function dvwaPageStartup($pActions) { if (in_array('authenticated', $pActions)) { if (!dvwaIsLoggedIn()) { dvwaRedirect(DVWA_WEB_PAGE_TO_ROOT . 'login.php'); } } if (in_array('phpids', $pActions)) { if (dvwaPhpIdsIsEnabled()) { dvwaPhpIdsTrap(); } } if (in_array('admin', $pActions)) { if (!xlabisadmin()) { dvwaRedirect(DVWA_WEB_PAGE_TO_ROOT . 'login.php'); } } $setuser = xlabGetSqli('setuser', $_REQUEST); if (dvwaGetuser() == "admin" && !empty($setuser)) { $dvwasession =& dvwaSessionGrab(); $dvwasession['username'] = $setuser; } }
$num = mysql_numrows($result); $i = 0; while ($i < $num) { $pid = mysql_result($result, $i, "pid"); $user = mysql_result($result, $i, "user"); $flag = mysql_result($result, $i, "flag"); $status = mysql_result($result, $i, "status"); $html .= "</tr><td>{$pid}</td><td>{$user}</td><td>{$flag}</td><td>{$status}</td></tr>"; $i++; } return "\n\t<table border=1 width=100%>\n\t<tr>\n\t<th>Pid</th><th>User</th><th>Flag</th><th>Status</th>\n\t</tr>\n\t{$html}\n\t</table>"; } $page = dvwaPageNewGrab(); $page['title'] .= $page['title_separator'] . 'View Score'; $page['page_id'] = 'score'; $page['help_button'] = 'score'; $page['source_button'] = 'score'; $magicQuotesWarningHtml = ''; // Check if Magic Quotes are on or off if (ini_get('magic_quotes_gpc') == true) { $magicQuotesWarningHtml = "\t<div class=\"warning\">Magic Quotes are on, you will not be able to inject SQL.</div>"; } dvwaMessagePush($_GET['msg']); if (isset($_GET['view'])) { if ($_GET['view'] == dvwaGetuser() or xlabisadmin()) { $table = getuserflag(xlabGetSqli('view', $_GET)); } } else { $table = getuserranking(); } $page['body'] .= "\n<div class=\"body_padded\">\n\t<h1>View Score</h1>\n\n\t{$magicQuotesWarningHtml}\n\n\t<div >\n\t{$table}\n\t</div>\n</div>\n";
<?php define('DVWA_WEB_PAGE_TO_ROOT', ''); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('authenticated', 'phpids')); $page = dvwaPageNewGrab(); $page['title'] .= $page['title_separator'] . 'DVWA Security'; $page['page_id'] = 'security'; $user = dvwaGetuser(); $securityHtml = ''; if (isset($_POST['seclev_submit'])) { $securityLevel = 'high'; dvwaCtfUnSet(); switch ($_POST['security']) { case 'low': $securityLevel = 'low'; break; case 'medium': $securityLevel = 'medium'; break; case 'ctf': if (!dvwaIfCtf()) { break; } dvwaCtfSet(); $securityLevel = 'ctf'; break; } if (dvwaIfWork() and !dvwaIfWork()) { $securityLevel = 'high'; }
<?php define('DVWA_WEB_PAGE_TO_ROOT', '../../../'); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('authenticated', 'phpids')); dvwaDatabaseConnect(); if (isset($_GET['del'])) { $name = xlabGetSqli('del', $_GET); if ($name == dvwaGetuser() or xlabisadmin()) { $sql = "DELETE FROM userflag WHERE user='******'"; $result = mysql_query($sql); dvwaRedirect(xlabGetLocation() . "/vulnerabilities/ctf/?pid=score&msg=delete {$name} succfully!!!"); } else { dvwaRedirect(xlabGetLocation() . "/vulnerabilities/ctf/?pid=score&msg=delete {$name} fail!!!"); } }