- This topic has 6 replies, 2 voices, and was last updated 5 years ago by
.
Viewing 7 posts - 1 through 7 (of 7 total)
- Posts
Hi,
I’m at lecture 8.3
When i try to enter to http://IP_ADDRESS/dvwa/vulnerabilities/fi/?page=../../../../var/log/auth.log return to me:Warning: include(../../../../var/log/auth.log) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/vulnerabilities/fi/index.php on line 35 Warning: include() [function.include]: Failed opening '../../../../var/log/auth.log' for inclusion (include_path='.:/usr/share/php:/usr/share/pear:../../external/phpids/0.6/lib/') in /var/www/dvwa/vulnerabilities/fi/index.php on line 35 Warning: Cannot modify header information - headers already sent by (output started at /var/www/dvwa/vulnerabilities/fi/index.php:35) in /var/www/dvwa/dvwa/includes/dvwaPage.inc.php on line 324 Warning: Cannot modify header information - headers already sent by (output started at /var/www/dvwa/vulnerabilities/fi/index.php:35) in /var/www/dvwa/dvwa/includes/dvwaPage.inc.php on line 325 Warning: Cannot modify header information - headers already sent by (output started at /var/www/dvwa/vulnerabilities/fi/index.php:35) in /var/www/dvwa/dvwa/includes/dvwaPage.inc.php on line 326The security level is set to low. Same problem with medium security level. Is there anything else I can try?
Best, R.F.
Hi Riccardo!
Can you try to add a couple more ../../ to your injection?Let me know how it goes!
DiegoHi Riccardo!
You can try to import a new metasploitable, did you download it from official Rapid7 site?
Let me know.
DiegoHi Diego,
I downloaded it from the official Rapid7 website. Now I try to re-download and import the virtual machine again. I’ll keep you updated 🙂Best, R.F.
Viewing 7 posts - 1 through 7 (of 7 total)
- You must be logged in to reply to this topic.