Damn Vulnerable Web Application (DVWA) - File Inclusion and WebShells
today we are going to have some fun understanding the full potential of File Inclusion attacks. my goals for today 1. a few words, Disclaimer, Lab, and links. 2. Web Shells intro with DVWA 3. How to complete the File Inclusion challenge in the new DVWA 4. Metasploit 1. a few words, Disclaimer, Lab, and links. DISCLAIMER - if you do what i teach you today you WILL go to jail. so dont do this outside of your lab. Setting up the lab - For a hacking lab download either VirtualBox or VMWare, or, if you own win10pro, you have Hyper-V. With those you can create virtual machines, and you will need 2 today, one with DVWA, and another as the attacker, which for ease better be kali, download machines from osboxes . For DVWA you can either download Metasploitable 2 or set up dvwa in some machine. In my case i just turned them both on an internal network, so they can see each other but no internet (might need to set up DHCP if you dont have any ip). For basic help about solvi...