dvwaGetconfig();
#dvwadebug();
if (isset($_POST['reg'])) {
$user = trim($_POST['username']);
$user = stripslashes($user);
$user = mysql_real_escape_string($user);
$pass = trim($_POST['password']);
$pass = stripslashes($pass);
$pass = mysql_real_escape_string($pass);
$pass_md5 = md5($pass);
$insert_md5 = "insert into users values ('','{$user}','{$user}','{$user}','{$pass_md5}','dvwa/hackable/users/gordonb.jpg')";
if ($user != '' and $pass != '' and $_POST['password'] == $_POST['password2']) {
// Login Successful...
$result_md5 = @mysql_query($insert_md5) or die('<pre>' . mysql_error() . '</br>insert fail,again!!</pre>');
dvwaRedirect('index.php');
dvwaMessagePush("You have reg succfully for '" . $user . "'");
dvwaLogin($user);
dvwaRedirect('login.php');
}
// Login failed
dvwaMessagePush("reg failed");
dvwaRedirect('reg.php');
}
$messagesHtml = messagesPopAllToHtml();
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\n\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n\n\t<head>\n\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n\n\t\t<title>XLABAS - REG</title>\n\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/login.css\" />\n\n\t</head>\n\n\t<body>\n\n\t<div align=\"center\">\n\t\n\t<br />\n\n\t<p><img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/login_logo.png\" /></p>\n\n\t<br />\n\t\n\t<form action=\"reg.php\" method=\"post\">\n\t\n\t<fieldset>\n\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />\n\t\n\t\t\t\n\t\t\t<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />\n\t\t\t\n\t\t\t<label for=\"pass\">Password2</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password2\"><br />\n\t\t\t\n\t\t\t<p class=\"submit\"><input type=\"submit\" value=\"Reg\" name=\"reg\"></p>\n\n\t</fieldset>\n\n\t</form>\n\n\t\n\t<br />\n\n\t{$messagesHtml}\n\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\n\t<br />\t\n\n\t<!-- <img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/RandomStorm.png\" /> -->\n\t\n\t<p>Damn HTJC SeclabX ASystem (XlabAS) is a RandomStorm OpenSource project</p>\n\t\n\t</div> <!-- end align div -->\n\n\t</body>\n\n</html>\n";
function dvwaHtmlEcho($pPage)
{
$menuBlocks = array();
$menuBlocks['home'] = array();
$menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
$menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
$menuBlocks['home'][] = array('id' => 'setup', 'name' => 'Setup / Reset', 'url' => 'setup.php');
$menuBlocks['vulnerabilities'] = array();
$menuBlocks['vulnerabilities'][] = array('id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'captcha', 'name' => 'Insecure CAPTCHA', 'url' => 'vulnerabilities/captcha/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php');
$menuBlocks['vulnerabilities'][] = array('id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'xss_r', 'name' => 'XSS (Reflected)', 'url' => 'vulnerabilities/xss_r/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'xss_s', 'name' => 'XSS (Stored)', 'url' => 'vulnerabilities/xss_s/.');
$menuBlocks['meta'] = array();
$menuBlocks['meta'][] = array('id' => 'security', 'name' => 'DVWA Security', 'url' => 'security.php');
$menuBlocks['meta'][] = array('id' => 'phpinfo', 'name' => 'PHP Info', 'url' => 'phpinfo.php');
$menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
$menuBlocks['logout'] = array();
$menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
$menuHtml = '';
foreach ($menuBlocks as $menuBlock) {
$menuBlockHtml = '';
foreach ($menuBlock as $menuItem) {
$selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'selected' : '';
$fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'];
$menuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$menuItem['name']}</a></li>\n";
}
$menuHtml .= "<ul class=\"menuBlocks\">{$menuBlockHtml}</ul>";
}
// Get security cookie --
$securityLevelHtml = '';
switch (dvwaSecurityLevelGet()) {
case 'low':
$securityLevelHtml = 'low';
break;
case 'medium':
$securityLevelHtml = 'medium';
break;
case 'high':
$securityLevelHtml = 'high';
break;
default:
$securityLevelHtml = 'high';
break;
}
// -- END (security cookie)
$phpIdsHtml = '<em>PHPIDS:</em> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
$userInfoHtml = '<em>Username:</em> ' . dvwaCurrentUser();
$messagesHtml = messagesPopAllToHtml();
if ($messagesHtml) {
$messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
}
$systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
if ($pPage['source_button']) {
$systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
}
if ($pPage['help_button']) {
$systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
}
// Send Headers + main HTML code
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n\r\n\t\t<title>{$pPage['title']}</title>\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\r\n\r\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n\r\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\r\n\r\n\t</head>\r\n\r\n\t<body class=\"home\">\r\n\t\t<div id=\"container\">\r\n\r\n\t\t\t<div id=\"header\">\r\n\r\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/logo.png\" alt=\"Damn Vulnerable Web App\" />\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_menu\">\r\n\r\n\t\t\t\t<div id=\"main_menu_padded\">\r\n\t\t\t\t{$menuHtml}\r\n\t\t\t\t</div>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_body\">\r\n\r\n\t\t\t\t{$pPage['body']}\r\n\t\t\t\t<br />\r\n\t\t\t\t<br />\r\n\t\t\t\t{$messagesHtml}\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div class=\"clear\">\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"system_info\">\r\n\t\t\t\t{$systemInfoHtml}\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"footer\">\r\n\r\n\t\t\t\t<p>Damn Vulnerable Web Application (DVWA) v" . dvwaVersionGet() . "</p>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t</div>\r\n\r\n\t</body>\r\n\r\n</html>";
}
function dvwaHtmlEcho($pPage)
{
$menuBlocks = array();
$menuBlocks['home'] = array();
$menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
$menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
$menuBlocks['vulnerabilities'] = array();
$menuBlocks['vulnerabilities'][] = array('id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.');
#$menuBlocks['vulnerabilities'][] = array( 'id' => 'captcha', 'name' => 'Insecure CAPTCHA', 'url' => 'vulnerabilities/captcha/.' );
$menuBlocks['vulnerabilities'][] = array('id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php');
$menuBlocks['vulnerabilities'][] = array('id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'xss_r', 'name' => 'XSS reflected', 'url' => 'vulnerabilities/xss_r/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'xss_s', 'name' => 'XSS stored', 'url' => 'vulnerabilities/xss_s/.');
if (dvwaIfWork()) {
$menuBlocks['vulnerabilities'][] = array('id' => 'vulns', 'name' => 'Vulns', 'url' => 'vulnerabilities/vulns/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'work', 'name' => 'Work', 'url' => 'vulnerabilities/work/.');
}
if (dvwaIsCtf()) {
$menuBlocks['vulnerabilities'][] = array('id' => 'ctf', 'name' => 'CTF', 'url' => 'vulnerabilities/ctf/?pid=1');
$menuBlocks['vulnerabilities'][] = array('id' => 'submit', 'name' => 'Submit', 'url' => 'vulnerabilities/ctf/?pid=submit');
$menuBlocks['vulnerabilities'][] = array('id' => 'score', 'name' => 'Score', 'url' => 'vulnerabilities/ctf/?pid=score&name=' . dvwaCurrentUser());
}
if (xlabisadmin()) {
$menuBlocks['home'][] = array('id' => 'setup', 'name' => 'Setup', 'url' => 'setup.php');
$menuBlocks['home'][] = array('id' => 'admin', 'name' => 'Admin', 'url' => 'vulnerabilities/admin/.');
$menuBlocks['home'][] = array('id' => 'manager', 'name' => 'Manager', 'url' => 'vulnerabilities/admin/manager.php');
}
$menuBlocks['meta'] = array();
$menuBlocks['meta'][] = array('id' => 'security', 'name' => 'DVWA Security', 'url' => 'security.php');
$menuBlocks['meta'][] = array('id' => 'phpinfo', 'name' => 'PHP Info', 'url' => 'phpinfo.php');
$menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
$menuBlocks['logout'] = array();
$menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
$menuHtml = '';
foreach ($menuBlocks as $menuBlock) {
$menuBlockHtml = '';
foreach ($menuBlock as $menuItem) {
$selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'selected' : '';
$fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'];
$menuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$menuItem['name']}</a></li>";
}
$menuHtml .= "<ul>{$menuBlockHtml}</ul>";
}
// Get security cookie --
$securityLevelHtml = dvwaIsCtf() ? 'CTF' : dvwaSecurityLevelGet();
// -- END
$phpIdsHtml = '<b>PHPIDS:</b> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
$userInfoHtml = '<b>Username:</b> ' . dvwaCurrentUser();
$AppModel = '<b>AppModel:</b> ' . dvwaGetModel();
$messagesHtml = messagesPopAllToHtml();
if ($messagesHtml) {
$messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
}
$systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br />{$AppModel}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
if ($pPage['source_button'] && !dvwaIsCtf()) {
$systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
}
if ($pPage['help_button'] && !dvwaIsCtf()) {
$systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
}
if (dvwaIsCtf()) {
$addr = xlabGetLocation();
$systemInfoHtml = "<label for=\"QNUM\">CTF Numbers:</label><form action=\"{$addr}/vulnerabilities/ctf/\" method=\"GET\">" . dvwaGetlist() . "<input type=\"submit\" name=\"select\" value='select'>\n\t\t</form>" . "{$systemInfoHtml}";
$value = (isset($_GET['pid']) and is_numeric($_GET['pid'])) ? $_GET['pid'] : '1';
$ctfselect = xlabGetJs(xlabJqSelect("ctf_select", $value));
#$ctfselect="<script>document.getElementById('ctf_select').options[5].setAttribute('selected', 'selected');</script>";
}
// Send Headers + main HTML code
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n\n\t<head>\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n\n\t\t<title>{$pPage['title']}</title>\n\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\n\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\n\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\n\n\t</head>\n\n\t<body class=\"home\">\n\t\t<div id=\"container\">\n\n\t\t\t<div id=\"header\">\n\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/logo.png\" alt=\"Damn Vulnerable Web App\" />\n\n\t\t\t</div>\n\n\t\t\t<div id=\"main_menu\">\n\n\t\t\t\t<div id=\"main_menu_padded\">\n\t\t\t\t{$menuHtml}\n\t\t\t\t</div>\n\n\t\t\t</div>\n\n\t\t\t<div id=\"main_body\">\n\t\t\t\t<script src='../../dvwa/js/jquery.js' type='text/javascript' charset='utf-8'></script>\n\t\t\t\t{$pPage['body']}\n\t\t\t\n\t\t\t\t<br />\n\t\t\t\t<br />\n\t\t\t\t{$messagesHtml}\n\n\t\t\t</div>\n\n\t\t\t<div class=\"clear\">\n\t\t\t</div>\n\n\t\t\t<div id=\"system_info\">\n\t\t\t\t{$systemInfoHtml}\n\t\t\t</div>\n\n\t\t\t<div id=\"footer\">\n\t\t\t\t{$ctfselect}\n\t\t\t\t<p>HTJC SeclabX ASystem (XlabAS) v" . dvwaVersionGet() . "</p>\n\n\t\t\t</div>\n\n\t\t</div>\n\n\t</body>\n\n</html>";
}
function dvwaHtmlEcho($pPage)
{
$menuBlocks = array();
$menuBlocks['home'] = array();
$menuBlocks['home'][] = array('id' => 'home', 'name' => 'Home', 'url' => '.');
$menuBlocks['home'][] = array('id' => 'instructions', 'name' => 'Instructions', 'url' => 'instructions.php');
$menuBlocks['vulnerabilities'] = array();
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-63321', 'name' => 'Regex #02-Domain too', 'url' => 'vulnerabilities/WooYun-2014-63321/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-61978', 'name' => 'CSRF #01-Flash Upload', 'url' => 'vulnerabilities/WooYun-2014-61978/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-61361', 'name' => 'Sqli QUERY_STRING', 'url' => 'vulnerabilities/WooYun-2014-61361/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-59940', 'name' => 'Regex #01-Domain fraud', 'url' => 'vulnerabilities/WooYun-2014-59940/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-53384', 'name' => 'Sqli filter #02-Once', 'url' => 'vulnerabilities/WooYun-2014-53384/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-52257', 'name' => 'Sqli Mysql #01', 'url' => 'vulnerabilities/WooYun-2014-52257/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-52248', 'name' => 'No [Comma] Sqli', 'url' => 'vulnerabilities/WooYun-2014-52248/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51950', 'name' => 'Sqli using [Slashes]', 'url' => 'vulnerabilities/WooYun-2014-51950/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51687', 'name' => 'Sqli filter #02-80sec', 'url' => 'vulnerabilities/WooYun-2014-51687/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51536', 'name' => 'XSS #08-mXSS', 'url' => 'vulnerabilities/WooYun-2014-51536/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-51505', 'name' => 'Sqli filter #01', 'url' => 'vulnerabilities/WooYun-2014-51505/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-50644', 'name' => 'No [Space] Sqli', 'url' => 'vulnerabilities/WooYun-2014-50644/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2014-50315', 'name' => 'XSS #07-SVG', 'url' => 'vulnerabilities/WooYun-2014-50315/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-34885', 'name' => 'Contradiction #01', 'url' => 'vulnerabilities/WooYun-2013-34885/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-31669', 'name' => 'Indirect SQLi #01', 'url' => 'vulnerabilities/WooYun-2013-31669/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-20759', 'name' => 'Decrypt #01-CCA2', 'url' => 'vulnerabilities/WooYun-2013-20759/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2013-19115', 'name' => 'Workflow #1-302', 'url' => 'vulnerabilities/WooYun-2013-19115/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16598', 'name' => 'XSS #06-Flash02', 'url' => 'vulnerabilities/WooYun-2012-16598/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16532', 'name' => 'XSS #05-Flash01', 'url' => 'vulnerabilities/WooYun-2012-16532/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16041', 'name' => 'XSS #04-Encoding', 'url' => 'vulnerabilities/WooYun-2012-16041/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-16003', 'name' => 'XSS #03-InComment', 'url' => 'vulnerabilities/WooYun-2012-16003/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-15979', 'name' => 'XSS #02-TwoVars', 'url' => 'vulnerabilities/WooYun-2012-15979/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2012-15969', 'name' => 'XSS #01-GBK', 'url' => 'vulnerabilities/WooYun-2012-15969/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'WooYun-2011-02236', 'name' => 'LFI+log', 'url' => 'vulnerabilities/WooYun-2011-02236/.');
$menuBlocks['vulnerabilities'][] = array('id' => 'Drops-1015', 'name' => 'Linux pentest tricks', 'url' => 'vulnerabilities/Drops-1015/.');
$menuBlocks['meta'] = array();
$menuBlocks['meta'][] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
$menuBlocks['logout'] = array();
$menuBlocks['logout'][] = array('id' => 'logout', 'name' => 'Logout', 'url' => 'logout.php');
$menuHtml = '';
foreach ($menuBlocks as $menuBlock) {
$menuBlockHtml = '';
foreach ($menuBlock as $menuItem) {
$selectedClass = $menuItem['id'] == $pPage['page_id'] ? 'list-group-item active' : 'list-group-item';
$fixedUrl = DVWA_WEB_PAGE_TO_ROOT . $menuItem['url'] . '#here_body';
$menuBlockHtml .= "<a href=\"{$fixedUrl}\" onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\">{$menuItem['name']}</a>";
}
$menuHtml .= "<ul>{$menuBlockHtml}</ul>";
}
// Get security cookie --
$securityLevelHtml = '';
switch (dvwaSecurityLevelGet()) {
case 'low':
$securityLevelHtml = 'low';
break;
case 'medium':
$securityLevelHtml = 'medium';
break;
case 'high':
$securityLevelHtml = 'high';
break;
default:
$securityLevelHtml = 'low';
break;
}
// -- END
$phpIdsHtml = '<b>PHPIDS:</b> ' . (dvwaPhpIdsIsEnabled() ? 'enabled' : 'disabled');
$userInfoHtml = '<b>Username:</b> ' . dvwaCurrentUser();
$messagesHtml = messagesPopAllToHtml();
if ($messagesHtml) {
$messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
}
$systemInfoHtml = "<div align=\"left\">{$userInfoHtml}<br /><b>Security Level:</b> {$securityLevelHtml}<br />{$phpIdsHtml}</div>";
if ($pPage['source_button']) {
$systemInfoHtml = dvwaButtonSourceHtmlGet($pPage['source_button']) . " {$systemInfoHtml}";
}
if ($pPage['help_button']) {
$systemInfoHtml = dvwaButtonHelpHtmlGet($pPage['help_button']) . " {$systemInfoHtml}";
}
// Send Headers + main HTML code
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n\r\n\t\t<title>{$pPage['title']}</title>\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/main.css\" />\r\n\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/bootstrap.min.css\" />\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/bootstrap-theme.min.css\" />\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/css/navbar-fixed-top.css\" />\r\n\r\n\t\t<link rel=\"icon\" type=\"\\image/ico\" href=\"" . DVWA_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n\r\n\t\t<script type=\"text/javascript\" src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/js/dvwaPage.js\"></script>\r\n\r\n\t</head>\r\n\r\n\t<body class=\"home\">\r\n\r\n\t\t\t<div id=\"header\" style=\"text-align:center;\">\r\n\r\n\t\t\t\t<img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/wooyun_logo.jpg\" alt=\"WooYun DVWA\" height=\"200\" width=\"800\"/>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t<div id=\"container\" align=\"center\">\r\n\r\n <div class=\"navbar navbar-default navbar-fixed-top\" role=\"navigation\" >\r\n <div class=\"container\">\r\n <div class=\"navbar-header\">\r\n <button type=\"button\" class=\"navbar-toggle collapsed\" data-toggle=\"collapse\" data-target=\".navbar-collapse\">\r\n <span class=\"sr-only\">Toggle navigation</span>\r\n <span class=\"icon-bar\"></span>\r\n <span class=\"icon-bar\"></span>\r\n <span class=\"icon-bar\"></span>\r\n </button>\r\n <a class=\"navbar-brand\" href=\"#\">DVWA WooYun</a>\r\n </div>\r\n <div class=\"navbar-collapse collapse\">\r\n <ul class=\"nav navbar-nav\">\r\n <li><a href=\"/\">Home</a></li>\r\n <li><a href=\"http://wooyun.org\">Wooyun</a></li>\r\n <li><a href=\"/instructions.php#here_body\">Instructions</a></li>\r\n </ul>\r\n <ul class=\"nav navbar-nav navbar-right\">\r\n <li><a href=\"/about.php#here_body\">About</a></li>\r\n <li><a href=\"/logout.php\">Logout</a></li>\r\n </ul>\r\n </div><!--/.nav-collapse -->\r\n </div>\r\n </div>\r\n\r\n<a name=\"here_body\"></a><!-- 定义锚点 --> \r\n<br>\r\n<br>\r\n<br>\r\n\r\n\t\t\t<div id=\"main_menu\" style=\"width:20%;float:left;padding-left: 15px;\">\r\n\r\n\t\t\t\t<div class=\"row\">\r\n\t\t\t\t\t<div class=\"list-group\">\r\n\t\t\t\t\t\t{$menuHtml}\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"main_body\" style=\"width:75%;float:right\">\r\n\r\n\t\t\t\t{$pPage['body']}\r\n\t\t\t\t<br />\r\n\t\t\t\t<br />\r\n\t\t\t\t{$messagesHtml}\r\n\t\t\t\t{$systemInfoHtml}\r\n\r\n\t\t\t</div>\r\n\r\n\t\t\t<div class=\"clear\">\r\n\t\t\t</div>\r\n\r\n\t\t\t<div id=\"footer\">\r\n\r\n\t\t\t\t<p>WooYun DVWA v" . dvwaVersionGet() . "</p>\r\n\r\n\t\t\t</div>\r\n\r\n\t\t</div>\r\n\r\n\t</body>\r\n\r\n</html>";
}
function blobNoLoginHtmlEcho($pPage, $right)
{
$homepage = BLOB_WEB_PAGE_TO_ROOT . 'index.php';
$pmenuBlocks = array();
$pmenuBlocks[] = array('id' => 'login', 'name' => 'Login', 'url' => 'login.php');
$pmenuBlocks[] = array('id' => 'join', 'name' => 'Join', 'url' => 'join.php');
$pmenuBlocks[] = array('id' => 'about', 'name' => 'About', 'url' => 'about.php');
$primaryMenuHtml = '';
$pmenuBlockHtml = '';
foreach ($pmenuBlocks as $pmenuItem) {
$selectedClass = $pmenuItem['id'] == $pPage['page_id'] ? 'selected' : '';
$fixedUrl = BLOB_WEB_PAGE_TO_ROOT . $pmenuItem['url'];
$pmenuBlockHtml .= "<li onclick=\"window.location='{$fixedUrl}'\" class=\"{$selectedClass}\"><a href=\"{$fixedUrl}\">{$pmenuItem['name']}</a></li>";
}
$primaryMenuHtml .= "<ul>{$pmenuBlockHtml}</ul>";
$quote = getQuote();
$messagesHtml = messagesPopAllToHtml();
if ($messagesHtml) {
$messagesHtml = "<div class=\"body_padded\">{$messagesHtml}</div>";
}
// Send Headers + main HTML code
Header('Cache-Control: no-cache, must-revalidate');
// HTTP/1.1
Header('Content-Type: text/html;charset=utf-8');
// TODO- proper XHTML headers...
Header("Expires: Tue, 23 Jun 2009 12:00:00 GMT");
// Date in the past
echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n <head>\r\n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n <title>{$pPage['title']}</title>\r\n <link rel=\"stylesheet\" type=\"text/css\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/css/login.css\" />\r\n <link rel=\"stylesheet\" type=\"text/css\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/css/main.css\" />\r\n <link rel=\"icon\" type=\"\\image/ico\" href=\"" . BLOB_WEB_PAGE_TO_ROOT . "favicon.ico\" />\r\n {$pPage['script']}\r\n </head>\r\n <body {$pPage['onload']} class=\"home\">\r\n <div id=\"header\">\r\n <a href=\"{$homepage}\"><img class=\"header_img\" src=\"" . BLOB_WEB_PAGE_TO_ROOT . "blob/images/logo.png\" alt=\"blob\" height=40 width=60/></a>\r\n <div id=\"quote\">\r\n {$quote}\r\n </div>\r\n\r\n <div id=\"primary_menu\">\r\n {$primaryMenuHtml}\r\n </div>\r\n </div>\r\n <div id=\"wrapper\">\r\n <div id=\"container\" class=\"rounded-corners\">\r\n <div id=\"main_menu\">\r\n <div id=\"main_menu_padded\">\r\n\t\t {$right}\r\n </div>\r\n </div>\r\n <div id=\"main_body\" class=\"rounded-corners-left\">\r\n {$pPage['body']}\r\n <center>\r\n {$messagesHtml}\r\n </center>\r\n </div>\r\n <div class=\"clear\">\r\n </div>\r\n </div>\r\n <div id=\"footer\" class=\"rounded-corners\">\r\n <p>Greenify " . blobVersionGet() . " is a Free and OpenSource Microblogging client</p>\r\n </div>\r\n </div>\r\n </body>\r\n</html>";
}