Η UnSAFE Bank είναι μια εικονική τραπεζική σουίτα που έχει σχεδιαστεί με σκοπό να ενσωματώσει τους κινδύνους στον cyber security and various testing techniques.
It is designed for developers and security analysts to learn, distinguish and evaluate vulnerabilities by doing penetration testing in web applications, Android and iOS.
This version of the application is released only for iOS devices. It will follow soon upgrade of the application that will support Android devices and Web applications
Features of the application
The application currently supports the following features:
- Transfer of funds
- Account information
- Registration and promotion of beneficiaries
Note: We will have new possibilities and integration of new vulnerabilities in the future
Vulnerability Coverage
Intentionally or not, they have added a wide range of vulnerabilities, ranging from low-risk to high-risk vulnerabilities.
Setting up the application
Prerequisites:
- Installing it git in our system.
- Installing it docker-compose in our system.
- We must not run any other services on port 80 of our machine.
- Requires Android or iOS phone for penetration testing.
Server setup
- We open a terminal and give the following command git clone https://github.com/lucideus-repo/UnSAFE_Bank.git
- Go to the UnSAFE_Bank / Backend directory with the cd command UnSAFE_Bank / Backend
- We start the docker service by typing sudo service docker start
- We start the docker operations with the docker-compose up -d command
Application installation iOS
- Download and install it Cydia Impactor in our system.
- Connect the iPhone to our system and open the Cydia Impactor.
- We go to the list / iOS.
- Drag and drop it UnSAFE Bank.ipa our file in Cydia Impactor.
- Follow the steps shown by Cydia Impactor until we complete the installation.
- Our application is ready to use.
Note: You can use other methods to install the app on iOS, whichever way suits you.
Connectivity status test
- We are sure that iPhone and our system are connected to the same network.
- We check the IP address of our system as well as the port on which you are running (Port 80).
- Open the iOS Application and give our login details in the upper left to enter the application.
- If all goes well, it will display the message on the iPhone that says "You are connected successfully".
- If it shows us a message error, then we should check that our application is working properly and that we have entered the valid address and port.
Login Credentials
A customer ID and password are required to log in to the application. You can always register as a new user.
Upon successful registration:
- You will be given the customer ID that corresponds to your account. Always note your customer ID and keep it SAFE for further use.
- Virtual PIIs and your account information will be generated automatically.
- Default beneficiaries will be added to your account automatically.
- They will be added virtually money in your account ranging from 1 to 5 million
Existing accounts users
The following data can be used to perform actions such as adding a beneficiary, transferring money, etc.
| Account Holder | Account number | IFSC code |
|---|---|---|
| Vipul Malhotra | 003558008876 | IFSC00009 |
| Kevin Winkel | 270365500638 | IFSC00009 |
| Kelly campbell | 533074805951 | IFSC00010 |
| Krystal Langworth | 731258783797 | IFSC00006 |
| Margarita Mann | 359502423130 | IFSC00010 |
| David Mahabir | 795554898923 | IFSC00002 |
| Boris Gerhold | 485064210112 | IFSC00006 |
| Nathaniel Runolfsson | 518569490010 | IFSC00003 |
| Yvette Cooper | 841478410516 | IFSC00007 |
| Orion Glover | 001498029143 | IFSC00003 |
