Mutillidae: Born to be Hacked
Version: 2.1.19 Not Logged In
Home Login/Register Toggle Security Reset DB View Log View Captured Data

OWASP
Site hacked...err...quality-tested with Samurai WTF, Backtrack, Firefox, Burp-Suite, Netcat, and these Mozilla Add-ons
 
 
Twitter
@webpwnized
 
YouTube
Mutillidae
Channel
 
Developed by Adrian "Irongeek" Crenshaw and Jeremy Druin
Arbitrary File Inclusion
Arbitrary File Inclusion
 
 
Current Page: arbitrary-file-inclusion.php
 
 
Notice that the page displayed by Mutillidae is decided by the value in the "page" variable.
The "page" variable is passed as a URL query parameter.
What could possibly go wrong?
 
Browser: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
PHP Version: Not Available (Secure mode doesn't blab the server version)
The newest version of Mutillidae can downloaded from Irongeek's Site