fdciabdul/PocketPentester
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
taqin
2026-04-19 21:14:46 +07:00
parent 27381d4e37
commit f556ac5cd2
2 changed files with 12 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
vuln-lab/README.md
View File

@@ -33,26 +33,25 @@ Host header works:
**Android (testing from PocketPentester on device)** — set your phone's **Android (testing from PocketPentester on device)** — set your phone's
Wi-Fi DNS to the dev machine, or just use the host's LAN IP directly: Wi-Fi DNS to the dev machine, or just use the host's LAN IP directly:
``` ```
http://192.168.x.x/ (or whatever your dev box IP is) http://192.168.x.x:8080/ (or whatever your dev box IP is)
``` ```
Smoke-test from the host: Smoke-test from the host:
```bash ```bash
curl http://insecure.newploit.com/ curl http://insecure.newploit.com:8080/
curl http://insecure.newploit.com/.env curl http://insecure.newploit.com:8080/.env
curl "http://insecure.newploit.com/search.php?q=<svg/onload=alert(1)>" curl "http://insecure.newploit.com:8080/search.php?q=<svg/onload=alert(1)>"
``` ```
--- ---
## Open ports ## Open ports
| Port | Service | Notes | | Host port | Service | Notes |
|--------|-------------------|--------------------------------------------| |-----------|-------------------|--------------------------------------------|
| 80 | Apache 2.4 + PHP | main web app | | 8080 | Apache 2.4 + PHP | main web app (→ container 80) |
| 443 | Apache TLS | snakeoil cert for ssl_scan | | 8443 | Apache TLS | snakeoil cert for ssl_scan (→ 443) |
| 3306 | MariaDB 10.11 | root:toor, also dbuser:dbpass123 | | 3306 | MariaDB 10.11 | root:toor, also dbuser:dbpass123 |
| 21 | vsftpd | anonymous:anonymous |
--- ---
@@ -65,7 +64,7 @@ Everything below is already wired. Point the tool at `insecure.newploit.com`
| Arsenal module | Where it hits | | Arsenal module | Where it hits |
|------------------|------------------------------------------------------------------| |------------------|------------------------------------------------------------------|
| `port_scan` | 21 / 80 / 443 / 3306 open | | `port_scan` | 3306 / 8080 / 8443 open (host-mapped ports) |
| `httpx` | Title `Newploit :: insecure test lab`, Server `Apache/2.4.57 …` | | `httpx` | Title `Newploit :: insecure test lab`, Server `Apache/2.4.57 …` |
| `banner` | Apache + MySQL banners expose full version | | `banner` | Apache + MySQL banners expose full version |
| `ssl_scan` | Self-signed CN=insecure.newploit.com on :443 | | `ssl_scan` | Self-signed CN=insecure.newploit.com on :443 |

16
vuln-lab/docker-compose.yml
View File

@@ -4,8 +4,8 @@ services:
container_name: newploit-web container_name: newploit-web
hostname: insecure.newploit.com hostname: insecure.newploit.com
ports: ports:
- "80:80" - "8080:80"
- "443:443" - "8443:443"
environment: environment:
DB_HOST: db DB_HOST: db
DB_NAME: newploit DB_NAME: newploit
@@ -38,18 +38,6 @@ services:
networks: networks:
- newploit - newploit
ftp:
image: delfer/alpine-ftp-server
container_name: newploit-ftp
ports:
- "21:21"
- "21000-21010:21000-21010"
environment:
USERS: "anonymous|anonymous"
ADDRESS: insecure.newploit.com
networks:
- newploit
networks: networks:
newploit: newploit:
driver: bridge driver: bridge