{"type":"mcp_server","name":"damn-vulnerable-MCP-server","description":"Vulnerable MCP server for security testing & training. Exposes MCP weaknesses for educational purposes. #MCP #Security #Vulnerability","category":"Developer Tools","language":"Python","stars":1313,"forks":80,"owner":"harishsg993010","github_url":"https://github.com/harishsg993010/damn-vulnerable-MCP-server","homepage":null,"setup":"## Setup\n\nThis project is designed to be run using Docker. While it may be possible to run it directly on a Linux environment, Docker is the recommended and supported method.\n\n**Prerequisites:**\n\n*   **Docker:** Ensure you have Docker installed and running on your system.  You can download it from [Docker's website](https://www.docker.com/get-started).\n*   **CLINE (Optional):**  CLINE is a VSCode extension recommended for interacting with the DVMCP server.  Refer to [CLINE documentation](https://docs.cline.bot/mcp-servers/connecting-to-a-remote-server) for connecting to the MCP server.\n\n**Installation Steps:**\n\n1.  **Clone the Repository:** Clone the DVMCP repository to your local machine:\n\n    ```bash\n    git clone <repository_url>\n    cd dvmcp\n    ```\n\n2.  **Build the Docker Image:** Build the Docker image using the following command:\n\n    ```bash\n    docker build -t dvmcp .\n    ```\n\n3.  **Run the Docker Container:** Run the Docker container, mapping ports 9001-9010 to your host machine:\n\n    ```bash\n    docker run -p 9001-9010:9001-9010 dvmcp\n    ```\n\n    This will start the DVMCP server, making the challenges accessible on ports 9001 through 9010.\n\n**Configuration:**\n\n*   No specific configuration files are required. The challenges are pre-configured within the Docker image.\n\n**Environment Variables:**\n\n*   No environment variables are required for basic operation.  However, individual challenges *may* require specific environment variables. Consult the documentation for each challenge for details.\n\n**Verification:**\n\n*   Once the Docker container is running, you can verify that the DVMCP server is accessible by sending requests to the exposed ports (9001-9010).  Use CLINE or another MCP client to interact with the server and begin the challenges.","tools":"Here's an improved extraction of the tools/features information from the README, focusing on the challenges as the primary \"tools\" for learning:\n\n## Available Challenges\n\nThis project provides 10 challenges designed to demonstrate vulnerabilities in Model Context Protocol (MCP) implementations. These challenges are categorized by difficulty: Easy, Medium, and Hard. Each challenge focuses on a specific type of vulnerability and provides a hands-on learning experience.\n\n**Easy Challenges:**\n\n1.  **Basic Prompt Injection:**  Exploit unsanitized user input to manipulate LLM behavior.  This challenge focuses on understanding how to prevent attackers from influencing the LLM's output by injecting malicious prompts.\n2.  **Tool Poisoning:** Exploit hidden instructions in tool descriptions. This challenge explores how attackers can hide malicious instructions within the descriptions of tools, leading the LLM to perform unintended actions.\n3.  **Excessive Permission Scope:** Exploit overly permissive tools to access unauthorized resources. This challenge demonstrates the risks of granting tools more permissions than they need, allowing attackers to access sensitive information or perform unauthorized actions.\n\n**Medium Challenges:**\n\n4.  **Rug Pull Attack:** Exploit tools that change their behavior after installation.  This challenge highlights the importance of verifying tool behavior and ensuring that tools cannot be modified maliciously after they are deployed.\n5.  **Tool Shadowing:** Exploit tool name conflicts to override legitimate tools.  This challenge demonstrates how attackers can replace legitimate tools with malicious ones by exploiting naming vulnerabilities.\n6.  **Indirect Prompt Injection:** Inject malicious instructions through data sources. This challenge explores how attackers can inject malicious instructions into the LLM indirectly through external data sources that the LLM uses.\n7.  **Token Theft:** Extract authentication tokens from insecure storage.  This challenge focuses on the importance of secure token storage and demonstrates how attackers can steal authentication tokens if they are not properly protected.\n\n**Hard Challenges:**\n\n8.  **Malicious Code Execution:** Execute arbitrary code through vulnerable tools. This challenge demonstrates how attackers can exploit vulnerabilities in tools to execute arbitrary code on the system.\n9.  **Remote Access Control:** Gain remote access to the system through command injection. This challenge explores how attackers can gain remote access to the system by injecting commands through vulnerable tools.\n10. **Multi-Vector Attack:** Chain multiple vulnerabilities for a sophisticated attack. This challenge demonstrates how attackers can combine multiple vulnerabilities to create a more sophisticated and effective attack.\n\n**Usage:**\n\nTo use these challenges, follow the setup instructions in the [Setup Guide](docs/setup.md).  Each challenge is located in the `challenges/` directory, organized by difficulty level.  Attempt to solve each challenge independently before consulting the [Solutions Guide](solutions/README.md).","faq":null,"created_at":"2025-04-16T06:18:59+00:00","updated_at":"2025-07-06T22:14:47+00:00","source_url":"https://model-context-protocol.com/servers/damn-vulnerable-mcp-server","related_articles":[]}