From f556ac5cd2af1d1ba35de5fad3dbd412b8192236 Mon Sep 17 00:00:00 2001 From: taqin Date: Sun, 19 Apr 2026 21:14:46 +0700 Subject: [PATCH] first commit --- vuln-lab/README.md | 21 ++++++++++----------- vuln-lab/docker-compose.yml | 16 ++-------------- 2 files changed, 12 insertions(+), 25 deletions(-) diff --git a/vuln-lab/README.md b/vuln-lab/README.md index bbdc50f..8a966b5 100644 --- a/vuln-lab/README.md +++ b/vuln-lab/README.md @@ -33,26 +33,25 @@ Host header works: **Android (testing from PocketPentester on device)** — set your phone's Wi-Fi DNS to the dev machine, or just use the host's LAN IP directly: ``` -http://192.168.x.x/ (or whatever your dev box IP is) +http://192.168.x.x:8080/ (or whatever your dev box IP is) ``` Smoke-test from the host: ```bash -curl http://insecure.newploit.com/ -curl http://insecure.newploit.com/.env -curl "http://insecure.newploit.com/search.php?q=" +curl http://insecure.newploit.com:8080/ +curl http://insecure.newploit.com:8080/.env +curl "http://insecure.newploit.com:8080/search.php?q=" ``` --- ## Open ports -| Port | Service | Notes | -|--------|-------------------|--------------------------------------------| -| 80 | Apache 2.4 + PHP | main web app | -| 443 | Apache TLS | snakeoil cert for ssl_scan | -| 3306 | MariaDB 10.11 | root:toor, also dbuser:dbpass123 | -| 21 | vsftpd | anonymous:anonymous | +| Host port | Service | Notes | +|-----------|-------------------|--------------------------------------------| +| 8080 | Apache 2.4 + PHP | main web app (→ container 80) | +| 8443 | Apache TLS | snakeoil cert for ssl_scan (→ 443) | +| 3306 | MariaDB 10.11 | root:toor, also dbuser:dbpass123 | --- @@ -65,7 +64,7 @@ Everything below is already wired. Point the tool at `insecure.newploit.com` | Arsenal module | Where it hits | |------------------|------------------------------------------------------------------| -| `port_scan` | 21 / 80 / 443 / 3306 open | +| `port_scan` | 3306 / 8080 / 8443 open (host-mapped ports) | | `httpx` | Title `Newploit :: insecure test lab`, Server `Apache/2.4.57 …` | | `banner` | Apache + MySQL banners expose full version | | `ssl_scan` | Self-signed CN=insecure.newploit.com on :443 | diff --git a/vuln-lab/docker-compose.yml b/vuln-lab/docker-compose.yml index 64bdf08..d19b0ad 100644 --- a/vuln-lab/docker-compose.yml +++ b/vuln-lab/docker-compose.yml @@ -4,8 +4,8 @@ services: container_name: newploit-web hostname: insecure.newploit.com ports: - - "80:80" - - "443:443" + - "8080:80" + - "8443:443" environment: DB_HOST: db DB_NAME: newploit @@ -38,18 +38,6 @@ services: networks: - newploit - ftp: - image: delfer/alpine-ftp-server - container_name: newploit-ftp - ports: - - "21:21" - - "21000-21010:21000-21010" - environment: - USERS: "anonymous|anonymous" - ADDRESS: insecure.newploit.com - networks: - - newploit - networks: newploit: driver: bridge