http-secret

pipeline status Latest Release Try in PwD

http-secret

A simple web application, that will reveal a secret code if you query using a command line tool like netcat, telnet or simpletcpclient.

Try in Play with Docker

Try in PwD

Run with docker-compose

Easiest way to run the vulnerable app is using docker-compose:

mkdir http-secret
cd http-secret
curl -o docker-compose.yml https://gitlab.cylab.be/cylab/play/http-secret/-/raw/main/docker-compose.yml
docker-compose up

After a few seconds, the app will be available at http://127.0.0.1:8000

Run with Docker

docker run -p 8000:80 gitlab.cylab.be:8081/cylab/play/http-secret

Testing locally

You can use PHP built-in webserver to test locally:

git clone https://gitlab.cylab.be/cylab/play/http-secret.git
cd http-secret/src
php -S localhost:8000
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept