Skip to content

Commit

Permalink
Added a dedicated objective (aka "flag") for file include
Browse files Browse the repository at this point in the history
  • Loading branch information
g0tmi1k committed Sep 29, 2015
1 parent 9fca73d commit 2780714
Showing 4 changed files with 40 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -4,6 +4,7 @@ DAMN VULNERABLE WEB APPLICATION
v1.9 (*Not Yet Released*)
======

+ Added a dedicated objective (or "flag") for file include. (@g0tmi1k)
+ Added a warning to any module that requires a certain configuration. (@g0tmi1k)
+ Added comments to all source code that would be visible via DVWA modules. (@g0tmi1k)
+ Added CSRF token to pre-auth forms (login/setup/security pages). (@g0tmi1k + @Shinkurt)
24 changes: 24 additions & 0 deletions hackable/flags/fi.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
<?php

if( !defined( 'DVWA_WEB_PAGE_TO_ROOT' ) ) {
exit ("Nice try ;-). Use the file include next time!");
}

?>

1.) Bond. James Bond

<?php

echo "2.) My name is Sherlock Holmes. It is my business to know what other people don't know.\n\n<br /><br />\n";

$line3 = "3.) Romeo, Romeo! wherefore art thou Romeo?";
$line3 = "--LINE MISSING--";
echo $line3 . "\n\n<br /><br />\n";

$line4 = "NC4pI" . "FRoZSBwb29s" . "IG9uIH" . "RoZSByb29mIG1" . "1c3QgaGF" . "2ZSBh" . "IGxlY" . "Wsu";
echo base64_decode( $line4 );

?>

<!-- 5.) The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons. -->
14 changes: 14 additions & 0 deletions vulnerabilities/fi/file4.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
<?php

$page[ 'body' ] .= "
<div class=\"body_padded\">
<h1>Vulnerability: File Inclusion</h1>
<div class=\"vulnerable_code_area\">
<h3>File 4 (Hidden)</h3>
<hr />
Good job!<br />
This file isn't listed at all on DVWA. If you are reading this, you did something right ;-)<br />
<!-- You did an even better job to see this :-)! -->
</div>\n";

?>
3 changes: 1 addition & 2 deletions vulnerabilities/fi/help/help.php
Original file line number Diff line number Diff line change
@@ -20,8 +20,7 @@
<br /><hr /><br />

<h3>Objective</h3>
<p>Execute any PHP function of your choosing on the target system (such as <?php echo dvwaExternalLinkUrlGet( 'https://secure.php.net/manual/en/function.phpinfo.php', 'phpinfo()' ); ?>
or <?php echo dvwaExternalLinkUrlGet( 'https://secure.php.net/manual/en/function.system.php', 'system()' ); ?>) because of the file inclusion.</p>
<p>Read all five famous quotes from '<a href="../hackable/flags/fi.php">../hackable/flags/fi.php</a>' using only the file inclusion.</p>

<br /><hr /><br />

0 comments on commit 2780714

Please sign in to comment.