Mutillidae: Born to be Hacked
Version: 2.1.19 Not Logged In
Home Login/Register Toggle Hints Toggle Security Reset DB View Log View Captured Data

OWASP
Site hacked...err...quality-tested with Samurai WTF, Backtrack, Firefox, Burp-Suite, Netcat, and these Mozilla Add-ons
 
 
Twitter
@webpwnized
 
YouTube
Mutillidae
Channel
 
Developed by Adrian "Irongeek" Crenshaw and Jeremy Druin
Usage Instructions
Get rid of PHP "strict" errors. They are not compatible with the OWASP ESAPI classes in use in Mutillidae 2.0. The error modifies headers disrupting functionality so this is not simply an annoyance issue. To do this, go to the PHP.INI file and change the line that reads "error_reporting = E_ALL | E_STRICT" to "error_reporting = E_ALL & ~E_NOTICE & ~E_WARNING & ~E_DEPRECIATED". Once the modification is complete, restart the Apache service. If you are not sure how to restart the service, reboot.

Important note: If you use XAMPP Lite or various version of XAMPP on various operating systems, the path for your php.ini file may vary. You may even have multiple php.ini files in which case try to modify the one in the Apache directory first, then the one in the PHP file if that doesnt do the trick.

Windows possible default location C:\xampp\php\php.ini, C:\XamppLite\PHP\php.ini, others Linux possible default locations: /XamppLite/PHP/php.ini, /XamppLite/apache/bin/php.ini, others
Browser: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
PHP Version: 5.2.4-2ubuntu5.10
The newest version of Mutillidae can downloaded from Irongeek's Site