🎉VulnRange

2020-09-21 23:19:59 +08:00
parent ddd435d253
commit 173dbc4ab5
443 changed files with 31256 additions and 2 deletions
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -0,0 +1,5 @@
 include flaskr/schema.sql
 graft flaskr/static
 graft flaskr/templates
 graft instance/flaskr.sqlite
 global-exclude *.pyc
--- a/README.md
+++ b/README.md
@@ -1,2 +1,59 @@
-# VulnRange
+> **VulnRange的定位是一个漏洞靶场，用于快速的启动漏洞环境，便于漏洞复现和研究**
-漏洞靶场-快速搭建Web安全漏洞和第三方组件漏洞环境，用于漏洞复现和研究
+
 # 安装部署🚀
 ## 环境配置
 **以Centos为例**
 1、[Centos安装python3.8和PIP](https://www.cnblogs.com/wintrysec/p/11963807.html)
 2、安装docker和docker-compose [把docker源换掉，推荐阿里云的源]
 3、关闭防火墙和SELinux
 ## 下载安装VulnRange
 ```bash
 git clone https://github.com/wgpsec/VulnRange.git
 cd VulnRange
 pip install -e . -i https://pypi.tuna.tsinghua.edu.cn/simple/	#安装项目
 ```
 # 功能介绍:memo:
 **启动**
 ```bash
 #进入项目根目录下启动项目即可
 cd ~/VulnRange
 sh start.sh
 ```
 ## Web安全基础靶场
 ![](README\image-20200921221721429.png)
 ![](README\image-20200921221823193.png)
 集合了常见的Web安全漏洞，多数是直接拉取开源的靶场环境，比如DVWA、sqli-labs、upload-labs
 ## 组件靶场分类
 以组件名称分类展示各个中间件和CMS的靶场环境
 ![](README\image-20200921222204154.png)
 ## 开启靶机
 点击 "启动靶机环境" 即可开启相关靶机。
 ![](README\image-20200921222527813.png)
 等的时间过长的话可以切换到系统中看看环境构建进度
 ![](README\image-20200921222651590.png)
 靶机环境构建完成后，点击链接即可访问
 ![](README\image-20200921222813545.png)
--- a/README/image-20200921221721429.png
+++ b/README/image-20200921221721429.png
--- a/README/image-20200921221823193.png
+++ b/README/image-20200921221823193.png
--- a/README/image-20200921222204154.png
+++ b/README/image-20200921222204154.png
--- a/README/image-20200921222527813.png
+++ b/README/image-20200921222527813.png
--- a/README/image-20200921222651590.png
+++ b/README/image-20200921222651590.png
--- a/README/image-20200921222813545.png
+++ b/README/image-20200921222813545.png
--- a/Ranges/Activemq/CVE-2016-3088/docker-compose.yml
+++ b/Ranges/Activemq/CVE-2016-3088/docker-compose.yml
@@ -0,0 +1,8 @@
 version: '3'
 services:
 activemq:
   image: vulhub/activemq:5.11.1-with-cron
   container_name: CVE-2016-3088
   ports:
    - "61616:61616"
    - "8161:8161"
--- a/Ranges/Activemq/activemq-5.11.1/docker-compose.yml
+++ b/Ranges/Activemq/activemq-5.11.1/docker-compose.yml
@@ -0,0 +1,8 @@
 version: '3'
 services:
 activemq:
   image: vulhub/activemq:5.11.1
   container_name: activemq-5.11.1
   ports:
    - "61616:61616"
    - "8161:8161"
--- a/Ranges/Apache/Apache-Tomcat/CVE-2020-1938/Dockerfile
+++ b/Ranges/Apache/Apache-Tomcat/CVE-2020-1938/Dockerfile
@@ -0,0 +1,2 @@
 From vulhub/tomcat:9.0.30
 EXPOSE 8009
--- a/Ranges/Apache/Apache-Tomcat/CVE-2020-1938/docker-compose.yml
+++ b/Ranges/Apache/Apache-Tomcat/CVE-2020-1938/docker-compose.yml
@@ -0,0 +1,8 @@
 version: '3'
 services:
 tomcat:
   build: .
   container_name: CVE-2020-1938
   ports:
    - "8080"
    - "8009:8009"
--- a/Ranges/Apache/Apache-Tomcat/tomcat8/context.xml
+++ b/Ranges/Apache/Apache-Tomcat/tomcat8/context.xml
@@ -0,0 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="\d+\.\d+\.\d+\.\d+" />
 </Context>
--- a/Ranges/Apache/Apache-Tomcat/tomcat8/docker-compose.yml
+++ b/Ranges/Apache/Apache-Tomcat/tomcat8/docker-compose.yml
@@ -0,0 +1,13 @@
 version: '3'
 services:
 tomcat:
   image: vulhub/tomcat:8.0
   container_name: tomcat8
   volumes:
    - ./flag_is_here:/flag_is_here
    - ./web.xml:/usr/local/tomcat/webapps/ROOT/WEB-INF/web.xml
    - ./tomcat-users.xml:/usr/local/tomcat/conf/tomcat-users.xml
    - ./context.xml:/usr/local/tomcat/webapps/manager/META-INF/context.xml
    - ./context.xml:/usr/local/tomcat/webapps/host-manager/META-INF/context.xml
   ports:
    - "8080"
--- a/Ranges/Apache/Apache-Tomcat/tomcat8/flag_is_here
+++ b/Ranges/Apache/Apache-Tomcat/tomcat8/flag_is_here
@@ -0,0 +1 @@
 flag{f1ddd43a702df8b1da4ffd33baa01aae}
--- a/Ranges/Apache/Apache-Tomcat/tomcat8/tomcat-users.xml
+++ b/Ranges/Apache/Apache-Tomcat/tomcat8/tomcat-users.xml
@@ -0,0 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
    <role rolename="manager-gui"/>
    <role rolename="manager-script"/>
    <role rolename="manager-jmx"/>
    <role rolename="manager-status"/>
    <role rolename="admin-gui"/>
    <role rolename="admin-script"/>
    <user username="tomcat" password="tomcat" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script" />
 </tomcat-users>
--- a/Ranges/Apache/Apache-Tomcat/tomcat8/web.xml
+++ b/Ranges/Apache/Apache-Tomcat/tomcat8/web.xml
@@ -0,0 +1,63 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 <!--
 Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at
      http://www.apache.org/licenses/LICENSE-2.0
  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
 -->
 <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
                      http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
  version="3.1"
  metadata-complete="true">
  <display-name>Welcome to Tomcat</display-name>
  <description>
     Welcome to Tomcat
  </description>
  <filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
  <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.methods</param-name>
    <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
  </init-param>
  <init-param>
    <param-name>cors.exposed.headers</param-name>
    <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
  </init-param>
  <init-param>
    <param-name>cors.support.credentials</param-name>
    <param-value>true</param-value>
  </init-param>
  <init-param>
    <param-name>cors.preflight.maxage</param-name>
    <param-value>10</param-value>
  </init-param>
 </filter>
 <filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
 </filter-mapping>
 </web-app>
--- a/Ranges/Apache/Apache-httpd/CVE-2017-15715/Dockerfile
+++ b/Ranges/Apache/Apache-httpd/CVE-2017-15715/Dockerfile
@@ -0,0 +1,7 @@
 FROM vulhub/php:5.5-apache
 LABEL maintainer="phithon <root@leavesongs.com>"
 COPY index.php /var/www/html/
 RUN chown www-data:www-data -R /var/www/html
--- a/Ranges/Apache/Apache-httpd/CVE-2017-15715/docker-compose.yml
+++ b/Ranges/Apache/Apache-httpd/CVE-2017-15715/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 apache:
   build: .
   container_name: CVE-2017-15715
   ports:
    - "80"
--- a/Ranges/Apache/Apache-httpd/CVE-2017-15715/index.php
+++ b/Ranges/Apache/Apache-httpd/CVE-2017-15715/index.php
@@ -0,0 +1,33 @@
 <?php
 if(isset($_FILES['file'])) {
    $name = basename($_POST['name']);
    $ext = pathinfo($name,PATHINFO_EXTENSION);
    if(in_array($ext, ['php', 'php3', 'php4', 'php5', 'phtml', 'pht'])) {
        exit('bad file');
    }
    move_uploaded_file($_FILES['file']['tmp_name'], './' . $name);
 } else {
 ?>
 <!DOCTYPE html>
 <html>
 <head>
 	<title>Upload</title>
 </head>
 <body>
 <form method="POST" enctype="multipart/form-data">
 	<p>
 		<label>file:<input type="file" name="file"></label>
 	</p>
 	<p>
 		<label>filename:<input type="text" name="name" value="evil.php"></label>
 	</p>
 	<input type="submit">
 </form>
 </body>
 </html>
 <?php
 }
 ?>
--- a/Ranges/Apache/Apache-httpd/apache_parsing/conf/docker-php.conf
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/conf/docker-php.conf
@@ -0,0 +1,9 @@
 AddHandler application/x-httpd-php .php
 DirectoryIndex disabled
 DirectoryIndex index.php index.html                                                                  
 <Directory /var/www/>
    Options -Indexes
    AllowOverride All
 </Directory>
--- a/Ranges/Apache/Apache-httpd/apache_parsing/docker-compose.yml
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/docker-compose.yml
@@ -0,0 +1,12 @@
 version: '3'
 services:
 apache:
   image: php:apache
   container_name: apache_parsing
   volumes:
    - ./www:/var/www/html
    - ./conf/docker-php.conf:/etc/apache2/conf-enabled/docker-php.conf
    - ./start.sh:/var/www/start.sh
   command: /bin/sh /var/www/start.sh
   ports:
    - "80"
--- a/Ranges/Apache/Apache-httpd/apache_parsing/start.sh
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/start.sh
@@ -0,0 +1,6 @@
 #!/bin/sh
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
 chmod 777 /var/www/html/uploadfiles
 apache2-foreground
--- a/Ranges/Apache/Apache-httpd/apache_parsing/www/flag.php
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/www/flag.php
@@ -0,0 +1,3 @@
 <?php 
 	//FLAG is = flag{30c4d4a8f97c535aa1f60b3c04a7b1b4}
 ?>
--- a/Ranges/Apache/Apache-httpd/apache_parsing/www/index.php
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/www/index.php
@@ -0,0 +1,25 @@
 <?php
 header("Access-Control-Allow-Origin: *");//设置允许跨域，用来判断题目环境是否开启
 if (!empty($_FILES)):
 $ext = pathinfo($_FILES['file_upload']['name'], PATHINFO_EXTENSION);
 if (!in_array($ext, ['gif', 'png', 'jpg', 'jpeg'])) {
    die('不允许的文件类型.');
 }
 $new_name = 'uploadfiles/' . $_FILES['file_upload']['name'];
 if(!move_uploaded_file($_FILES['file_upload']['tmp_name'], $new_name)){
    die('上传目录无写权限.');
 }
 die('上传成功，文件路径: ' . $new_name);
 else:
 ?>
 <h2>本页面使用白名单过滤</h2>
 <form method="post" enctype="multipart/form-data">
    请上传图片: <input type="file" name="file_upload">
    <input type="submit">
 </form>
 <?php
 endif;
--- a/Ranges/Apache/Apache-httpd/apache_parsing/www/uploadfiles/apache.php.jpeg
+++ b/Ranges/Apache/Apache-httpd/apache_parsing/www/uploadfiles/apache.php.jpeg
@@ -0,0 +1,2 @@
 <?php
 phpinfo();
--- a/Ranges/Apereo-cas/apereo-cas-4.1.5/docker-compose.yml
+++ b/Ranges/Apereo-cas/apereo-cas-4.1.5/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '2'
 services:
 web:
   image: vulhub/apereo-cas:4.1.5
   container_name: apereo-cas-4.1.5
   ports:
    - "8080:8080"
--- a/Ranges/Bash/shellshock/docker-compose.yml
+++ b/Ranges/Bash/shellshock/docker-compose.yml
@@ -0,0 +1,10 @@
 version: '2'
 services:
 web:
   image: vulhub/bash:4.3.0-with-httpd
   container_name: shellshock
   ports:
    - "80"
   volumes:
    - ./safe.cgi:/var/www/html/safe.cgi
    - ./victim.cgi:/var/www/html/victim.cgi
--- a/Ranges/Bash/shellshock/safe.cgi
+++ b/Ranges/Bash/shellshock/safe.cgi
@@ -0,0 +1,15 @@
 #!/bin/bash
 echo "Content-type: text/html"
 echo ""
 echo '<html>'
 echo '<head>'
 echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">'
 echo '<title>Bash ShellShock</title>'
 echo '</head>'
 echo '<body>'
 echo '<p>'
 echo 'Hello world'
 echo '</p>'
 echo '</body>'
 echo '</html>'
 exit 0
--- a/Ranges/Bash/shellshock/victim.cgi
+++ b/Ranges/Bash/shellshock/victim.cgi
@@ -0,0 +1,15 @@
 #!/usr/local/bash-4.3.0/bin/bash
 echo "Content-type: text/html"
 echo ""
 echo '<html>'
 echo '<head>'
 echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">'
 echo '<title>Bash ShellShock</title>'
 echo '</head>'
 echo '<body>'
 echo '<p>'
 echo 'Hello world'
 echo '</p>'
 echo '</body>'
 echo '</html>'
 exit 0
--- a/Ranges/Cgi/CVE-2016-5385/docker-compose.yml
+++ b/Ranges/Cgi/CVE-2016-5385/docker-compose.yml
@@ -0,0 +1,16 @@
 version: '2'
 services:
 nginx:
   image: nginx:1
   container_name: CVE-2016-5385
   volumes:
    - ./www/index.php:/usr/share/nginx/html/index.php
    - ./nginx/default.conf:/etc/nginx/conf.d/default.conf
   depends_on:
    - php
   ports:
    - "80"
 php:
   image: vulhub/php:httpoxy
   volumes: 
    - ./www/index.php:/var/www/html/index.php
--- a/Ranges/Cgi/CVE-2016-5385/nginx/default.conf
+++ b/Ranges/Cgi/CVE-2016-5385/nginx/default.conf
@@ -0,0 +1,26 @@
 server {
 	listen 80 default_server;
 	listen [::]:80 default_server;
 	root /usr/share/nginx/html;
 	index index.html index.php;
 	server_name _;
 	location / {
 		try_files $uri $uri/ =404;
 	}
 	location ~ [^/]\.php(/|$) {
 		fastcgi_index index.php;
 		include fastcgi_params;
 		fastcgi_param  REDIRECT_STATUS    200;
 		fastcgi_param  SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
 		fastcgi_param  DOCUMENT_ROOT /var/www/html;
 		fastcgi_pass php:9000;
 	}
 }
--- a/Ranges/Cgi/CVE-2016-5385/www/index.php
+++ b/Ranges/Cgi/CVE-2016-5385/www/index.php
@@ -0,0 +1,20 @@
 <?php
 require __DIR__ . '/vendor/autoload.php';
 use GuzzleHttp\Client;
 header('Content-Type: application/json; charset=utf-8');
 $client = new Client([
    // Base URI is used with relative requests
    'base_uri' => 'http://httpbin.org',
    // You can set any number of default request options.
    'timeout'  => 2.0,
 ]);
 $response = $client->get('http://httpbin.org/get');
 $body = $response->getBody();
 echo $body;
--- a/Ranges/Confluence/CVE-2019-3396/docker-compose.yml
+++ b/Ranges/Confluence/CVE-2019-3396/docker-compose.yml
@@ -0,0 +1,14 @@
 version: '2'
 services:
  web:
    image: vulhub/confluence:6.10.2
    container_name: CVE-2019-3369
    ports:
      - "8090:8090"
    depends_on:
      - db
  db:
    image: postgres:10.7-alpine
    environment: 
    - POSTGRES_PASSWORD=postgres
    - POSTGRES_DB=confluence
--- a/Ranges/Discuz/DiscuzX-3.4/docker-compose.yml
+++ b/Ranges/Discuz/DiscuzX-3.4/docker-compose.yml
@@ -0,0 +1,15 @@
 version: '3'
 services:
  discuz:
    image: vulhub/discuz:x3.4
    container_name: DiscuzX-3.4
    depends_on:
      - db
    ports:
      - "80"
  db:
    image: mariadb
    restart: always
    environment: 
      MYSQL_ROOT_PASSWORD: root
      MYSQL_DATABASE: ultrax
--- a/Ranges/Drupal/CVE-2018-7600/docker-compose.yml
+++ b/Ranges/Drupal/CVE-2018-7600/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/drupal:8.5.0
   container_name: CVE-2018-7600
   ports:
    - "80"
--- a/Ranges/Drupal/CVE-2018-7602/docker-compose.yml
+++ b/Ranges/Drupal/CVE-2018-7602/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: drupal:7.57
   container_name: CVE-2018-7602
   ports:
    - "80"
--- a/Ranges/Drupal/CVE-2019-6339/docker-compose.yml
+++ b/Ranges/Drupal/CVE-2019-6339/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: drupal:8.5.0
   container_name: CVE-2019-6339
   ports:
    - "80"
--- a/Ranges/Ecshop/ecshop-3.6.0/docker-compose.yml
+++ b/Ranges/Ecshop/ecshop-3.6.0/docker-compose.yml
@@ -0,0 +1,13 @@
 version: '2'
 services:
 ecshop36:
   image: vulhub/ecshop:3.6.0
   container_name: ecshop-3.6.0
   depends_on:
    - mysql
   ports:
    - "80"
 mysql:
   image: mysql:5.5
   environment: 
    - MYSQL_ROOT_PASSWORD=root
--- a/Ranges/Fastjson/1.2.24-rce/docker-compose.yml
+++ b/Ranges/Fastjson/1.2.24-rce/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/fastjson:1.2.24
   container_name: 1.2.24-rce
   ports:
    - "8090"
--- a/Ranges/Fastjson/1.2.47-rce/docker-compose.yml
+++ b/Ranges/Fastjson/1.2.47-rce/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/fastjson:1.2.45
   container_name: 1.2.47-rce
   ports:
    - "8090"
--- a/Ranges/JBoss/CVE-2017-12149/docker-compose.yml
+++ b/Ranges/JBoss/CVE-2017-12149/docker-compose.yml
@@ -0,0 +1,8 @@
 version: '3'
 services:
  jboss:
    image: vulhub/jboss:as-6.1.0
    container_name: CVE-2017-12149
    ports:
      - "9990:9990"
      - "8080:8080"
--- a/Ranges/Jackson/CVE-2017-7525/docker-compose.yml
+++ b/Ranges/Jackson/CVE-2017-7525/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/spring-with-jackson:2.8.8
   container_name: CVE-2017-7525
   ports:
    - "8080"
--- a/Ranges/Jenkins/CVE-2017-1000353/docker-compose.yml
+++ b/Ranges/Jenkins/CVE-2017-1000353/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
  jenkins:
    image: vulhub/jenkins:2.46.1
    container_name: CVE-2017-1000353
    init: true
    ports:
      - "50000:50000"
      - "8080"
--- a/Ranges/Jenkins/CVE-2018-1000861/docker-compose.yml
+++ b/Ranges/Jenkins/CVE-2018-1000861/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
  jenkins:
    image: vulhub/jenkins:2.138
    container_name: CVE-2018-1000861
    ports:
      - "50000:50000"
      - "8080"
    init: true
--- a/Ranges/Joomla/CVE-2015-8562/docker-compose.yml
+++ b/Ranges/Joomla/CVE-2015-8562/docker-compose.yml
@@ -0,0 +1,18 @@
 version: '3'
 services:
 web:
   image: vulhub/joomla:3.4.5
   container_name: CVE-2015-8562
   depends_on:
    - mysql
   environment: 
    - JOOMLA_DB_HOST=mysql:3306
    - JOOMLA_DB_USER=root
    - JOOMLA_DB_PASSWORD=root
    - JOOMLA_DB_NAME=joomla
   ports:
    - "80"
 mysql:
   image: mysql:5
   environment: 
    - MYSQL_ROOT_PASSWORD=root
--- a/Ranges/Joomla/CVE-2017-8917/docker-compose.yml
+++ b/Ranges/Joomla/CVE-2017-8917/docker-compose.yml
@@ -0,0 +1,18 @@
 version: '3'
 services:
 web:
   image: vulhub/joomla:3.7.0
   container_name: CVE-2017-8917
   depends_on:
    - mysql
   environment: 
    - JOOMLA_DB_HOST=mysql:3306
    - JOOMLA_DB_USER=root
    - JOOMLA_DB_PASSWORD=root
    - JOOMLA_DB_NAME=joomla
   ports:
    - "80"
 mysql:
   image: mysql:5
   environment: 
    - MYSQL_ROOT_PASSWORD=root
--- a/Ranges/Nexus/CVE-2019-7238/docker-compose.yml
+++ b/Ranges/Nexus/CVE-2019-7238/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/nexus:3.14.0
   container_name: CVE-2019-7238
   ports:
    - "8081"
--- a/Ranges/Nexus/CVE-2020-10199/admin.password
+++ b/Ranges/Nexus/CVE-2020-10199/admin.password
@@ -0,0 +1 @@
 admin
--- a/Ranges/Nexus/CVE-2020-10199/docker-compose.yml
+++ b/Ranges/Nexus/CVE-2020-10199/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
 web:
   image: vulhub/nexus:3.21.1
   container_name: CVE-2020-10199
   ports:
    - "8081"
   volumes: 
    - ./admin.password:/nexus-data/admin.password
--- a/Ranges/Nexus/CVE-2020-10204/admin.password
+++ b/Ranges/Nexus/CVE-2020-10204/admin.password
@@ -0,0 +1 @@
 admin
--- a/Ranges/Nexus/CVE-2020-10204/docker-compose.yml
+++ b/Ranges/Nexus/CVE-2020-10204/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
 web:
   image: vulhub/nexus:3.21.1
   container_name: CVE-2020-10204
   ports:
    - "8081"
   volumes: 
    - ./admin.password:/nexus-data/admin.password
--- a/Ranges/Nginx/CVE-2013-4547/docker-compose.yml
+++ b/Ranges/Nginx/CVE-2013-4547/docker-compose.yml
@@ -0,0 +1,14 @@
 version: '3'
 services:
 nginx:
   image: vulhub/nginx:1.4.2
   container_name: CVE-2013-4547
   volumes:
    - ./nginx.conf:/usr/local/nginx/conf/nginx.conf
    - ./www:/usr/local/nginx/html
   ports:
    - "80"
 php:
   build: ./php-fpm/
   volumes:
    - ./www:/var/www/html
--- a/Ranges/Nginx/CVE-2013-4547/nginx.conf
+++ b/Ranges/Nginx/CVE-2013-4547/nginx.conf
@@ -0,0 +1,33 @@
 worker_processes  1;
 events {
    worker_connections  1024;
 }
 http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       80;
        server_name  localhost;
        root   html;
        index  index.php;
        charset utf-8;
        location ~ \.php$ {
           root           html;
           include        fastcgi_params;
           fastcgi_pass   php:9000;
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME  /var/www/html$fastcgi_script_name;
           fastcgi_param  DOCUMENT_ROOT /var/www/html;
        }
    }
 }
--- a/Ranges/Nginx/CVE-2013-4547/php-fpm/Dockerfile
+++ b/Ranges/Nginx/CVE-2013-4547/php-fpm/Dockerfile
@@ -0,0 +1,18 @@
 FROM vulhub/php:5-fpm
 MAINTAINER phithon <root@leavesongs.com>
 RUN rm -rf /var/www/html/* \
    && mkdir -p /var/www/html/uploadfiles \
    && chmod 777 /var/www/html/uploadfiles \
    && { \
        echo "#\!/bin/bash"; \
        echo "chmod 0777 /var/www/html/uploadfiles"; \
        echo "/usr/local/sbin/php-fpm"; \
        echo ; \
    } | tee /start.sh \
    && chmod +x /start.sh
 COPY www.conf /usr/local/etc/php-fpm.d/www-2.conf
 CMD ["/start.sh"]
--- a/Ranges/Nginx/CVE-2013-4547/php-fpm/www.conf
+++ b/Ranges/Nginx/CVE-2013-4547/php-fpm/www.conf
@@ -0,0 +1,3 @@
 [www]
 security.limit_extensions = 
 php_admin_flag[cgi.fix_pathinfo] = off
--- a/Ranges/Nginx/CVE-2013-4547/www/index.php
+++ b/Ranges/Nginx/CVE-2013-4547/www/index.php
@@ -0,0 +1,33 @@
 <?php
 if (!empty($_FILES)):
 // Check for errors
 if($_FILES['file_upload']['error'] > 0){
    die('An error ocurred when uploading.');
 }
 // Check filesize
 if(!is_uploaded_file($_FILES['file_upload']['tmp_name'])) {
    die('File is not uploaded file');
 }
 $ext = pathinfo($_FILES['file_upload']['name'], PATHINFO_EXTENSION);
 if (empty($ext) || in_array($ext, ['php', 'php3', 'php5', 'phtml'])) {
    die('Unsupported filetype uploaded.');
 }
 $new_name = __DIR__ . '/uploadfiles/' . $_FILES['file_upload']['name'];
 if(!move_uploaded_file($_FILES['file_upload']['tmp_name'], $new_name)){
    die('Error uploading file - check destination is writeable.');
 }
 die('File uploaded successfully: ' . $new_name);
 else:
 ?>
 <form method="post" enctype="multipart/form-data">
    File: <input type="file" name="file_upload">
    <input type="submit">
 </form>
 <?php
 endif;
--- a/Ranges/Nginx/CVE-2013-4547/www/uploadfiles/.gitkeep
+++ b/Ranges/Nginx/CVE-2013-4547/www/uploadfiles/.gitkeep
--- a/Ranges/Nginx/dir-through/configuration/error1.conf
+++ b/Ranges/Nginx/dir-through/configuration/error1.conf
@@ -0,0 +1,13 @@
 server {
 	listen 8080;
 	root /usr/share/nginx/html;
 	index index.html;
 	server_name _;
 	location / {
        return 302 https://$host$uri;
    }
 }
--- a/Ranges/Nginx/dir-through/configuration/error2.conf
+++ b/Ranges/Nginx/dir-through/configuration/error2.conf
@@ -0,0 +1,15 @@
 server {
 	listen 8081;
 	root /usr/share/nginx/html;
 	index index.html;
 	server_name _;
    autoindex on;
 	location /files {
        alias /home/;
    }
 }
--- a/Ranges/Nginx/dir-through/configuration/error3.conf
+++ b/Ranges/Nginx/dir-through/configuration/error3.conf
@@ -0,0 +1,23 @@
 server {
 	listen 8082;
 	root /usr/share/nginx/html;
 	index index.html;
 	server_name _;
    autoindex on;
    add_header Content-Security-Policy "default-src 'self'";
    add_header X-Frame-Options DENY;
 	location = /test1 {
 		rewrite ^(.*)$ /xss.html break;
 	}
    location = /test2 {
        add_header X-Content-Type-Options nosniff;
        rewrite ^(.*)$ /xss.html break;
    }
 }
--- a/Ranges/Nginx/dir-through/docker-compose.yml
+++ b/Ranges/Nginx/dir-through/docker-compose.yml
@@ -0,0 +1,11 @@
 version: '3'
 services:
 nginx:
   image: vulhub/nginx:1
   container_name: dir-through
   volumes:
    - ./configuration:/etc/nginx/conf.d
    - ./files/:/home/
    - ./www/:/usr/share/nginx/html/
   ports:
    - "8081"
--- a/Ranges/Nginx/dir-through/files/help.txt
+++ b/Ranges/Nginx/dir-through/files/help.txt
@@ -0,0 +1 @@
 This is a public file.
--- a/Ranges/Nginx/dir-through/www/index.html
+++ b/Ranges/Nginx/dir-through/www/index.html
@@ -0,0 +1,19 @@
 <!DOCTYPE html>
 <html>
 <head>
 <title>Welcome to nginx!</title>
 <link rel="stylesheet" href="static/app.css">
 </head>
 <body>
 <h1>Welcome to nginx!</h1>
 <p>If you see this page, the nginx web server is successfully installed and
 working. Further configuration is required.</p>
 <p>For online documentation and support please refer to
 <a href="http://nginx.org/">nginx.org</a>.<br/>
 Commercial support is available at
 <a href="http://nginx.com/">nginx.com</a>.</p>
 <p><em>Thank you for using nginx.</em></p>
 </body>
 </html>
--- a/Ranges/Nginx/dir-through/www/static/app.css
+++ b/Ranges/Nginx/dir-through/www/static/app.css
@@ -0,0 +1,5 @@
 body {
    width: 35em;
    margin: 0 auto;
    font-family: Tahoma, Verdana, Arial, sans-serif;
 }
--- a/Ranges/Nginx/dir-through/www/static/app.js
+++ b/Ranges/Nginx/dir-through/www/static/app.js
@@ -0,0 +1,4 @@
 window.onload = function() {
    var m = document.getElementById('m');
    m.innerHTML = location.hash.substr(1);
 }
--- a/Ranges/Nginx/dir-through/www/xss.html
+++ b/Ranges/Nginx/dir-through/www/xss.html
@@ -0,0 +1,10 @@
 <!DOCTYPE html>
 <html>
 <head>
 <title>XSS Vulnerability</title>
 <script src="static/app.js"></script>
 </head>
 <body>
 <p id="m"></p>
 </body>
 </html>
--- a/Ranges/Nginx/nginx_parsing/docker-compose.yml
+++ b/Ranges/Nginx/nginx_parsing/docker-compose.yml
@@ -0,0 +1,19 @@
 version: '3'
 services:
 nginx:
   image: nginx:1
   container_name: nginx_parsing
   volumes:
    - ./www:/usr/share/nginx/html
    - ./nginx/default.conf:/etc/nginx/conf.d/default.conf
   depends_on:
    - php
   ports:
    - "80"
 php:
   image: php:fpm
   command: /bin/sh /var/www/start.sh
   volumes:
    - ./start.sh:/var/www/start.sh
    - ./www:/var/www/html
    - ./php-fpm/www-2.conf:/usr/local/etc/php-fpm.d/www-2.conf
--- a/Ranges/Nginx/nginx_parsing/nginx/default.conf
+++ b/Ranges/Nginx/nginx_parsing/nginx/default.conf
@@ -0,0 +1,25 @@
 server {
 	listen 80 default_server;
 	listen [::]:80 default_server;
 	root /usr/share/nginx/html;
 	index index.html index.php;
 	server_name _;
 	location / {
 		try_files $uri $uri/ =404;
 	}
 	location ~ \.php$ {
 		fastcgi_index index.php;
 		include fastcgi_params;
 		fastcgi_param  REDIRECT_STATUS    200;
 		fastcgi_param  SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
 		fastcgi_param  DOCUMENT_ROOT /var/www/html;
 		fastcgi_pass php:9000;
 	}
 }
--- a/Ranges/Nginx/nginx_parsing/php-fpm/www-2.conf
+++ b/Ranges/Nginx/nginx_parsing/php-fpm/www-2.conf
@@ -0,0 +1,2 @@
 [www]
 security.limit_extensions = 
--- a/Ranges/Nginx/nginx_parsing/start.sh
+++ b/Ranges/Nginx/nginx_parsing/start.sh
@@ -0,0 +1,6 @@
 #!/bin/sh
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
 chmod 777 /var/www/html/uploadfiles
 php-fpm
--- a/Ranges/Nginx/nginx_parsing/www/index.php
+++ b/Ranges/Nginx/nginx_parsing/www/index.php
@@ -0,0 +1,49 @@
 <?php
 if (!empty($_FILES)):
 // Check for errors
 if($_FILES['file_upload']['error'] > 0){
    die('An error ocurred when uploading.');
 }
 if(!getimagesize($_FILES['file_upload']['tmp_name'])){
    die('Please ensure you are uploading an image.');
 }
 // Check filetype
 if(stripos($_FILES['file_upload']['type'], 'image/') !== 0){
    die('Unsupported filetype uploaded.');
 }
 // Check filesize
 if($_FILES['file_upload']['size'] > 500000){
    die('File uploaded exceeds maximum upload size.');
 }
 // Check filesize
 if(!is_uploaded_file($_FILES['file_upload']['tmp_name'])) {
    die('File is not uploaded file');
 }
 $ext = pathinfo($_FILES['file_upload']['name'], PATHINFO_EXTENSION);
 if (!in_array($ext, ['gif', 'png', 'jpg', 'jpeg'])) {
    die('Unsupported filetype uploaded.');
 }
 $new_name = __DIR__ . '/uploadfiles/' . md5($_FILES['file_upload']['name']) . ".{$ext}";
 if(!move_uploaded_file($_FILES['file_upload']['tmp_name'], $new_name)){
    die('Error uploading file - check destination is writeable.');
 }
 die('File uploaded successfully: ' . $new_name);
 else:
 ?>
 <form method="post" enctype="multipart/form-data">
    File: <input type="file" name="file_upload">
    <input type="submit">
 </form>
 <?php
 endif;
--- a/Ranges/Nginx/nginx_parsing/www/uploadfiles/nginx.png
+++ b/Ranges/Nginx/nginx_parsing/www/uploadfiles/nginx.png
--- a/Ranges/OpenSSH/CVE-2018-15473/Dockerfile
+++ b/Ranges/OpenSSH/CVE-2018-15473/Dockerfile
@@ -0,0 +1,9 @@
 FROM vulhub/openssh:7.7
 LABEL maintainer="phithon <root@leavesongs.com>"
 RUN set -ex \
    && adduser --home /home/vulhub --shell /bin/bash --disabled-password --gecos "" vulhub \
    && echo "vulhub:vulhub" | chpasswd \
    && adduser --home /home/example --shell /bin/bash --disabled-password --gecos "" example \
    && echo "example:123456" | chpasswd
--- a/Ranges/OpenSSH/CVE-2018-15473/docker-compose.yml
+++ b/Ranges/OpenSSH/CVE-2018-15473/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
 sshd:
   build: .
   container_name: CVE-2018-15473
   environment: 
    - ROOT_PASSWORD=vulhub
   ports:
    - "22"
--- a/Ranges/OpenSSL/CVE-2014-0160/docker-compose.yml
+++ b/Ranges/OpenSSL/CVE-2014-0160/docker-compose.yml
@@ -0,0 +1,9 @@
 version: '3'
 services:
 nginx:
   image: vulhub/nginx:heartbleed
   container_name: CVE-2014-0160
   volumes:
    - ./www:/var/www/html
   ports:
    - "443:443"
--- a/Ranges/OpenSSL/CVE-2014-0160/www/index.html
+++ b/Ranges/OpenSSL/CVE-2014-0160/www/index.html
@@ -0,0 +1,9 @@
 <html>
    <head>
        <meta charset="utf-8">
        <title>Heartbleed Test</title>
    </head>
    <body>
        <p>Heartbleed Test</p>
    </body>
 </html>
--- a/Ranges/Phpmyadmin/CVE-2016-5734/config.inc.php
+++ b/Ranges/Phpmyadmin/CVE-2016-5734/config.inc.php
@@ -0,0 +1,29 @@
 <?php
 /*
 * Generated configuration file
 * Generated by: phpMyAdmin 4.6.2 setup script
 * Date: Mon, 07 May 2018 10:48:03 +0000
 */
 /* Servers configuration */
 $i = 0;
 /* Server: mysql [1] */
 $i++;
 $cfg['Servers'][$i]['verbose'] = 'mysql';
 $cfg['Servers'][$i]['host'] = 'mysql';
 $cfg['Servers'][$i]['port'] = 3306;
 $cfg['Servers'][$i]['socket'] = '';
 $cfg['Servers'][$i]['connect_type'] = 'tcp';
 $cfg['Servers'][$i]['auth_type'] = 'cookie';
 $cfg['Servers'][$i]['user'] = 'root';
 $cfg['Servers'][$i]['password'] = '';
 /* End of servers configuration */
 $cfg['blowfish_secret'] = '5af02eda401ae8.69737537';
 $cfg['DefaultLang'] = 'en';
 $cfg['ServerDefault'] = 1;
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 ?>
--- a/Ranges/Phpmyadmin/CVE-2016-5734/docker-compose.yml
+++ b/Ranges/Phpmyadmin/CVE-2016-5734/docker-compose.yml
@@ -0,0 +1,16 @@
 version: '3'
 services:
 web:
   image: vulhub/phpmyadmin:4.4.15.6
   container_name: CVE-2016-5734
   volumes:
    - ./config.inc.php:/var/www/html/config.inc.php
   ports:
    - "80"
   depends_on:
    - mysql
 mysql:
   image: mysql:5.5
   environment: 
    - MYSQL_ROOT_PASSWORD=root
    - MYSQL_DATABASE=test
--- a/Ranges/Redis/redis-4.0.14/docker-compose.yml
+++ b/Ranges/Redis/redis-4.0.14/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 redis:
   image: vulhub/redis:4.0.14
   container_name: redis-4.0.14
   ports:
    - "6379:6379"
--- a/Ranges/Rsync/rsync/Dockerfile
+++ b/Ranges/Rsync/rsync/Dockerfile
@@ -0,0 +1,15 @@
 FROM vulhub/rsync:3.1.2
 MAINTAINER phithon <root@leavesongs.com>
 ADD rsyncd.conf /etc/rsyncd.conf
 ADD docker-entrypoint.sh /docker-entrypoint.sh
 RUN apt-get update \
    && apt-get install --no-install-recommends -y cron \
    && mkdir /data/ \
    && chmod +x /docker-entrypoint.sh \
    && rm -rf /var/lib/apt/lists/*
 CMD ["/docker-entrypoint.sh"]
--- a/Ranges/Rsync/rsync/docker-compose.yml
+++ b/Ranges/Rsync/rsync/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 rsync:
   build: .
   container_name: rsync
   ports:
    - "873:873"
--- a/Ranges/Rsync/rsync/docker-entrypoint.sh
+++ b/Ranges/Rsync/rsync/docker-entrypoint.sh
@@ -0,0 +1,7 @@
 #!/bin/bash
 set -ex
 service cron start 
 exec rsync --no-detach --daemon --config /etc/rsyncd.conf
--- a/Ranges/Rsync/rsync/rsyncd.conf
+++ b/Ranges/Rsync/rsync/rsyncd.conf
@@ -0,0 +1,12 @@
 uid = root
 gid = root
 use chroot = no
 max connections = 4
 syslog facility = local5
 pid file = /var/run/rsyncd.pid
 log file = /var/log/rsyncd.log
 [src]
 path = /
 comment = src path
 read only = no
--- a/Ranges/Spring/CVE-2016-4977/docker-compose.yml
+++ b/Ranges/Spring/CVE-2016-4977/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 spring:
   image: vulhub/spring-security-oauth2:2.0.8
   container_name: CVE-2016-4977
   ports:
    - "8080"
--- a/Ranges/Spring/CVE-2017-4971/docker-compose.yml
+++ b/Ranges/Spring/CVE-2017-4971/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 spring:
   image: vulhub/spring-webflow:2.4.4
   container_name: CVE-2017-4971
   ports:
    - "8080"
--- a/Ranges/Spring/CVE-2018-1270/docker-compose.yml
+++ b/Ranges/Spring/CVE-2018-1270/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 spring:
   image: vulhub/spring-messaging:5.0.4
   container_name: CVE-2018-1270
   ports:
    - "8080"
--- a/Ranges/Spring/CVE-2018-1273/docker-compose.yml
+++ b/Ranges/Spring/CVE-2018-1273/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 spring:
   image: vulhub/spring-data-commons:2.0.5
   container_name: CVE-2018-1273
   ports:
    - "8080"
--- a/Ranges/Struts2/s2-016/Dockerfile
+++ b/Ranges/Struts2/s2-016/Dockerfile
@@ -0,0 +1,10 @@
 FROM vulhub/tomcat:8.5
 MAINTAINER phithon <root@leavesongs.com>
 RUN set -ex \
    && rm -rf /usr/local/tomcat/webapps/* \
    && chmod a+x /usr/local/tomcat/bin/*.sh
 ADD https://cdn.vulhub.org/struts2/s2-016/ROOT.war /usr/local/tomcat/webapps/ROOT.war
 EXPOSE 8080
--- a/Ranges/Struts2/s2-016/docker-compose.yml
+++ b/Ranges/Struts2/s2-016/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 struts2:
   build: .
   container_name: s2-016
   ports:
    - "8080"
--- a/Ranges/Struts2/s2-045/docker-compose.yml
+++ b/Ranges/Struts2/s2-045/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 struts2:
   image: vulhub/struts2:2.3.30
   container_name: s2-045
   ports:
    - "8080"
--- a/Ranges/Struts2/s2-046/docker-compose.yml
+++ b/Ranges/Struts2/s2-046/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 struts2:
   image: vulhub/struts2:2.3.30
   container_name: s2-046
   ports:
    - "8080"
--- a/Ranges/Struts2/s2-059/docker-compose.yml
+++ b/Ranges/Struts2/s2-059/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 struts2:
   image: vulhub/struts2:2.5.16
   container_name: s2-059
   ports:
    - "8080"
--- a/Ranges/Supervisor/CVE-2017-11610/Dockerfile
+++ b/Ranges/Supervisor/CVE-2017-11610/Dockerfile
@@ -0,0 +1,17 @@
 FROM vulhub/python:2.7
 MAINTAINER phithon <root@leavesongs.com>
 COPY docker-entrypoint.sh /usr/local/bin/
 RUN pip install -U pip \
    && pip install "supervisor==3.3.2" \
    && echo_supervisord_conf | tee /usr/local/etc/supervisord.conf \
    && { \
        echo "[inet_http_server]"; \
        echo "port=0.0.0.0:9001"; \
        echo; \
    } | tee -a /usr/local/etc/supervisord.conf \
    && chmod +x /usr/local/bin/docker-entrypoint.sh
 CMD ["/usr/local/bin/docker-entrypoint.sh"]
--- a/Ranges/Supervisor/CVE-2017-11610/docker-compose.yml
+++ b/Ranges/Supervisor/CVE-2017-11610/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   build: .
   container_name: CVE-2017-11610
   ports:
    - "9001:9001"
--- a/Ranges/Supervisor/CVE-2017-11610/docker-entrypoint.sh
+++ b/Ranges/Supervisor/CVE-2017-11610/docker-entrypoint.sh
@@ -0,0 +1,5 @@
 #!/bin/bash
 supervisord --user nobody -c /usr/local/etc/supervisord.conf
 while true; do sleep 30; done;
--- a/Ranges/ThinkPHP/5-rce/docker-compose.yml
+++ b/Ranges/ThinkPHP/5-rce/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/thinkphp:5.0.20
   container_name: 5-rce
   ports:
    - "80"
--- a/Ranges/ThinkPHP/5.0.23-rce/docker-compose.yml
+++ b/Ranges/ThinkPHP/5.0.23-rce/docker-compose.yml
@@ -0,0 +1,7 @@
 version: '3'
 services:
 web:
   image: vulhub/thinkphp:5.0.23
   container_name: 5.0.23-rce
   ports:
    - "880"
--- a/Ranges/ThinkPHP/sqli/docker-compose.yml
+++ b/Ranges/ThinkPHP/sqli/docker-compose.yml
@@ -0,0 +1,20 @@
 version: '3'
 services:
 web:
   image: vulhub/thinkphp:5.0.9
   container_name: sqli
   depends_on:
    - mysql
   ports:
    - "80"
   volumes:
    - ./www/controller:/var/www/application/index/controller
    - ./www/model:/var/www/application/index/model
    - ./www/database.php:/var/www/application/database.php
 mysql:
   image: mysql:5.5
   environment: 
    - MYSQL_ROOT_PASSWORD=root
    - MYSQL_DATABASE=cat
   volumes:
    - ./www/init.sql:/docker-entrypoint-initdb.d/init.sql
--- a/Ranges/ThinkPHP/sqli/www/controller/Index.php
+++ b/Ranges/ThinkPHP/sqli/www/controller/Index.php
@@ -0,0 +1,17 @@
 <?php
 namespace app\index\controller;
 use app\index\model\User;
 class Index
 {
    public function index()
    {
        $ids = input('ids/a');
        $t = new User();
        $result = $t->where('id', 'in', $ids)->select();
        foreach($result as $row) {
            echo "<p>Hello, {$row['username']}</p>";
        }
    }
 }
--- a/Show More
+++ b/Show More