Skip to main content

File Inclusion attack on DVWA

Hey, I am not going to write much about this vulnerability. Its pretty straight forward.
The web developer has provided you the ability to include any file from the local system or even remote system. So you can be creative and include any file you want to own the system.

After watching the video, try this URL just to get the perspective:


Now, think as devilish as you can and see what else you can do with this hole ;)
Also, take a look at this exploit already present in the Metasploit framework.


Post a Comment