first commit

2016-12-02 17:19:11 -02:00 · 2016-12-02 17:19:11 -02:00 · f40a84879c
commit f40a84879c
parent 985a5c928c
551 changed files with 72374 additions and 24 deletions
--- a/dvwa/vulnerabilities/view_source.php
+++ b/dvwa/vulnerabilities/view_source.php
@ -0,0 +1,69 @@
+<?php
+
+define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
+require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php';
+
+dvwaPageStartup( array( 'authenticated', 'phpids' ) );
+
+$page = dvwaPageNewGrab();
+$page[ 'title' ] .= 'Source' . $page[ 'title_separator' ].$page[ 'title' ];
+
+$id       = $_GET[ 'id' ];
+$security = $_GET[ 'security' ];
+
+
+if( $id == 'fi' ) {
+	$vuln = 'File Inclusion';
+}
+elseif( $id == 'brute' ) {
+	$vuln = 'Brute Force';
+}
+elseif( $id == 'csrf' ) {
+	$vuln = 'CSRF';
+}
+elseif( $id == 'exec' ) {
+	$vuln = 'Command Injection';
+}
+elseif( $id == 'sqli' ) {
+	$vuln = 'SQL Injection';
+}
+elseif( $id == 'sqli_blind' ) {
+	$vuln = 'SQL Injection (Blind)';
+}
+elseif( $id == 'upload' ) {
+	$vuln = 'File Upload';
+}
+elseif( $id == 'xss_r' ) {
+	$vuln = 'XSS (Reflected)';
+}
+elseif( $id == 'captcha' ) {
+	$vuln = 'Insecure CAPTCHA';
+}
+else {
+	$vuln = 'XSS (Stored)';
+}
+
+$source = @file_get_contents( DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/{$id}/source/{$security}.php" );
+$source = str_replace( array( '$html .=' ), array( 'echo' ), $source );
+
+$page[ 'body' ] .= "
+<div class=\"body_padded\">
+	<h1>{$vuln} Source</h1>
+
+	<div id=\"code\">
+		<table width='100%' bgcolor='white' style=\"border:2px #C0C0C0 solid\">
+			<tr>
+				<td><div id=\"code\">" . highlight_string( $source, true ) . "</div></td>
+			</tr>
+		</table>
+	</div>
+	<br /> <br />
+
+	<form>
+		<input type=\"button\" value=\"Compare All Levels\" onclick=\"window.location.href='view_source_all.php?id=$id'\">
+	</form>
+</div>\n";
+
+dvwaSourceHtmlEcho( $page );
+
+?>