![](https://img-blog.csdnimg.cn/20201231122749933.jpg?x-oss-process=image/resize,m_fixed,h_224,w_224)
dvwa1.10
文章平均质量分 81
dvwa的通关笔记
小 白 萝 卜
我很懒,根本不想改简介
展开
-
【DVWA1.10】Command Injection通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossibleSecurity Level: low<?php if( isset( $_POST[ 'Submit' ] ) ) { // Get input $target = $_REQUEST[ 'ip' ]; // Determine OS and execute the ping com原创 2021-01-05 09:56:38 · 201 阅读 · 0 评论 -
【DVWA1.10】Brute Force通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossibleSecurity Level: low<?php if( isset( $_GET[ 'Login' ] ) ) { // Get username $user = $_GET[ 'username' ]; // Get password $pass = $_GET[ 'pas原创 2021-01-04 20:29:42 · 259 阅读 · 0 评论 -
【DVWA1.10】File Upload通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossibleSecurity Level: low<?php if( isset( $_POST[ 'Upload' ] ) ) { // Where are we going to be writing to? $target_path = DVWA_WEB_PAGE_TO_ROOT . "hackable原创 2021-01-04 10:34:15 · 252 阅读 · 0 评论 -
【DVWA1.10】File Inclusion通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: high.Security Level: impossibleDVWA目录下自带phpinfo.php的文件,我们文件包含的目的便设定为读取该文件。Security Level: low<?php // The page we wish to display $file = $_GET[ 'page' ]; ?> 可以看到什么都没有过滤,就一个传入,直接读取原创 2021-01-04 09:11:21 · 176 阅读 · 0 评论 -
【DVWA1.10】Stored Cross Site Scripting (XSS)通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossibleSecurity Level: low<?php if( isset( $_POST[ 'btnSign' ] ) ) { // Get input $message = trim( $_POST[ 'mtxMessage' ] ); $name = trim( $_POST[ 't原创 2020-12-31 13:58:23 · 158 阅读 · 0 评论 -
【DVWA1.10】Reflected Cross Site Scripting (XSS)通关笔记
难度Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossible额外补充:Security Level: low<?php header ("X-XSS-Protection: 0"); // Is there any input? if( array_key_exists( "name", $_GET ) && $_GET[ 'name' ] != NULL原创 2020-12-31 12:27:14 · 223 阅读 · 0 评论 -
【DVWA1.10】SQL Injection通关笔记
等级Security Level: lowSecurity Level: mediumSecurity Level: highSecurity Level: impossibleSecurity Level: low<?php if( isset( $_REQUEST[ 'Submit' ] ) ) { // Get input $id = $_REQUEST[ 'id' ]; // Check database $query = "SELECT f原创 2020-12-31 10:36:53 · 345 阅读 · 0 评论