alban/docker-vulnerable-dvwa
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

dvwa updated

Browse source
This commit is contained in:
OPSXCQ 2018-10-12 15:49:58 +00:00
parent 8f3c3af4fb
commit c37af6fc80
No known key found for this signature in database
GPG key ID: 9AD730FE9CDE5661
84 changed files with 1873 additions and 605 deletions
Download patch file Download diff file Expand all files Collapse all files

64
dvwa/vulnerabilities/view_source_all.php
View file

@ -26,32 +26,42 @@ $impsrc = @file_get_contents("./{$id}/source/impossible.php");
$impsrc = str_replace( array( '$html .=' ), array( 'echo' ), $impsrc);
$impsrc = highlight_string( $impsrc, true );
if( $id == 'fi' ) {
$vuln = 'File Inclusion';
}
elseif( $id == 'brute' ) {
$vuln = 'Brute Force';
}
elseif( $id == 'csrf' ) {
$vuln = 'CSRF';
}
elseif( $id == 'exec' ) {
$vuln = 'Command Injection';
}
elseif( $id == 'sqli' ) {
$vuln = 'SQL Injection';
}
elseif( $id == 'sqli_blind' ) {
$vuln = 'SQL Injection (Blind)';
}
elseif( $id == 'upload' ) {
$vuln = 'File Upload';
}
elseif( $id == 'xss_r' ) {
$vuln = 'Reflected XSS';
}
elseif( $id == 'xss_s' ) {
$vuln = 'Stored XSS';
switch ($id) {
case "javascript" :
$vuln = 'JavaScript';
break;
case "fi" :
$vuln = 'File Inclusion';
break;
case "brute" :
$vuln = 'Brute Force';
break;
case "csrf" :
$vuln = 'CSRF';
break;
case "exec" :
$vuln = 'Command Injection';
break;
case "sqli" :
$vuln = 'SQL Injection';
break;
case "sqli_blind" :
$vuln = 'SQL Injection (Blind)';
break;
case "upload" :
$vuln = 'File Upload';
break;
case "xss_r" :
$vuln = 'Reflected XSS';
break;
case "xss_s" :
$vuln = 'Stored XSS';
break;
case "weak_id" :
$vuln = 'Weak Session IDs';
break;
default:
$vuln = "Unknown Vulnerability";
}
$page[ 'body' ] .= "
@ -92,7 +102,7 @@ $page[ 'body' ] .= "
<br /> <br />
<form>
<input type=\"button\" value=\"<-- Back\" onClick=\"history.go(-1);return true;\">
<input type=\"button\" value=\"<-- Back\" onclick=\"history.go(-1);return true;\">
</form>
</div>\n";