-
-
Notifications
You must be signed in to change notification settings - Fork 3.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added a dedicated objective (aka "flag") for file include
- Loading branch information
Showing
4 changed files
with
40 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<?php | ||
|
||
if( !defined( 'DVWA_WEB_PAGE_TO_ROOT' ) ) { | ||
exit ("Nice try ;-). Use the file include next time!"); | ||
} | ||
|
||
?> | ||
|
||
1.) Bond. James Bond | ||
|
||
<?php | ||
|
||
echo "2.) My name is Sherlock Holmes. It is my business to know what other people don't know.\n\n<br /><br />\n"; | ||
|
||
$line3 = "3.) Romeo, Romeo! wherefore art thou Romeo?"; | ||
$line3 = "--LINE MISSING--"; | ||
echo $line3 . "\n\n<br /><br />\n"; | ||
|
||
$line4 = "NC4pI" . "FRoZSBwb29s" . "IG9uIH" . "RoZSByb29mIG1" . "1c3QgaGF" . "2ZSBh" . "IGxlY" . "Wsu"; | ||
echo base64_decode( $line4 ); | ||
|
||
?> | ||
|
||
<!-- 5.) The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons. --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
<?php | ||
|
||
$page[ 'body' ] .= " | ||
<div class=\"body_padded\"> | ||
<h1>Vulnerability: File Inclusion</h1> | ||
<div class=\"vulnerable_code_area\"> | ||
<h3>File 4 (Hidden)</h3> | ||
<hr /> | ||
Good job!<br /> | ||
This file isn't listed at all on DVWA. If you are reading this, you did something right ;-)<br /> | ||
<!-- You did an even better job to see this :-)! --> | ||
</div>\n"; | ||
|
||
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters