davidfisher
Sep 29, 2018Cirrus
PHP Auction Site is not vulnerable..?
I downloaded the file here: https://devcentral.f5.com/articles/configuring-the-big-ip-and-php-hack-it-yourself-auction-site
And I am trying out the discover parameter tampering vul from the ASM 13 lab guide by entering a nick for a different user:
http://asmauction.com/user_menu.php?nick=allwyn
And I am nicely being dropped at the login page as if this a damn good secure app, lol.
Is there some updated version of this auction site that I should be using?