search

rosatolen / owaspbwa

Automatically exported from code.google.com/p/owaspbwa
0 stars 0 forks source link

More Broken/Old Web Applications #14

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
After seeing Rapid7's post about setting up a lab with UltimateLAMP (last 
updated ~2006), I wanted to attempt to get some more old web apps in BWA.  
There is no reason to use a product that is 5yrs old when this one should work 
much better.  
I will start work on adding some of the web applications that UltimateLAMP has, 
that OWASPBWA is missing.
My list starts as follows:

TextPattern (4.0.3)
Serendipity (0.9.1) -> 
http://prdownloads.sourceforge.net/php-blog/serendipity-0.9.1.tar.gz?download
MediaWiki (1.6.5) -> version .3 and .8 http://dumps.wikimedia.org/mediawiki/1.6/
TikiWiki (1.9.3.1) -> 1.9.11 
http://sourceforge.net/projects/tikiwiki/files/TikiWiki%201.9.x%20-Sirius-/tiki%
201.9.11/tikiwiki-1.9.11.tar.gz/download
PHP Gallery (2.1.1a) -> http://gallery.menalto.com/gallery_2.1.1_released
Moodle (1.5.3) -> 
http://download.moodle.org/download.php/stable15/moodle-1.5.3.tgz
OsCommerce (2.2m2) -> http://www.exploit-db.com/application/15472/
Zen Cart (1.3.0) -> 
http://sourceforge.net/projects/zencart/files/CURRENT_%20Zen%20Cart%201.3.x%20Se
ries/Zen%20Cart%20v1.3.0.0%20-%20Initial%20Release/
PhpWebSite (0.10.2)
Joomla (1.0.1)
eGroupWare (1.2.1)
Drupal (4.7.0) -> http://ftp.drupal.org/files/projects/drupal-4.7.0.tar.gz
Sugar CRM (4.2.0) -> 
http://www.sugarforge.org/frs/download.php/1365/SugarSuite-4.2.0d.zip
Owl (0.90)
WebCalendar (1.0.3) -> 
http://sourceforge.net/projects/webcalendar/files/webcalendar%201.0/1.0.3/WebCal
endar-1.0.3.tar.gz/download
Dot Project (2.0.2) -> 
http://sourceforge.net/projects/dotproject/files/dotproject/dotProject%20version
%202.0.2/dotproject-v2.0.2.tar.gz/download
PhpAdsNew (2.0.8) -> 
http://sourceforge.net/projects/phpadsnew/files/Current%20Release/phpAdsNew%202.
0.8-pr1/phpAdsNew-2.0.8-pr1.tar.gz/download
Bugzilla (2.22) -> 
http://ftp.mozilla.org/pub/mozilla.org/webtools/archived/bugzilla-2.22.tar.gz
PhpMyAdmin (2.8.0.3)
Webmin (1.270) -> 
http://sourceforge.net/projects/webadmin/files/webmin/1.270/webmin-1.270.tar.gz/
download

I would also like to make the index page for OWASPBWA better organized.  I much 
prefer the UltimateLAMP version, it is just prettier and more organized in my 
opinion.

Original issue reported on code.google.com by MichaelTCyr@gmail.com on 15 Apr 2011 at 11:29

GoogleCodeExporter commented 9 years ago 
rapid 7 reference: http://blog.rapid7.com/?p=5791

Original comment by MichaelTCyr@gmail.com on 15 Apr 2011 at 11:30

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
webmin module
Password is admin/admin
Upon approval/confirmation of it working, i'll add it into the index.html file 
previously submitted.

Also note, i had to install dbd::pg to get it integrated into postgres 
correctly.  To do so, go to 
http://127.0.0.1:10000/cpan/download.cgi?source=3&cpan=DBD%3A%3APg&mode=2&return
=/postgresql/&returndesc=database%20list

Follow the prompts and it will install.

Same with net::ldap 
http://127.0.0.1:10000/cpan/download.cgi?source=3&cpan=Net::LDAP&mode=2&return=/
ldap-useradmin/&returndesc=user%20list

I configured apache2, mysql, postgres, smb, ldap to all work.  I zipped the 
files needed for it to start automatically, but double check that it does (port 
10000).

Due to the google file size limit, tar.gz is located here: 
http://rageweb.info/wp-content/uploads/2011/04/webmin.owaspbwa.tar.gz

Original comment by MichaelTCyr@gmail.com on 17 Apr 2011 at 1:32

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
oscommerce:

sql:
create user oscommerce@localhost identified by 'oscommerce';
grant all privileges on oscommerce.* to 'oscommerce'@'localhost';

users:
admin/admin
user@user.com/useruser

There are a bunch of deprecation issues that appear, as well as some pages just 
giving warnings. For the most part it works, but I wanted to include this as I 
am getting these deprecation issues and warnings on almost every other webapp.

Original comment by MichaelTCyr@gmail.com on 17 Apr 2011 at 5:51

Attachments:

GoogleCodeExporter commented 9 years ago 
I wanted to also note I was getting the cookie login issues that have been seen 
on phpBB2 on zencart (utilizes phpBB2, so may be same issue).  

More so than not though, i am getting TONS of deprecation issues (which can be 
hidden) and a these warnings:
Warning: Cannot modify header information

If we can figure out that warning, I can get many more working.

Original comment by MichaelTCyr@gmail.com on 17 Apr 2011 at 5:52

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago

Original comment by chuck.f....@gmail.com on 19 Jun 2015 at 2:06