Our first post regarding Mutillidae can be found here. A few days ago an update – Mutillidae version 2.1.13 – was released. We seem to have missed a lot of updates about this tool, but we plan to correct it.
“Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. Mutillidae contains dozens of vulnerabilities and hints to help the user exploit them; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets.”
Official change log for Mutillidae 2.1.13:
- Added Mutillidae YouTube channel link to menu
- Fixed some menu links so they open in new window
- Added a hint to the framer.php page telling the user to try to change the security level.
- Added a new page called anti-framing-protection.inc. The page shows developers how to implement old-style javascript frame busting code. This isn”t used for new browsers because x-frame-options has supplanted the frame busting code, but there are still many old browsers running in kiosks and such.
- Added more documentation in the Easter Egg file Mutillidae test scripts
- Added Kevin Johnson as honorary default user
- Added more values to default database to make SQL injection more interesting
- Reduced the size of the header thickness to make more room
- Greatly improved SQL Injection tutorial or at least typed a lot more stuff
- Upgraded the Easter Egg file with more tips and tricks; mainly on SQL injection
Download Mutillidae 2.1.13:
Mutillidae 2.1.13 – mutillidae-2.1.13.zip – http://www.irongeek.com/mutillidae/mutillidae-2.1.13.zip
{ 0 comments… add one now }