August 2018
Intermediate to advanced
404 pages
10h 22m
English
Browse to bee-box over HTTP (http://192.168.56.12/bWAPP/) and log in to start this exercise:

In the text, we can see something interesting: Current user: www-data. This may mean that the page is using system calls to get the username. It also gives us a hint to attack the referrer.
We can see that there is an iframe calling a shell script: /cgi-bin/shellshock.sh, which might be ...
Read now
Unlock full access