Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • November 9, 2024 at 2:20 pm #201934
    icare90
    Participant

    Hi,

    When accessing http://172.16.128.131/dvwa//hackable/uploads/shell.php, I have the following error messages instead of a blank page

    Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1

    And running weevely
    ot@kali:~# weevely http://172.16.128.131/dvwa//hackable/uploads/shell.php 5369
    [+] weevely 4.0.1

    [+] Target: 172.16.128.131
    [+] Session: /root/.weevely/sessions/172.16.128.131/shell_0.session

    [+] Browse the filesystem or execute commands starts the connection
    [+] to the target. Type :help for more information.

    weevely> pwd
    Backdoor communication failed, check URL availability and password
    weevely>

    The password if the right one. I’ve tried this on the customized kali and “normal” version; same error on both
    Any idea of what could cause this error?

    Thanks in advance

    November 9, 2024 at 6:20 pm #201935
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Download and import the latest custom kali, it has a fix for this issue.

    Greetings!
    Diego

    November 10, 2024 at 7:52 am #201948
    icare90
    Participant

    Hi Diego,

    I use the custom Kali 2024 version Was it recently modified ?

    Greetings

    November 11, 2024 at 6:59 pm #201970
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Yes, it was recently updated, the latest version is v1.3.

    Greetings!
    Diego

    November 17, 2024 at 7:53 am #202067
    icare90
    Participant

    Hi Diego,

    Same error messages with the v1.3 version

    Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Any solution ?

    November 18, 2024 at 7:59 pm #202085
    Diego PérezDiego Pérez
    Moderator

    Hi!
    As mentioned in the lecture, you need to connect to it via weevely command line, have you tried it yet? is it working? And I mean with the latest custom kali.
    Also, did you run any upgrade after importing it?

    Greetings!
    Diego

    November 24, 2024 at 2:54 pm #202247
    icare90
    Participant

    Hi,

    It is exactly what I did with the latest custom kali and it did not work

    weevely> ls
    Backdoor communication failed, check URL availability and password

    Thanks

    November 24, 2024 at 5:09 pm #202249
    icare90
    Participant

    Hello Diego,

    Correction : it works with the latest custom kali. I was still using the previous one.

    Thanks

    November 27, 2024 at 6:27 pm #202351
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Glad you got it!
    Diego

  • Author
    Posts
Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.