【Penetration Test 01】Pikachu Shooting Range Construction

Table of contents

1 Overview

  1. After learning most of the vulnerabilities, this column is mainly to review the vulnerabilities learned before and fully experience the penetration testing process.
  2. For beginners, it is more dangerous and inefficient to infiltrate the network directly on the public network (for the following reasons), so this column builds a pikachu shooting range on a virtual machine for practice.
    1. There are few vulnerabilities on public Internet sites, and even if there are, the same type of website vulnerability is relatively rare;
    2. Whether there are loopholes in Internet sites is an unknown, that is to say, there is no standard to measure whether it can be done or not, which may make beginners feel overwhelmed.

2 Introduction to pikachu shooting range

  1. Pikachu is a vulnerable web application system that contains common web security vulnerabilities. If you are a web penetration testing learner and are worried about not having a suitable shooting range to practice, then Pikachu may be just for you.
  2. Download URL: https://github.com/zhuifengshaonianhanlu/pikachu
  3. The list of vulnerability types on Pikachu is as follows:
    1. Burt Force (brute force exploit)
    2. XSS (Cross Site Scripting Vulnerability)
    3. CSRF (Cross Site Request Forgery)
    4. SQL-Inject (SQL injection vulnerability)
    5. RCE (Remote Command/Code Execution)
    6. Files Inclusion
    7. Unsafe file downloads
    8. Unsafe file uploads
    9. Over Permission
    10. …/…/…/ (directory traversal)
    11. I can see your ABC (Sensitive Information Disclosure)
    12. PHP deserialization vulnerability
    13. XXE(XML External Entity attack)
    14. Insecure URL redirection
    15. SSRF(Server-Side Request Forgery)

3 Construction process

  1. Installation Environment. Pikachu uses PHP language for development, and the database uses mysql, so to run Pikachu, you need to install the basic environment of “PHP+MYSQL+ middleware (such as apache, nginx, etc.)” in advance. This article installs the win2008 system and the phpstudy suite in the virtual machine, For specific steps, refer to the article ” [Win2008R2SP1+WAMP Environment Deployment]” in advance. This article installs the win2008 system and the phpstudy suite in the virtual machine, For specific steps, refer to the article ” Win2008R2SP1+WAMP Environment Deployment “.
  2. Download the source package. Open the website https://github.com/zhuifengshaonianhanlu/pikachu and download the compressed package.
  3. Unzip and rename. Unzip the zip file downloaded above and rename the folder to pikachiu.
  4. Copy files. Copy the above folder to the root directory of the virtual machine website.
  5. Modify the configuration file. Find the configuration file in the source package as shown below, check whether the database user name and password are the same as those set when building the environment, and set your own database name.
  6. Create a new database. Open the database background management page, and create a new database according to the content of the above configuration file.
  7. Browser access http://192.168.1.4/pikachu/, slide down on the home page, and click XSS background.
  8. Click Install.
  9. The installation is complete.
  10. Back to the home page, it is still the same here. It is estimated that the source code is a little problem, but it can be used.

4 Summary

  1. Build a shooting range for replicating vulnerability knowledge.

references

  1. Pikachu shooting range full level explanation (including code audit)

Leave a Comment

Your email address will not be published. Required fields are marked *