Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

prvd

Build Status GitHub

中文文档

Table of Contents

Introduction

PHP Runtime Vulnerability Detection

sentry_detail

Installation

  1. git clone to a non-web directory, assuming the directory is /data/prvd
git clone https://github.com/fate0/prvd.git /data/prvd
  1. composer
composer install
  1. install xmark extension
  1. edit php.ini
  • set auto_prepend_file to /data/prvd/src/Entry.php
  • set extension to xmark.so
  • for the rest of the configuration, please copy the contents of prvd.ini in this project

Configuration

edit /data/prvd/src/Config.php

define("PRVD_FUZZER_DSN", "");
define("PRVD_SENTRY_DSN", "");        
define("PRVD_TAINT_ENABLE", true);
define("PRVD_TANZI", "xtanzi");
define("PRVD_LOG_FILE", "/data/prvd/prvd.log");

Sign up for an account at https://sentry.io or install sentry server by yourself

DVWA

You can use the docker to experience prvd

docker pull fate0/prvd-dvwa
docker run -d -e "PRVD_SENTRY_DSN={YOUR_SENTRY_DSN}" -p 80:80 fate0/prvd-dvwa

The environment variables that can be set are

  • PRVD_FUZZER_DSN
  • PRVD_SENTRY_DSN
  • PRVD_TAINT_ENABLE
  • PRVD_TANZI

More about prvd-dvwa can be seen here

How it work

Ref

About

PHP Runtime Vulnerability Detection

Topics

Resources

License

Releases

No releases published

Packages

No packages published