Doubts of VbD challenges in the Write repository

clean-camera · March 16, 2020, 8:51pm

Good afternoon, can someone help me with the challenges of VbD,
I was looking at the Write repository and I really don’t understand its structure and neither
I understand those numbers that have the solutions

I was reading this Publication:

https://help.autonomicjump.com/t/vbb-unique-challenges/40

the truth I did not understand much and especially how will I know the CWE code? For example,
I want to solve the VulnHub x machine and I see that it has 2 vulnerabilities,
the first has the default login credentials and the other has a vulnerability
in the FTP service, so I have to put two CWEs of those two vulnerabilities
But I really don’t know how, can you help me please?

hermit-purple · March 16, 2020, 11:15pm

You can upload the two vulnerabilities in two separated features assessing every CWE separately and filling the correlations section if you think that may apply. The goal of vbd feature is to identify a vulnerability statically and dynamically, exploit the vulnerability, implement a remediation and assess its risk according to the CVSS v3 score, if a VbD app have 100 vulnerabilities you can create 100 features explaining every one of them separately.

Topic		Replies	Views
VbB unique challenges training question	4	499	March 14, 2020
VBD: Vulnerable by design hacking	6	498	January 23, 2020
Trying to choose challenges (?) training question	3	345	July 6, 2020
Vulnhub:reporting vulnerabilities and CVSS scoring training question , guidelines	0	191	January 11, 2023
How to choose the CWE code folder name? training question , vbd	0	386	May 12, 2020

Doubts of VbD challenges in the Write repository

Related Topics