Day 6 of 40: TESTHEAD BOOT CAMP: Getting Cheezy With Gruyere

I owe Marlena Compton for this one. I decided to do some backwards reviewing and wanted to see what WTANZ had been up to (they’re a relative newcomer to Weekend Testing, so I wanted to see what experiences they have been working with). Through looking at their past Experience Reports, I found a gem of a project that anyone interested in security and security hacks should play with. It’s called Gruyere and calls itself “The Cheesiest Application on the Web”.

What is Gruyere? It’s a “Google Codelab” that allows testers and coders to see how web applications can be exploited, and how to defend against the attacks. The site itself allows users to go in and practice real penetration testing (note, if you plan to play with these techniques, do it on their site only; doing penetration testing on any other site is, well, hacking, and that could lead to issues you *really* don’t want to deal with (LOL!) ). The site allows the user to play with and become familiar with types of vulnerabilities and tasks the user to find the vulnerability. Your job is to play the role of a malicious hacker and find/exploit the bugs.

This is a fun lab, and each one can be done fairly quickly to gain familiarity, but it’s definitely one that you will want to come back to again and again to play around more with (which is what I have the intention of doing over the coming days).


To get into Gruyere,go to http://google-gruyere.appspot.com/start.

Start Gruyere

Your Gruyere instance id is [InstanceID]. 

WARNING: Gruyere is not secure.
Do not upload any personal or private data. 

By using Gruyere you agree to the terms of service.

Agree & Start

Once you are in, you get the opportunity to take on a number of challenges, and each one covers different aspects. Here’s a quick list of topics covered:

·         Cross-Site Scripting (XSS)

o    XSS Challenges

o    File Upload XSS

o    Reflected XSS

o    Stored XSS

o    Stored XSS via HTML Attribute

o    Stored XSS via AJAX

o    Reflected XSS via AJAX

o    More about XSS

·         Client-State Manipulation

o    Elevation of Privilege

o    Cookie Manipulation

·         Cross-Site Request Forgery (XSRF)

o    XSRF Challenge

o    More about preventing XSRF

·         Cross Site Script Inclusion (XSSI)

o    XSSI Challenge

·         Path Traversal

o    Information disclosure via path traversal

o    Data tampering via path traversal

·         Denial of Service

o    DoS - Quit the Server

o    DoS - Overloading the Server

o    More on Denial of Service

·         Code Execution

o    Code Execution Challenge

o    More on Remote Code Execution

·         Configuration Vulnerabilities

o    Information disclosure #1

o    Information disclosure #2

o    Information disclosure #3

·         AJAX vulnerabilities

o    DoS via AJAX

o    Phishing via AJAX

·         Other Vulnerabilities

o    Buffer Overflow and Integer Overflow

o    SQL Injection

So for those who are interested in learning about Web Application Exploits and how to defend against them, give Gruyere a look. Fun stuff to play with and I will definitely be spending more time with this app and learning as much as I can.