Beispiel #1
0
dvwaGetconfig();
#dvwadebug();
if (isset($_POST['reg'])) {
    $user = trim($_POST['username']);
    $user = stripslashes($user);
    $user = mysql_real_escape_string($user);
    $pass = trim($_POST['password']);
    $pass = stripslashes($pass);
    $pass = mysql_real_escape_string($pass);
    $pass_md5 = md5($pass);
    $insert_md5 = "insert into users values ('','{$user}','{$user}','{$user}','{$pass_md5}','dvwa/hackable/users/gordonb.jpg')";
    if ($user != '' and $pass != '' and $_POST['password'] == $_POST['password2']) {
        // Login Successful...
        $result_md5 = @mysql_query($insert_md5) or die('<pre>' . mysql_error() . '</br>insert fail,again!!</pre>');
        dvwaRedirect('index.php');
        dvwaMessagePush("You have reg succfully for '" . $user . "'");
        dvwaLogin($user);
        dvwaRedirect('login.php');
    }
    // Login failed
    dvwaMessagePush("reg failed");
    dvwaRedirect('reg.php');
}
$messagesHtml = messagesPopAllToHtml();
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\n\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n\n\t<head>\n\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n\n\t\t<title>XLABAS - REG</title>\n\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/login.css\" />\n\n\t</head>\n\n\t<body>\n\n\t<div align=\"center\">\n\t\n\t<br />\n\n\t<p><img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/login_logo.png\" /></p>\n\n\t<br />\n\t\n\t<form action=\"reg.php\" method=\"post\">\n\t\n\t<fieldset>\n\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />\n\t\n\t\t\t\n\t\t\t<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />\n\t\t\t\n\t\t\t<label for=\"pass\">Password2</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password2\"><br />\n\t\t\t\n\t\t\t<p class=\"submit\"><input type=\"submit\" value=\"Reg\" name=\"reg\"></p>\n\n\t</fieldset>\n\n\t</form>\n\n\t\n\t<br />\n\n\t{$messagesHtml}\n\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\t\n\n\t<!-- <img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/RandomStorm.png\" /> -->\n\t\n\t<p>Damn HTJC SeclabX ASystem (XlabAS)  is a RandomStorm OpenSource project</p>\n\t\n\t</div> <!-- end align div -->\n\n\t</body>\n\n</html>\n";
Beispiel #2
0
function dvwaHtmlEcho($pPage)
{
    $menuBlocks = array();
    $menuBlocks['home'] = array();
    $menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
    $menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
    $menuBlocks['home'][] = array('id' => 'setup', 'name' => 'Setup / Reset', 'url' => 'setup.php');
    $menuBlocks['vulnerabilities'] = array();
    $menuBlocks['vulnerabilities'][] = array('id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'captcha', 'name' => 'Insecure CAPTCHA', 'url' => 'vulnerabilities/captcha/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php');
    $menuBlocks['vulnerabilities'][] = array('id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'xss_r', 'name' => 'XSS (Reflected)', 'url' => 'vulnerabilities/xss_r/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'xss_s', 'name' => 'XSS (Stored)', 'url' => 'vulnerabilities/xss_s/.');
    $menuBlocks['meta'] = array();
    $menuBlocks['meta'][] = array('id' => 'security', 'name' => 'DVWA Security', 'url' => 'security.php');
    $menuBlocks['meta'][] = array('id' => 'phpinfo', 'name' => 'PHP Info', 'url' => 'phpinfo.php');
    $menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
    $menuBlocks['logout'] = array();
    $menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
    $menuHtml = '';
    foreach ($menuBlocks as $menuBlock) {
        $menuBlockHtml = '';
        foreach ($menuBlock as $menuItem) {
            $selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'selected' : '';
            $fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'];
            $menuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$menuItem['name']}</a></li>\n";
        }
        $menuHtml .= "<ul class=\"menuBlocks\">{$menuBlockHtml}</ul>";
    }
    // Get security cookie --
    $securityLevelHtml = '';
    switch (dvwaSecurityLevelGet()) {
        case 'low':
            $securityLevelHtml = 'low';
            break;
        case 'medium':
            $securityLevelHtml = 'medium';
            break;
        case 'high':
            $securityLevelHtml = 'high';
            break;
        default:
            $securityLevelHtml = 'high';
            break;
    }
    // -- END (security cookie)
    $phpIdsHtml = '<em>PHPIDS:</em> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
    $userInfoHtml = '<em>Username:</em> ' . dvwaCurrentUser();
    $messagesHtml = messagesPopAllToHtml();
    if ($messagesHtml) {
        $messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
    }
    $systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
    if ($pPage['source_button']) {
        $systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
    }
    if ($pPage['help_button']) {
        $systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
    }
    // Send Headers + main HTML code
    Header('Cache-Control: no-cache, must-revalidate');
    // HTTP/1.1
    Header('Content-Type: text/html;charset=utf-8');
    // TODO- proper XHTML headers...
    Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
    // Date in the past
    echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n\r\n\t\t<title>{$pPage['title']}</title>\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\r\n\r\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n\r\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\r\n\r\n\t</head>\r\n\r\n\t<body class=\"home\">\r\n\t\t<div id=\"container\">\r\n\r\n\t\t\t<div id=\"header\">\r\n\r\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/logo.png\" alt=\"Damn Vulnerable Web App\" />\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_menu\">\r\n\r\n\t\t\t\t<div id=\"main_menu_padded\">\r\n\t\t\t\t{$menuHtml}\r\n\t\t\t\t</div>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_body\">\r\n\r\n\t\t\t\t{$pPage['body']}\r\n\t\t\t\t<br />\r\n\t\t\t\t<br />\r\n\t\t\t\t{$messagesHtml}\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div class=\"clear\">\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"system_info\">\r\n\t\t\t\t{$systemInfoHtml}\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"footer\">\r\n\r\n\t\t\t\t<p>Damn Vulnerable Web Application (DVWA) v" . dvwaVersionGet() . "</p>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t</div>\r\n\r\n\t</body>\r\n\r\n</html>";
}
Beispiel #3
0
function dvwaHtmlEcho($pPage)
{
    $menuBlocks = array();
    $menuBlocks['home'] = array();
    $menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
    $menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
    $menuBlocks['vulnerabilities'] = array();
    $menuBlocks['vulnerabilities'][] = array('id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.');
    #$menuBlocks['vulnerabilities'][] = array( 'id' => 'captcha', 'name' => 'Insecure CAPTCHA', 'url' => 'vulnerabilities/captcha/.' );
    $menuBlocks['vulnerabilities'][] = array('id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php');
    $menuBlocks['vulnerabilities'][] = array('id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'xss_r', 'name' => 'XSS reflected', 'url' => 'vulnerabilities/xss_r/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'xss_s', 'name' => 'XSS stored', 'url' => 'vulnerabilities/xss_s/.');
    if (dvwaIfWork()) {
        $menuBlocks['vulnerabilities'][] = array('id' => 'vulns', 'name' => 'Vulns', 'url' => 'vulnerabilities/vulns/.');
        $menuBlocks['vulnerabilities'][] = array('id' => 'work', 'name' => 'Work', 'url' => 'vulnerabilities/work/.');
    }
    if (dvwaIsCtf()) {
        $menuBlocks['vulnerabilities'][] = array('id' => 'ctf', 'name' => 'CTF', 'url' => 'vulnerabilities/ctf/?pid=1');
        $menuBlocks['vulnerabilities'][] = array('id' => 'submit', 'name' => 'Submit', 'url' => 'vulnerabilities/ctf/?pid=submit');
        $menuBlocks['vulnerabilities'][] = array('id' => 'score', 'name' => 'Score', 'url' => 'vulnerabilities/ctf/?pid=score&name=' . dvwaCurrentUser());
    }
    if (xlabisadmin()) {
        $menuBlocks['home'][] = array('id' => 'setup', 'name' => 'Setup', 'url' => 'setup.php');
        $menuBlocks['home'][] = array('id' => 'admin', 'name' => 'Admin', 'url' => 'vulnerabilities/admin/.');
        $menuBlocks['home'][] = array('id' => 'manager', 'name' => 'Manager', 'url' => 'vulnerabilities/admin/manager.php');
    }
    $menuBlocks['meta'] = array();
    $menuBlocks['meta'][] = array('id' => 'security', 'name' => 'DVWA Security', 'url' => 'security.php');
    $menuBlocks['meta'][] = array('id' => 'phpinfo', 'name' => 'PHP Info', 'url' => 'phpinfo.php');
    $menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
    $menuBlocks['logout'] = array();
    $menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
    $menuHtml = '';
    foreach ($menuBlocks as $menuBlock) {
        $menuBlockHtml = '';
        foreach ($menuBlock as $menuItem) {
            $selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'selected' : '';
            $fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'];
            $menuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$menuItem['name']}</a></li>";
        }
        $menuHtml .= "<ul>{$menuBlockHtml}</ul>";
    }
    // Get security cookie --
    $securityLevelHtml = dvwaIsCtf() ? 'CTF' : dvwaSecurityLevelGet();
    // -- END
    $phpIdsHtml = '<b>PHPIDS:</b> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
    $userInfoHtml = '<b>Username:</b> ' . dvwaCurrentUser();
    $AppModel = '<b>AppModel:</b> ' . dvwaGetModel();
    $messagesHtml = messagesPopAllToHtml();
    if ($messagesHtml) {
        $messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
    }
    $systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br />{$AppModel}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
    if ($pPage['source_button'] && !dvwaIsCtf()) {
        $systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
    }
    if ($pPage['help_button'] && !dvwaIsCtf()) {
        $systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
    }
    if (dvwaIsCtf()) {
        $addr = xlabGetLocation();
        $systemInfoHtml = "<label for=\"QNUM\">CTF Numbers:</label><form action=\"{$addr}/vulnerabilities/ctf/\" method=\"GET\">" . dvwaGetlist() . "<input type=\"submit\" name=\"select\" value='select'>\n\t\t</form>" . "{$systemInfoHtml}";
        $value = (isset($_GET['pid']) and is_numeric($_GET['pid'])) ? $_GET['pid'] : '1';
        $ctfselect = xlabGetJs(xlabJqSelect("ctf_select", $value));
        #$ctfselect="<script>document.getElementById('ctf_select').options[5].setAttribute('selected', 'selected');</script>";
    }
    // Send Headers + main HTML code
    Header('Cache-Control: no-cache, must-revalidate');
    // HTTP/1.1
    Header('Content-Type: text/html;charset=utf-8');
    // TODO- proper XHTML headers...
    Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
    // Date in the past
    echo "\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n\n\t<head>\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n\n\t\t<title>{$pPage['title']}</title>\n\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\n\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\n\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\n\n\t</head>\n\n\t<body class=\"home\">\n\t\t<div id=\"container\">\n\n\t\t\t<div id=\"header\">\n\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/logo.png\" alt=\"Damn Vulnerable Web App\" />\n\n\t\t\t</div>\n\n\t\t\t<div id=\"main_menu\">\n\n\t\t\t\t<div id=\"main_menu_padded\">\n\t\t\t\t{$menuHtml}\n\t\t\t\t</div>\n\n\t\t\t</div>\n\n\t\t\t<div id=\"main_body\">\n\t\t\t\t<script  src='../../dvwa/js/jquery.js' type='text/javascript' charset='utf-8'></script>\n\t\t\t\t{$pPage['body']}\n\t\t\t\n\t\t\t\t<br />\n\t\t\t\t<br />\n\t\t\t\t{$messagesHtml}\n\n\t\t\t</div>\n\n\t\t\t<div class=\"clear\">\n\t\t\t</div>\n\n\t\t\t<div id=\"system_info\">\n\t\t\t\t{$systemInfoHtml}\n\t\t\t</div>\n\n\t\t\t<div id=\"footer\">\n\t\t\t\t{$ctfselect}\n\t\t\t\t<p>HTJC SeclabX ASystem (XlabAS)  v" . dvwaVersionGet() . "</p>\n\n\t\t\t</div>\n\n\t\t</div>\n\n\t</body>\n\n</html>";
}
Beispiel #4
0
function dvwaHtmlEcho($pPage)
{
    $menuBlocks = array();
    $menuBlocks['home'] = array();
    $menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
    $menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
    $menuBlocks['vulnerabilities'] = array();
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-63321', 'name' => 'Regex #02-Domain too', 'url' => 'vulnerabilities/WooYun-2014-63321/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-61978', 'name' => 'CSRF #01-Flash Upload', 'url' => 'vulnerabilities/WooYun-2014-61978/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-61361', 'name' => 'Sqli QUERY_STRING', 'url' => 'vulnerabilities/WooYun-2014-61361/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-59940', 'name' => 'Regex #01-Domain fraud', 'url' => 'vulnerabilities/WooYun-2014-59940/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-53384', 'name' => 'Sqli filter #02-Once', 'url' => 'vulnerabilities/WooYun-2014-53384/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-52257', 'name' => 'Sqli Mysql #01', 'url' => 'vulnerabilities/WooYun-2014-52257/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-52248', 'name' => 'No [Comma] Sqli', 'url' => 'vulnerabilities/WooYun-2014-52248/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51950', 'name' => 'Sqli using [Slashes]', 'url' => 'vulnerabilities/WooYun-2014-51950/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51687', 'name' => 'Sqli filter #02-80sec', 'url' => 'vulnerabilities/WooYun-2014-51687/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51536', 'name' => 'XSS #08-mXSS', 'url' => 'vulnerabilities/WooYun-2014-51536/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51505', 'name' => 'Sqli filter #01', 'url' => 'vulnerabilities/WooYun-2014-51505/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-50644', 'name' => 'No [Space] Sqli', 'url' => 'vulnerabilities/WooYun-2014-50644/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-50315', 'name' => 'XSS #07-SVG', 'url' => 'vulnerabilities/WooYun-2014-50315/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-34885', 'name' => 'Contradiction #01', 'url' => 'vulnerabilities/WooYun-2013-34885/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-31669', 'name' => 'Indirect SQLi #01', 'url' => 'vulnerabilities/WooYun-2013-31669/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-20759', 'name' => 'Decrypt #01-CCA2', 'url' => 'vulnerabilities/WooYun-2013-20759/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-19115', 'name' => 'Workflow #1-302', 'url' => 'vulnerabilities/WooYun-2013-19115/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16598', 'name' => 'XSS #06-Flash02', 'url' => 'vulnerabilities/WooYun-2012-16598/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16532', 'name' => 'XSS #05-Flash01', 'url' => 'vulnerabilities/WooYun-2012-16532/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16041', 'name' => 'XSS #04-Encoding', 'url' => 'vulnerabilities/WooYun-2012-16041/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16003', 'name' => 'XSS #03-InComment', 'url' => 'vulnerabilities/WooYun-2012-16003/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-15979', 'name' => 'XSS #02-TwoVars', 'url' => 'vulnerabilities/WooYun-2012-15979/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-15969', 'name' => 'XSS #01-GBK', 'url' => 'vulnerabilities/WooYun-2012-15969/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2011-02236', 'name' => 'LFI+log', 'url' => 'vulnerabilities/WooYun-2011-02236/.');
    $menuBlocks['vulnerabilities'][] = array('id' => 'Drops-1015', 'name' => 'Linux pentest tricks', 'url' => 'vulnerabilities/Drops-1015/.');
    $menuBlocks['meta'] = array();
    $menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
    $menuBlocks['logout'] = array();
    $menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
    $menuHtml = '';
    foreach ($menuBlocks as $menuBlock) {
        $menuBlockHtml = '';
        foreach ($menuBlock as $menuItem) {
            $selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'list-group-item active' : 'list-group-item';
            $fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'] . '#here_body';
            $menuBlockHtml .= "<a href=\"{$fixedUrl}\" onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\">{$menuItem['name']}</a>";
        }
        $menuHtml .= "<ul>{$menuBlockHtml}</ul>";
    }
    // Get security cookie --
    $securityLevelHtml = '';
    switch (dvwaSecurityLevelGet()) {
        case 'low':
            $securityLevelHtml = 'low';
            break;
        case 'medium':
            $securityLevelHtml = 'medium';
            break;
        case 'high':
            $securityLevelHtml = 'high';
            break;
        default:
            $securityLevelHtml = 'low';
            break;
    }
    // -- END
    $phpIdsHtml = '<b>PHPIDS:</b> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
    $userInfoHtml = '<b>Username:</b> ' . dvwaCurrentUser();
    $messagesHtml = messagesPopAllToHtml();
    if ($messagesHtml) {
        $messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
    }
    $systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
    if ($pPage['source_button']) {
        $systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
    }
    if ($pPage['help_button']) {
        $systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
    }
    // Send Headers + main HTML code
    Header('Cache-Control: no-cache, must-revalidate');
    // HTTP/1.1
    Header('Content-Type: text/html;charset=utf-8');
    // TODO- proper XHTML headers...
    Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
    // Date in the past
    echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n\r\n\t\t<title>{$pPage['title']}</title>\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/bootstrap.min.css\" />\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/bootstrap-theme.min.css\" />\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/navbar-fixed-top.css\" />\r\n\r\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n\r\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\r\n\r\n\t</head>\r\n\r\n\t<body class=\"home\">\r\n\r\n\t\t\t<div id=\"header\" style=\"text-align:center;\">\r\n\r\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/wooyun_logo.jpg\" alt=\"WooYun DVWA\" height=\"200\" width=\"800\"/>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t<div id=\"container\" align=\"center\">\r\n\r\n    <div class=\"navbar navbar-default navbar-fixed-top\" role=\"navigation\" >\r\n      <div class=\"container\">\r\n        <div class=\"navbar-header\">\r\n          <button type=\"button\" class=\"navbar-toggle collapsed\" data-toggle=\"collapse\" data-target=\".navbar-collapse\">\r\n            <span class=\"sr-only\">Toggle navigation</span>\r\n            <span class=\"icon-bar\"></span>\r\n            <span class=\"icon-bar\"></span>\r\n            <span class=\"icon-bar\"></span>\r\n          </button>\r\n          <a class=\"navbar-brand\" href=\"#\">DVWA WooYun</a>\r\n        </div>\r\n        <div class=\"navbar-collapse collapse\">\r\n          <ul class=\"nav navbar-nav\">\r\n            <li><a href=\"/\">Home</a></li>\r\n            <li><a href=\"http://wooyun.org\">Wooyun</a></li>\r\n            <li><a href=\"/instructions.php#here_body\">Instructions</a></li>\r\n          </ul>\r\n          <ul class=\"nav navbar-nav navbar-right\">\r\n            <li><a href=\"/about.php#here_body\">About</a></li>\r\n            <li><a href=\"/logout.php\">Logout</a></li>\r\n          </ul>\r\n        </div><!--/.nav-collapse -->\r\n      </div>\r\n    </div>\r\n\r\n<a name=\"here_body\"></a><!-- 定义锚点 -->  \r\n<br>\r\n<br>\r\n<br>\r\n\r\n\t\t\t<div id=\"main_menu\" style=\"width:20%;float:left;padding-left: 15px;\">\r\n\r\n\t\t\t\t<div class=\"row\">\r\n\t\t\t\t\t<div class=\"list-group\">\r\n\t\t\t\t\t\t{$menuHtml}\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_body\" style=\"width:75%;float:right\">\r\n\r\n\t\t\t\t{$pPage['body']}\r\n\t\t\t\t<br />\r\n\t\t\t\t<br />\r\n\t\t\t\t{$messagesHtml}\r\n\t\t\t\t{$systemInfoHtml}\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div class=\"clear\">\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"footer\">\r\n\r\n\t\t\t\t<p>WooYun DVWA v" . dvwaVersionGet() . "</p>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t</div>\r\n\r\n\t</body>\r\n\r\n</html>";
}
function blobNoLoginHtmlEcho($pPage, $right)
{
    $homepage = BLOB_WEB_PAGE_TO_ROOT . 'index.php';
    $pmenuBlocks = array();
    $pmenuBlocks[] = array('id' => 'login', 'name' => 'Login', 'url' => 'login.php');
    $pmenuBlocks[] = array('id' => 'join', 'name' => 'Join', 'url' => 'join.php');
    $pmenuBlocks[] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
    $primaryMenuHtml = '';
    $pmenuBlockHtml = '';
    foreach ($pmenuBlocks as $pmenuItem) {
        $selectedClass = $pmenuItem['id'] == $pPage['page_id'] ? 'selected' : '';
        $fixedUrl = BLOB_WEB_PAGE_TO_ROOT . $pmenuItem['url'];
        $pmenuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$pmenuItem['name']}</a></li>";
    }
    $primaryMenuHtml .= "<ul>{$pmenuBlockHtml}</ul>";
    $quote = getQuote();
    $messagesHtml = messagesPopAllToHtml();
    if ($messagesHtml) {
        $messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
    }
    // Send Headers + main HTML code
    Header('Cache-Control: no-cache, must-revalidate');
    // HTTP/1.1
    Header('Content-Type: text/html;charset=utf-8');
    // TODO- proper XHTML headers...
    Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
    // Date in the past
    echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n    <head>\r\n        <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n        <title>{$pPage['title']}</title>\r\n        <link rel=\"stylesheet\" type=\"text/css\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/css/login.css\" />\r\n        <link rel=\"stylesheet\" type=\"text/css\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/css/main.css\" />\r\n        <link rel=\"icon\" type=\"\\image/ico\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n        {$pPage['script']}\r\n    </head>\r\n    <body {$pPage['onload']} class=\"home\">\r\n        <div id=\"header\">\r\n            <a href=\"{$homepage}\"><img class=\"header_img\" src=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/images/logo.png\" alt=\"blob\" height=40 width=60/></a>\r\n            <div id=\"quote\">\r\n                {$quote}\r\n            </div>\r\n\r\n            <div id=\"primary_menu\">\r\n                {$primaryMenuHtml}\r\n            </div>\r\n        </div>\r\n        <div id=\"wrapper\">\r\n            <div id=\"container\" class=\"rounded-corners\">\r\n                <div id=\"main_menu\">\r\n                    <div id=\"main_menu_padded\">\r\n\t\t      {$right}\r\n                    </div>\r\n                </div>\r\n                <div id=\"main_body\" class=\"rounded-corners-left\">\r\n                        {$pPage['body']}\r\n                        <center>\r\n                            {$messagesHtml}\r\n                        </center>\r\n                </div>\r\n                <div class=\"clear\">\r\n                </div>\r\n            </div>\r\n            <div id=\"footer\" class=\"rounded-corners\">\r\n                <p>Greenify " . blobVersionGet() . " is a Free and OpenSource Microblogging client</p>\r\n            </div>\r\n        </div>\r\n    </body>\r\n</html>";
}