DVWA - Stored XSS not working
358 views
Skip to first unread message
Owen
Aug 24, 2010, 6:52:36 AM8/24/10
to owaspbwa
Hi there,
I was using the VM today and noticed that the stored XSS part of DVWA
does not work, as you get an error message saying the table is read
only. This can be fixed by running the following commands from within
the VM:
chown -R mysql:mysql /owaspbwa/owaspbwa-svn/var/lib/mysql/dvwa
There are also some files in the DVWA database directory that prevent
you from resetting the DB via the 'setup' function.
These can be removed by running the following:
rm -r /owaspbwa/owaspbwa-svn/var/lib/mysql/dvwa/
Once you've done these, you need to restart the mysql service:
/etc/init.d/mysql restart
Then you can reset the database and DVWA seems to work properly.
Hope that helps anyone who has run into the same problem.
I was using the VM today and noticed that the stored XSS part of DVWA
does not work, as you get an error message saying the table is read
only. This can be fixed by running the following commands from within
the VM:
chown -R mysql:mysql /owaspbwa/owaspbwa-svn/var/lib/mysql/dvwa
There are also some files in the DVWA database directory that prevent
you from resetting the DB via the 'setup' function.
These can be removed by running the following:
rm -r /owaspbwa/owaspbwa-svn/var/lib/mysql/dvwa/
Once you've done these, you need to restart the mysql service:
/etc/init.d/mysql restart
Then you can reset the database and DVWA seems to work properly.
Hope that helps anyone who has run into the same problem.
Chuck Willis
Aug 30, 2010, 9:14:02 PM8/30/10
to owas...@googlegroups.com
Owen,
Thanks much for posting this information. We'll incorporate this
fix into the next release and anyone who wants to apply the fix
locally can follow your instructions.
If you (or anyone else) has any additional bug fixes, feel free to
post them to the list here. We appreciate any and all feedback!
Chuck
Reply all
Reply to author
Forward
0 new messages