Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • November 9, 2024 at 2:20 pm #201934
    icare90
    Participant

    Hi,

    When accessing http://172.16.128.131/dvwa//hackable/uploads/shell.php, I have the following error messages instead of a blank page

    Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1

    And running weevely
    ot@kali:~# weevely http://172.16.128.131/dvwa//hackable/uploads/shell.php 5369
    [+] weevely 4.0.1

    [+] Target: 172.16.128.131
    [+] Session: /root/.weevely/sessions/172.16.128.131/shell_0.session

    [+] Browse the filesystem or execute commands starts the connection
    [+] to the target. Type :help for more information.

    weevely> pwd
    Backdoor communication failed, check URL availability and password
    weevely>

    The password if the right one. I’ve tried this on the customized kali and “normal” version; same error on both
    Any idea of what could cause this error?

    Thanks in advance

    November 9, 2024 at 6:20 pm #201935
    Diego PérezDiego Pérez
    Participant

    Hi!
    Download and import the latest custom kali, it has a fix for this issue.

    Greetings!
    Diego

    November 10, 2024 at 7:52 am #201948
    icare90
    Participant

    Hi Diego,

    I use the custom Kali 2024 version Was it recently modified ?

    Greetings

    November 11, 2024 at 6:59 pm #201970
    Diego PérezDiego Pérez
    Participant

    Hi!
    Yes, it was recently updated, the latest version is v1.3.

    Greetings!
    Diego

    November 17, 2024 at 7:53 am #202067
    icare90
    Participant

    Hi Diego,

    Same error messages with the v1.3 version

    Warning: include(phar://shell.php/x) [function.include]: failed to open stream: No such file or directory in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Warning: include() [function.include]: Failed opening ‘phar://shell.php/x’ for inclusion (include_path=’.:/usr/share/php:/usr/share/pear’) in /var/www/dvwa/hackable/uploads/shell.php on line 1

    Any solution ?

    November 18, 2024 at 7:59 pm #202085
    Diego PérezDiego Pérez
    Participant

    Hi!
    As mentioned in the lecture, you need to connect to it via weevely command line, have you tried it yet? is it working? And I mean with the latest custom kali.
    Also, did you run any upgrade after importing it?

    Greetings!
    Diego

    November 24, 2024 at 2:54 pm #202247
    icare90
    Participant

    Hi,

    It is exactly what I did with the latest custom kali and it did not work

    weevely> ls
    Backdoor communication failed, check URL availability and password

    Thanks

    November 24, 2024 at 5:09 pm #202249
    icare90
    Participant

    Hello Diego,

    Correction : it works with the latest custom kali. I was still using the previous one.

    Thanks

    November 27, 2024 at 6:27 pm #202351
    Diego PérezDiego Pérez
    Participant

    Hi!
    Glad you got it!
    Diego

  • Author
    Posts
Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.
Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Powered by  GDPR Cookie Compliance