This exploit collection comprises scripts, snippets and tools that can be used to attack the Unguard demo application and showcase common vulnerabilities of all sorts.
Execute arbitrary shell commands with one of the following:
- In Java, in the image posting feature of the
proxy-service - In Java, in the markdown conversion in the
profile-service - In Lua, through a Lua filter in the
envoy-proxy
All three services do not properly validate user input.
Inject custom queries to a Redis instance via header injection.
Authenticate as another user via a forged JSON web token.
Achieve RCE by abusing the Log4Shell vulnerability that allows JNDI injection.
Access and exploit internal services through Server Side Request Forgery.
Write arbitrary files with specially crafted archives holding directory traversal filenames..
Run SQL commands by sending unchecked payloads.
Inject arbitrary HTML into your profile page.