<?php if (isset($_GET['Login'])) { // Anti-CSRF checkTokens($_POST['token'], "index.php"); // Sanitise username input $user = $_GET['username']; $user = stripslashes($user); $user = mysql_real_escape_string($user); // Sanitise password input $pass = $_GET['password']; $pass = stripslashes($pass); $pass = mysql_real_escape_string($pass); $pass = md5($pass); $query = "SELECT * FROM `users` WHERE user='******' AND password='******';"; $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>'); if ($result && mysql_num_rows($result) == 1) { // Get users details $i = 0; // Bug fix. $avatar = mysql_result($result, $i, "avatar"); // Login Successful $html .= "<p>Welcome to the password protected area {$user}</p>"; $html .= '<img src="' . $avatar . '" />'; } else { // Login failed sleep(3); $html .= "<pre><br />Username and/or password incorrect.</pre>"; } mysql_close(); }
<?php define('DVWA_WEB_PAGE_TO_ROOT', ''); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('phpids')); dvwaDatabaseConnect(); if (isset($_POST['Login'])) { // Anti-CSRF checkTokens($_POST['token'], "login.php"); $user = $_POST['username']; $user = stripslashes($user); $user = mysql_real_escape_string($user); $pass = $_POST['password']; $pass = stripslashes($pass); $pass = mysql_real_escape_string($pass); $pass = md5($pass); $query = "SELECT table_schema, table_name, create_time\r\n\t\t\t\tFROM information_schema.tables\r\n\t\t\t\tWHERE table_schema='{$_DVWA['db_database']}' AND table_name='users'\r\n\t\t\t\tLIMIT 1"; $result = @mysql_query($query); if (mysql_num_rows($result) != 1) { dvwaMessagePush("First time.<br />Need to run 'setup.php'."); dvwaRedirect('setup.php'); } $query = "SELECT * FROM `users` WHERE user='******' AND password='******';"; $result = @mysql_query($query) or die('<pre>' . mysql_error() . '.<br />Try <a href="setup.php">installing again</a>.</pre>'); if ($result && mysql_num_rows($result) == 1) { // Login Successful... dvwaMessagePush("You have logged in as '{$user}'"); dvwaLogin($user); dvwaRedirect('index.php'); } // Login failed
<?php define('DVWA_WEB_PAGE_TO_ROOT', ''); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('phpids')); $page = dvwaPageNewGrab(); $page['title'] .= $page['title_separator'] . 'Setup'; $page['page_id'] = 'setup'; if (isset($_POST['create_db'])) { // Anti-CSRF checkTokens($_POST['token'], "setup.php"); if ($DBMS == 'MySQL') { include_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/DBMS/MySQL.php'; } elseif ($DBMS == 'PGSQL') { // include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php'; dvwaMessagePush('PostgreSQL is not yet fully supported.'); dvwaPageReload(); } else { dvwaMessagePush('ERROR: Invalid database selected. Please review the config file syntax.'); dvwaPageReload(); } } // Anti-CSRF generateTokens(); $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h1>Database Setup <img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/spanner.png\" /></h1>\r\n\r\n\t<p>Click on the 'Create / Reset Database' button below to create or reset your database.</br>\r\n\tIf you get an error make sure you have the correct user credentials in: <em>" . realpath(getcwd()) . "/config/config.inc.php</em></p>\r\n\r\n\t<p>If the database already exists, <em>it will be cleared and the data will be reset</em>.<br />\r\n\tYou can also use this to reset the administrator credentials (\"<em>admin</em> // <em>password</em>\") at any stage.</p>\r\n\t<hr />\r\n\t<br />\r\n\r\n\t<h2>Setup Check</h2>\r\n\r\n\t{$DVWAOS}<br />\r\n\tBackend Database: <em>" . $DBMS . "</em><br />\r\n\t<br />\r\n\tPHP Version: v<em>" . phpversion() . "</em><br />\r\n\t{$phpSafeMode}<br/ >\r\n\t{$phpDisplayErrors}<br />\r\n\t{$phpURLInclude}<br/ >\r\n\t{$phpURLFopen}<br />\r\n\t{$phpMagicQuotes}<br />\r\n\t<br />\r\n\t{$DVWARecaptcha}<br />\r\n\t<br />\r\n\t{$DVWAUploadsWrite}<br />\r\n\t{$DVWAPHPWrite}<br />\r\n\t<br />\r\n\t<i>Status with \"(*)\" indicate there could be possible issue(s) with a certain modules.</i><br />\r\n\t<br /><br /><br />\r\n\r\n\t<!-- Create db button -->\r\n\t<form action=\"#\" method=\"post\">\r\n\t\t<input name=\"create_db\" type=\"submit\" value=\"Create / Reset Database\">\r\n\t\t" . tokenField() . "\r\n\t</form>\r\n</div>\r\n"; dvwaHtmlEcho($page);
<?php define('DVWA_WEB_PAGE_TO_ROOT', ''); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('authenticated', 'phpids')); $page = dvwaPageNewGrab(); $page['title'] .= $page['title_separator'] . 'DVWA Security'; $page['page_id'] = 'security'; $securityHtml = ''; if (isset($_POST['seclev_submit'])) { // Anti-CSRF checkTokens($_POST['token'], "security.php"); $securityLevel = 'high'; switch ($_POST['security']) { case 'low': $securityLevel = 'low'; break; case 'medium': $securityLevel = 'medium'; break; } dvwaSecurityLevelSet($securityLevel); dvwaMessagePush("Security level set to {$securityLevel}"); dvwaPageReload(); } if (isset($_GET['phpids'])) { switch ($_GET['phpids']) { case 'on': dvwaPhpIdsEnabledSet(true); dvwaMessagePush("PHPIDS is now enabled"); break;