Tengo un problema con la ISO de xvwa

s4n7h0 / xvwa

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

GNU General Public License v3.0

1.7k stars 339 forks source link

Tengo un problema con la ISO de xvwa #39

Open ghost opened 4 years ago

ghost commented 4 years ago

He bajado la ISO, pero tengo muchos problemas. Vulnerabilidades como las de el ssrf no funcionan. Espero puedan corregir eso.

rmarot commented 2 years ago

The issue is that the images directory is not created in the ssrf_xspa directory, leading the the file_puts_contents call fail when trying to write the content fetched from this request in the image file here : https://github.com/s4n7h0/xvwa/blob/master/vulnerabilities/ssrf_xspa/home.php#L35

You should either manually create this folder with the proper permissions or update the home.php script to create the directory prior calling file_puts_contents

rmarot commented 2 years ago

I believe this was the original goal of this PR which was not finished : https://github.com/s4n7h0/xvwa/pull/13