- This topic has 8 replies, 2 voices, and was last updated 1 week, 4 days ago by Diego Pérez.
- AuthorPosts
- November 9, 2024 at 2:20 pm #201934icare90Participant
Hi,
When accessing http://172.16.128.131/dvwa//hackable/uploads/shell.php, I have the following error messages instead of a blank page
Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1
Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1
And running weevely
ot@kali:~# weevely http://172.16.128.131/dvwa//hackable/uploads/shell.php 5369
[+] weevely 4.0.1[+] Target: 172.16.128.131
[+] Session: /root/.weevely/sessions/172.16.128.131/shell_0.session[+] Browse the filesystem or execute commands starts the connection
[+] to the target. Type :help for more information.weevely> pwd
Backdoor communication failed, check URL availability and password
weevely>The password if the right one. I’ve tried this on the customized kali and “normal” version; same error on both
Any idea of what could cause this error?Thanks in advance
November 9, 2024 at 6:20 pm #201935Diego PérezModeratorHi!
Download and import the latest custom kali, it has a fix for this issue.Greetings!
DiegoNovember 10, 2024 at 7:52 am #201948icare90ParticipantHi Diego,
I use the custom Kali 2024 version Was it recently modified ?
Greetings
November 11, 2024 at 6:59 pm #201970Diego PérezModeratorHi!
Yes, it was recently updated, the latest version is v1.3.Greetings!
DiegoNovember 17, 2024 at 7:53 am #202067icare90ParticipantHi Diego,
Same error messages with the v1.3 version
Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1
Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1
Any solution ?
November 18, 2024 at 7:59 pm #202085Diego PérezModeratorHi!
As mentioned in the lecture, you need to connect to it via weevely command line, have you tried it yet? is it working? And I mean with the latest custom kali.
Also, did you run any upgrade after importing it?Greetings!
DiegoNovember 24, 2024 at 2:54 pm #202247icare90ParticipantHi,
It is exactly what I did with the latest custom kali and it did not work
weevely> ls
Backdoor communication failed, check URL availability and passwordThanks
November 24, 2024 at 5:09 pm #202249icare90ParticipantHello Diego,
Correction : it works with the latest custom kali. I was still using the previous one.
Thanks
November 27, 2024 at 6:27 pm #202351Diego PérezModeratorHi!
Glad you got it!
Diego - AuthorPosts
- You must be logged in to reply to this topic.