Add vulnerable Docker image

2024-09-23 13:48:10 +02:00 · 2024-09-23 13:48:10 +02:00 · 8fc0ee36cd
commit 8fc0ee36cd
parent 7cd6146ec9
6 changed files with 34 additions and 0 deletions
--- a/vuln_rfi/Dockerfile
+++ b/vuln_rfi/Dockerfile
@ -0,0 +1,5 @@
+FROM php:alpine3.19
+COPY src /src
+WORKDIR /src
+EXPOSE 80
+CMD ["php", "-S", "0.0.0.0:80"]
--- a/vuln_rfi/build.sh
+++ b/vuln_rfi/build.sh
@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-vuln-rfi .
--- a/vuln_rfi/src/about.txt
+++ b/vuln_rfi/src/about.txt
@ -0,0 +1 @@
+I am an old and accustomed developer who wrote too much source code in my life...
--- a/vuln_rfi/src/home.txt
+++ b/vuln_rfi/src/home.txt
@ -0,0 +1,3 @@
+Welcome to this strong and almost secure website!
+
+Please use the menu below to access the different parts of the application...
--- a/vuln_rfi/src/index.php
+++ b/vuln_rfi/src/index.php
@ -0,0 +1,22 @@
+<?php
+/**
+ * My home page
+ */
+
+$page = __DIR__."home.txt";
+
+if(isset($_GET["page"]))
+    $page = $_GET["page"];
+
+?>
+
+<pre>
+<?php echo file_get_contents($page); ?>
+</pre>
+
+Browse my website:
+<ul>
+    <li><a href="index.php?page=home.txt">home</a></li>
+    <li><a href="index.php?page=about.txt">about</a></li>
+    <li><a href="index.php?page=privacy.txt">privacy</a></li>
+</ul>
--- a/vuln_rfi/src/privacy.txt
+++ b/vuln_rfi/src/privacy.txt
@ -0,0 +1 @@
+Privacy policy: TODO
				`@ -0,0 +1 @@`
				`I am an old and accustomed developer who wrote too much source code in my life...`