Skip to content

This is a docker environment ready set up for multiple WooCommerce Plugin vulnerabilities.

Notifications You must be signed in to change notification settings

parzel/Damn-Vulnerable-WooCommerce-Plugins

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Damn Vulnerable WooCommerce Plugins

This is a docker environment ready set up for multiple WooCommerce Plugin vulnerabilities. @vinulium and me created it to practice writing exploits from vulnerability descriptions.

The environment contains the following vulnerabilites that can be exploited:

The wordpress installation is ready to be exploited, some of the plugins need further setup as stated below. Each plugin needs to be activated for exploitation. It is better to stick to only one activated plugin as otherwise there can be some compatibility issues.

WriteUp

We did writeups for all of the vulnerabilites in this blogpost.

Setup

docker-compose build && docker-compose up

Instance should be here http://localhost/

Credentials:

admin:admin

Additional Setup Instructions:

CVE-2018-20966: XSS in Booster for WooCommerce < 3.8.0

  • Add at least one product here: http://localhost/wp-admin/post-new.php?post_type=product&tutorial=true
  • Go to http://localhost/wp-admin/admin.php?page=wc-settings&tab=jetpack, enable "Products per Page" and save changes

PHP Object Injection Vulnerability in Booster for WooCommerce <= 3.0.1

  • Go to http://localhost/wp-admin/admin.php?page=wc-settings&tab=jetpack, enable "Email Verification" and save changes
  • Now this plugin is ready for exploitation

WooCommerce Checkout Manager Arbitrary File Upload to RCE

About

This is a docker environment ready set up for multiple WooCommerce Plugin vulnerabilities.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published