloud deploy app" I get this error:

Error: Server Error
The server encountered an error and could not complete your request.
Please try again in 30 seconds.

Second, trying to deploy as " mvn deploy: appengine" runs into many errors such as there isn't a pom file . Therefore I created the pom file but still got errors such as:

[ERROR] Could not find goal '' in plugin org.apache.maven.plugins:maven-deploy-plugin:2.7 among available goals deploy-file, help, deploy -> [Help 1]

Every time I sort out an error another comes out, which makes me wonder if I am following the correct way.
Can you provide some steps on how to deploy this app on GAE?

Thank you

2 Angular Tests Point to same URL

I noticed that both test #1 and test #11 seem to point to the exact same target from the page: angular/index.html. Seems like they should be different and Claudio agrees.

Needs a Dockerfile

https://github.com/jesuscmartinez/docker-firing-range has a Dockerfile that works, but only up to
commit c7033ad.

I adapted it to use the build context's copy of firing-range:

FROM ubuntu:trusty
RUN apt-get update \
 && apt-get install -y -qq wget unzip ant git openjdk-7-jdk \
 && apt-get clean
RUN wget https://storage.googleapis.com/appengine-sdks/featured/appengine-java-sdk-1.9.24.zip \
 && unzip appengine-java-sdk-1.9.24.zip \
 && rm appengine-java-sdk-1.9.24.zip
WORKDIR appengine-java-sdk-1.9.24/demos/firing-range
COPY build.xml build.xml
COPY src src
COPY WEB-INF WEB-INF
EXPOSE 8080
CMD ["sh", "-c", "ant -Daddress=0.0.0.0 runserver && while true; do sleep 10000; done"]

The next commit, fe45c38, ported firing-range to java 8, and I couldn't figure out how to get firing-range working with that in Docker. My experience with Java predates ant... and I'm allergic to xml :-)

Broken URLs loading scripts in tests

In all the external toxicdom tests, eg /dom/toxicdom/external/localStorage/array/eval the path to the toxicdomscripts/ servlet is wrong and breaks.

xss in css context

Hello, I am trying to find a way how to perform XSS in style tags. However it seems to me that unless I rely on deprecated or not fixed features of old browsers like :expression and -moz-binding the following pages cannot be exploted. Is it true? If so, could you give me a hint on how to exploit them?

The testcases:
/serverside/escapeHtml/css_style
/serverside/escapeHtml/css_style_font_value
/serverside/escapeHtml/css_style_value
/serverside/encodeUrl/css_style
/serverside/encodeUrl/css_style_value
/serverside/encodeUrl/css_style_value

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.