<?php
define('DVWA_WEB_PAGE_TO_ROOT', '../../');
require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php';
dvwaPageStartup(array('authenticated', 'phpids'));
$page = dvwaPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Vulnerabilidad: Stored Cross Site Scripting (XSS)';
$page['page_id'] = 'xss_s';
dvwaDatabaseConnect();
$vulnerabilityFile = '';
switch ($_COOKIE['security']) {
case 'low':
$vulnerabilityFile = 'low.php';
break;
case 'medium':
$vulnerabilityFile = 'medium.php';
break;
case 'high':
default:
$vulnerabilityFile = 'high.php';
break;
}
require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/xss_s/source/{$vulnerabilityFile}";
$page['help_button'] = 'xss_s';
$page['source_button'] = 'xss_s';
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h1>Vulnerabilidad: Stored Cross Site Scripting (XSS)</h1>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\r\n\t\t<form method=\"post\" name=\"guestform\" onsubmit=\"return validate_form(this)\">\r\n\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t<tr>\r\n\t\t<td width=\"100\">Nombre *</td> <td>\r\n\t\t<input name=\"txtName\" type=\"text\" size=\"30\" maxlength=\"10\"></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td width=\"100\">Mensaje *</td> <td>\r\n\t\t<textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"100\"></textarea></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td width=\"100\"> </td>\r\n\t\t<td>\r\n\t\t<input name=\"btnSign\" type=\"submit\" value=\"Deja tu Comentario\" onClick=\"return checkForm();\"></td>\r\n\t\t</tr>\r\n\t\t</table>\r\n\t\t</form>\r\n\r\n\t\t{$html}\r\n\t\t\r\n\t</div>\r\n\t\r\n\t<br />\r\n\t\r\n\t" . dvwaGuestbook() . "\r\n\t<br />\r\n\t\r\n\t\r\n</div>\r\n";
dvwaHtmlEcho($page);
dvwaPageStartup(array('authenticated', 'phpids'));
$page = dvwaPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Vulnerability: Stored Cross Site Scripting (XSS)';
$page['page_id'] = 'xss_s';
$page['help_button'] = 'xss_s';
$page['source_button'] = 'xss_s';
dvwaDatabaseConnect();
$vulnerabilityFile = '';
switch ($_COOKIE['security']) {
case 'low':
$vulnerabilityFile = 'low.php';
break;
case 'medium':
$vulnerabilityFile = 'medium.php';
break;
case 'high':
default:
$vulnerabilityFile = 'high.php';
break;
}
// Anti-CSRF
if ($vulnerabilityFile == 'high.php') {
generateTokens();
}
require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/xss_s/source/{$vulnerabilityFile}";
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h1>Vulnerability: Stored Cross Site Scripting (XSS)</h1>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"guestform\" onsubmit=\"return validate_form(this)\">\r\n\t\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td width=\"100\">Name *</td>\r\n\t\t\t\t\t<td><input name=\"txtName\" type=\"text\" size=\"30\" maxlength=\"10\"></td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td width=\"100\">Message *</td>\r\n\t\t\t\t\t<td><textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"50\"></textarea></td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td width=\"100\"> </td>\r\n\t\t\t\t\t<td><input name=\"btnSign\" type=\"submit\" value=\"Sign Guestbook\" onClick=\"return checkForm();\"></td>\r\n\t\t\t\t</tr>\r\n\t\t\t</table>";
if ($vulnerabilityFile == 'high.php') {
$page['body'] .= "\t\t\t" . tokenField();
}
$page['body'] .= "\r\n\t\t</form>\r\n\t\t{$html}\r\n\t</div>\r\n\t<br />\r\n\r\n\t" . dvwaGuestbook() . "\r\n\t<br />\r\n\r\n\t<h2>More Information</h2>\r\n\t<ul>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('https://en.wikipedia.org/wiki/Cross-site_scripting') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('http://www.cgisecurity.com/xss-faq.html') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('http://www.scriptalert1.com/') . "</li>\r\n\t</ul>\r\n</div>\r\n";
dvwaHtmlEcho($page);
<?php
const DVWA_WEB_PAGE_TO_ROOT = '../../';
require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php';
dvwaPageStartup(array('authenticated', 'phpids'));
$page = dvwaPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Vulnerability: Stored Cross Site Scripting (XSS)';
$page['page_id'] = 'xss_s';
dvwaDatabaseConnect();
$vulnerabilityFile = '';
switch ($_COOKIE['security']) {
case 'low':
$vulnerabilityFile = 'low.php';
break;
case 'medium':
$vulnerabilityFile = 'medium.php';
break;
case 'high':
default:
$vulnerabilityFile = 'high.php';
break;
}
require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/xss_s/source/{$vulnerabilityFile}";
$page['help_button'] = 'xss_s';
$page['source_button'] = 'xss_s';
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h1>Vulnerability: Stored Cross Site Scripting (XSS)</h1>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\r\n\t\t<form method=\"post\" name=\"guestform\" onsubmit=\"return validate_form(this)\">\r\n\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t<tr>\r\n\t\t<td width=\"100\">Name *</td> <td>\r\n\t\t<input name=\"txtName\" type=\"text\" size=\"30\" maxlength=\"10\"></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td width=\"100\">Message *</td> <td>\r\n\t\t<textarea name=\"mtxMessage\" cols=\"50\" rows=\"3\" maxlength=\"50\"></textarea></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td width=\"100\"> </td>\r\n\t\t<td>\r\n\t\t<input name=\"btnSign\" type=\"submit\" value=\"Sign Guestbook\" onClick=\"return checkForm();\"></td>\r\n\t\t</tr>\r\n\t\t</table>\r\n\t\t</form>\r\n\r\n\t\t{$html}\r\n\t\t\r\n\t</div>\r\n\t\r\n\t<br />\r\n\t\r\n\t" . dvwaGuestbook() . "\r\n\t<br />\r\n\t\r\n\t<h2>More info</h2>\r\n\r\n\t<ul>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('http://ha.ckers.org/xss.html') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('http://en.wikipedia.org/wiki/Cross-site_scripting') . "</li>\r\n\t\t<li>" . dvwaExternalLinkUrlGet('http://www.cgisecurity.com/xss-faq.html') . "</li>\r\n\t</ul>\r\n</div>\r\n";
dvwaHtmlEcho($page);
