Skip to content

Exemple of a CSP XSS attack on a basic LAMP stack

License

Notifications You must be signed in to change notification settings

BaptisteLalanne/CSP-XSS-LAMP

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SERE

Attaques XSS avec contournement de CSP (CSP bypass).

Méthodes utilisées :

  • JSONP
  • injection de script par image,
  • dangling markup.

L'application web se trouve dans le dossier www

Install

Before starting the installation, check if the environment variables (port used, versions) are suitable for you in .env

docker-compose up -d

The install is composed of:

  • PHPMyAdmin
  • PHP
  • MySQL server
  • Apache 2

Releases

No releases published

Packages

No packages published

Languages

  • PHP 52.2%
  • HTML 16.2%
  • Dockerfile 15.6%
  • Hack 7.7%
  • CSS 5.4%
  • Shell 2.9%