본문 바로가기
모의해킹 (WAPT)

OWASP Broken Web Applications Project 0.94 released

by 날으는물고기 2011. 9. 7.

OWASP Broken Web Applications Project 0.94 released

Our first post regarding OWASPBWA or the OWASP Broken Web Applications Project can be found here. About two months ago, an updated version – OWASPBWA version 0.94 was released!

“Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products (along with their commercial products).”

This is the official change log for OWASPBWA v0.94:

  • More fixes to hackxor applications (thanks again to Albino Wax).
  • Fixes to hackxor applications (thanks to Albino Wax for fixes).
  • Added a number of new applications, including Gruyere, Hackxor, WackoPicko, BodgeIt, TikiWiki, Joomla, Gallery2, WebCalendar, AWStats, and ZAP-Wave (thanks to Mike Cyr for lots of work in this area).
  • New and improved “home” page in the VM (thanks again to Mike Cyr).

The authors have mentioned that this VM contains many serious security issues. We strongly recommend that you run it only on the “host only” or “NAT” network in the virtual machine settings. The VM requires no installation. To use, just extract the files from your downloaded archive and then start the VM in a VMware product. Once the machine is booted, you can access it via the console, SSH, or Samba using:
Username =root 
Password =owaspbwa
The VM is entirely command line driven and GUIs such as X-Windows or other GUI systems have not been installed.

Download OWASPBWA:

OWASPBWA v0.94OWASP_Broken_Web_Apps_VM_0.94.zip, OWASP_Broken_Web_Apps_VM_0.94.7z – http://sourceforge.net/projects/owaspbwa/files/0.94/


출처 : PenTestIT
728x90

댓글