Vulnerable Machine - Seattle Sounds

Vulnerable VM : Seattle v0.3
Difficulty : Beginner/Moderate

Seattle Sounds web application is a virtual machine and it is vulnerable by design. The author of this virtual machine is HollyGraceful who is a female penetration tester. The virtual machine is designed for beginner and/or Moderate. This web application has the following vulnerabilities :

SQL Injection
Reflected and Stored Cross-Site Scripting
Insecure Direct-Object Reference
Username Enumeration
Path Traversal
Exposed phpinfo()
Exposed Administrative Interface
Weak Admin Credentials

You can download it at VulnHub (File size : 579 MB)

To extract the downloaded file in debian or Ubuntu Linux :

sudo apt-get install p7zip
7z x Seattle-

Then import to Virtualbox and browse it with your browser.

The following is the penetration testing report of the vulnerable virtual machine :

(Firefox, Chrome and Safari Desktop Version friendly. You may need PDF Viewer Extension for Opera, Adobe Reader for Edge to view the report)


Virtualbox - Virtual Machine
VulnHub - Vulnerable by Design