Are you a gamer and at the same time a penetration testing enthusiast in web applications?
Well then, you might
wanna try whacking out 'hackxor'! Hackxor is a web application hacking
game where players must locate and exploit vulnerabilities to progress
through the story wherein you play as a blackhat hacker hired to track
down another hacker by any means possible. It contains scripts that are
vulnerable to Cross Site Scripting(XSS), Cross Site Request
Forgery(CSRF), Structured Query Language Injection (SQLi), Remote
Command Injection(RCE), and many more. It's also a web application
running on Fedora 14.
Download & install instructions
- 1. Download the full version of hackxor (700mb)
- 2. Install VMWare Player (This involves creating a free account with vmware)
- 3. Extract hackxor1.7z, run the image using VMware player.
- 4. Work out what the IP of hackxor is ((try 172.16.93.129)|| logging into the VM with username:root pass:hackxor and typing ifconfig)
- 5. Configure your hosts file (/etc/hosts on linux) to redirect the following domains to the IP of hackxor: wraithmail, wraithbox, cloaknet, GGHB, hub71, utrack.
- 6. Browse to http://wraithmail:8080 and login with username:algo password:smur
- http://blog.rootcon.org/2012/05/hackxor-web-app-hacking-game.html