PwnedHub

PwnedHub is a vulnerable application designed exclusively for the PWAPT training course. PwnedHub contains intentional vulnerability and should never be exposed to the open Internet. This software is NOT Open Source. See the LICENSE.txt file for more information.

Using Docker

Install Docker Desktop.

Clone the PwnedHub repository.

$ git clone https://github.com/lanmaster53/pwnedhub.git

Change into the PwnedHub directory.
```
$ cd pwnedhub
```
Build the PwnedHub Docker image.
```
docker build --rm -t pwnedhub .
```
Launch the PwnedHub architecture using Docker Compose.
```
docker-compose up
```
- To launch as a daemon (no terminal logging), add the -d switch.
When done using PwnedHub, clean up the Docker environment with the following command:
```
docker-compose down
```

Installation (Ubuntu)

Install pip.

Clone the PwnedHub repository.

$ git clone https://github.com/lanmaster53/pwnedhub.git

Install the dependencies. I recommend using virtualenv to keep things tidy. The below commands do not implement virtualenv and will install to your global pip environment.
```
$ cd pwnedhub
$ pip install -r REQUIREMENTS.txt
```
Note: In Ubuntu, the lxml dependency may require installing the python-dev, libxml2-dev, libxslt-dev, and lib32z1-dev packages. Look for errors during the above process and install the needed packages. Systems other than Ubuntu will likely also require some sort of finagling to get to work. MacOS worked without issue.
Install and configure MySQL.
- Set the MySQL root user password to adminpass

Initialize the database.

$ mysql -u root -p -e "CREATE DATABASE pwnedhub"
$ mysql -u root -p pwnedhub < pwnedhub.sql

Add the application's database user.

$ mysql -h localhost -u root -padminpass
> CREATE USER 'pwnedhub'@'localhost' IDENTIFIED BY 'dbconnectpass';
> GRANT ALL PRIVILEGES ON pwnedhub.* TO 'pwnedhub'@'localhost';
> FLUSH PRIVILEGES;
> SHOW GRANTS FOR 'pwnedhub'@'localhost';
> exit;

Modify the hosts file to create the following records:

127.0.0.1   pwnedhub.com
127.0.0.1   api.pwnedhub.com

Start the MySQL server.
```
$ sudo systemctl start mysql
```
Start the PwnedHub application.
```
$ python ./pwnedhub.py
```
Start the PwnedAPI application.
```
$ python ./pwnedapi.py
```
Visit the application at http://pwnedhub.com:5000.

Name		Name	Last commit message	Last commit date
Latest commit History 340 Commits
common		common
pwnedapi		pwnedapi
pwnedhub		pwnedhub
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE.txt		LICENSE.txt
README.md		README.md
REQUIREMENTS.txt		REQUIREMENTS.txt
docker-compose.yml		docker-compose.yml
flask_session.py		flask_session.py
pwnedapi.py		pwnedapi.py
pwnedapi.sh		pwnedapi.sh
pwnedhub.py		pwnedhub.py
pwnedhub.sh		pwnedhub.sh
pwnedhub.sql		pwnedhub.sql
pwnedhub_tests.py		pwnedhub_tests.py

License

asm121/pwnedhub

Folders and files

Latest commit

History

Repository files navigation

PwnedHub

Using Docker

Installation (Ubuntu)

About

Resources

License

Stars

Watchers

Forks

Languages