This repo is an updated version of Bricks, that run on PHP 8.
The Docker image provided runs on Ubuntu 22.04.
This repository is not affiliated to SecHow. I just love Bricks and updated it.
You can run Bricks in a docker container with:
sudo docker run -d --name bricks -p 7000:80 0xfalafel/bricksA VirtualBox VM is also available: https://github.com/0xfalafel/Bricks/releases/tag/3.6.
You can login with the credentials: vagrant:vagrant.
Bricks is a deliberately vulnerable web application to learn common vulnerabilites.
It features the following exercices:
- SQL injection authentication bypass.
- SQL injection content retrival with
UNION. - File upload vulnerabilities.
The interest of Bricks over some other training material is that:
- It look nice
- The SQL query executed is reflected in the webpage. Which make it easier to understand SQL injections.
You can build the container with the following command:
sudo docker build -t falafel/bricks .If you prefer to work with Virtual Machines, you can create one using vagrant.
First install Vagrant, i.e. sudo apt install vagrant.
Then run the following command from the folder
vagrant up