OR UnSAFE Bank is a virtual banking suite designed to incorporate cybersecurity risks and various test techniques.
It is designed for developers and security analysts to learn, distinguish and evaluate vulnerabilities by doing penetration testing in web applications, Android and iOS.
This version of the application is only available for iOS devices. An application that will support Android devices and Web applications will soon follow
Features of the application
The application currently supports the following features:
- Transfer of funds
- Account information
- Registration and promotion of beneficiaries
Note: We will have new possibilities and integration of new vulnerabilities in the future
Intentionally or not, they have added a wide range of vulnerabilities, ranging from low-risk to high-risk vulnerabilities.
Setting up the application
- Installation of git in our system.
- Installation of docker-compose in our system.
- We must not run any other services on port 80 of our machine.
- Requires Android or iOS phone for penetration testing.
- We open a terminal and give the following command git clone https://github.com/lucideus-repo/UnSAFE_Bank.git
- Go to the UnSAFE_Bank / Backend directory with the cd command UnSAFE_Bank / Backend
- We start the docker service by typing sudo service docker start
- We start the docker operations with the docker-compose up -d command
Application installation iOS
- Download and install it Cydia Impactor in our system.
- Connect the iPhone to our system and open the Cydia Impactor.
- We go to the list / iOS.
- Drag and drop it UnSAFE Bank.ipa our file in Cydia Impactor.
- Follow the steps shown by Cydia Impactor until we complete the installation.
- Our application is ready to use.
Note: You can use other methods to install the app on iOS, whichever way suits you.
Connectivity status test
- We are sure that iPhone and our system are connected to the same network.
- We check the IP address of our system as well as the port in which you are running (Port 80).
- Open the iOS Application and give our login details at the top left to enter the application.
- If all goes well the message will appear on the iPhone that will say "You are connected successfully".
- If we get an error message, then we should check if our application is working properly and if we have entered the valid address and the correct port.
A customer ID and password are required to log in to the application. You can always register as a new user.
Upon successful registration:
- You will be given the customer ID that corresponds to your account. Always note your customer ID and keep it SAFE for further use.
- Virtual PIIs and your account information will be generated automatically.
- Default beneficiaries will be added to your account automatically.
- Virtual money ranging from 1 to 5 million will be added to your account
Existing user accounts
The following data can be used to perform actions such as adding a beneficiary, transferring money, etc.
|Account Holder||Account number||IFSC Code|