Mutillidae: Born to be Hacked
Version: 2.1.19 Not Logged In
Home Login/Register Toggle Security Reset DB View Log View Captured Data

OWASP
Site hacked...err...quality-tested with Samurai WTF, Backtrack, Firefox, Burp-Suite, Netcat, and these Mozilla Add-ons
 
 
Twitter
@webpwnized
 
YouTube
Mutillidae
Channel
 
Developed by Adrian "Irongeek" Crenshaw and Jeremy Druin
 
Error: Failure is always an option and this situation proves it
MessageSorry. An error occured. Support has been notified.
Did you setup/reset the DB?
 
Capture Data
Data Capture Page
 
This page is designed to capture any parameters sent and store them in a file and a database table. It loops through the POST and GET parameters and records them to a file named captured-data.txt. On this system, the file should be found at /var/www/mutillidae/captured-data.txt. The page also tries to store the captured data in a database table named captured_data. There is another page named captured-data.php that attempts to list the contents of this table.
 
The data captured on this request is: page = capture-data.php\nshowhints = 0\nPHPSESSID = ef7fb73f24ad23bb8cd5f89f357fc977\nshowhints = 0\nPHPSESSID = ef7fb73f24ad23bb8cd5f89f357fc977\n
 
Would it be possible to hack the hacker? Assume the hacker will view the captured requests with a web browser.
 
Browser: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
PHP Version: Not Available (Secure mode doesn't blab the server version)
The newest version of Mutillidae can downloaded from Irongeek's Site