Simple Code Analysis
In today’s blog post I’ll be doing a simple source code analysis of vulnerable web blog made by PentesterLab. It’s a basic PHP web app for learning white box testing, meaning that we have access to all of source code. Analysis The first thing I’ll be looking into is index.php file: <?php $site = "PentesterLab vulnerable blog"; require "header.php"; $posts = Post::all(); ?><div class="block" id="block-text"> <div class="secondary-navigation"> <div class="content"> <?php foreach ($posts as $post) { echo $post->render(); } ?...