This repository has been archived by the owner on Jul 15, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 185
/
Copy pathindex.html
118 lines (109 loc) · 4.07 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>DoraBox - 漏洞训练靶场</title>
<style>
body {
font-family: Arial, sans-serif;
}
h1 {
text-align: center;
margin-top: 30px;
}
table {
margin: 0 auto;
border-collapse: collapse;
width: 100%;
max-width: 800px;
}
th,
td {
padding: 10px;
text-align: center;
}
th {
background-color: #333;
color: #fff;
font-weight: bold;
text-transform: uppercase;
}
tr:nth-child(even) {
background-color: #f2f2f2;
}
a {
color: #007bff;
text-decoration: none;
}
</style>
</head>
<body>
<h1>DoraBox - 掌握常见漏洞攻防,快速提升渗透能力</h1>
<table border="1">
<thead>
<tr>
<th>SQL注入</th>
<th>XSS跨站</th>
<th>CSRF</th>
<th>文件包含</th>
<th>文件上传</th>
<th>代码/命令执行</th>
<th>SSRF</th>
<th>其他</th>
</tr>
</thead>
<tbody>
<tr>
<td><a href="./sql_injection/sql_num.php" target="_blank">SQLi 数字型</a></td>
<td><a href="./xss/reflect_xss.php" target="_blank">XSS 反射型</a></td>
<td><a href="./csrf/jsonp.php?callback=test" target="_blank">JSONP劫持</a></td>
<td><a href="./file_include/any_include.php" target="_blank">任意文件包含</a></td>
<td><a href="./file_upload/any_upload.php" target="_blank">任意文件上传</a></td>
<td><a href="./code_exec/code.php" target="_blank">任意代码执行</a></td>
<td><a href="./ssrf/ssrf.php" target="_blank">SSRF</a></td>
<td><a href="./race_condition/pay.php" target="_blank">条件竞争-支付</a></td>
</tr>
<tr>
<td><a href="./sql_injection/sql_string.php" target="_blank">SQLi 字符型</a></td>
<td><a href="./xss/stored_xss.php" target="_blank">XSS 存储型</a></td>
<td><a href="./csrf/userinfo.php" target="_blank">CORS跨域资源读取</a></td>
<td><a href="./file_include/include_1.php" target="_blank">目录限制文件包含</a></td>
<td><a href="./file_upload/upload_js.php" target="_blank">JS限制文件上传</a></td>
<td><a href="./code_exec/exec.php" target="_blank">任意命令执行</a></td>
<td></td>
<td><a href="./race_condition/upload.php" target="_blank">条件竞争-上传</a></td>
</tr>
<tr>
<td><a href="./sql_injection/sql_search.php" target="_blank">SQLi 搜索型</a></td>
<td><a href="./xss/dom_xss.php" target="_blank">XSS DOM型</a></td>
<td></td>
<td></td>
<td><a href="./file_upload/upload_mime.php" target="_blank">MIME限制文件上传</a></td>
<td></td>
<td></td>
<td><a href="./others/file_read.php" target="_blank">任意文件读取</a></td>
</tr>
<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td><a href="./file_upload/upload_name.php" target="_blank">扩展名限制文件上传</a></td>
<td></td>
<td></td>
<td><a href="./xxe/" target="_blank">XXE</a></td>
</tr>
<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td><a href="./file_upload/upload_content.php" target="_blank">内容限制文件上传</a></td>
<td></td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
</body>
</html>