Skip to content
PHP Runtime Vulnerability Detection
PHP Python Dockerfile Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
artwork
dvwa add English README Feb 12, 2019
src move PRVD_Fuzzer_Client to shutdown function Dec 9, 2018
tests
tools add php version fuzzer Dec 6, 2018
.gitignore Hello World Oct 16, 2018
.travis.yml fix travis test error Feb 12, 2019
Dockerfile Add dockerfile for prvd Nov 12, 2018
LICENSE
README.md Add English README Feb 11, 2019
README.zh-CN.md Add English README Feb 11, 2019
composer.json Specified sentry‘s version to 1.10 May 25, 2019
entrypoint.php Add dockerfile for prvd Nov 12, 2018
phpunit.xml Hello World Oct 16, 2018
prvd.ini Add dockerfile for prvd Nov 12, 2018
test.sh Hello World Oct 16, 2018
travis-php.ini Make it simple Nov 12, 2018

README.md

prvd

Build Status GitHub

中文文档

Table of Contents

Introduction

PHP Runtime Vulnerability Detection

sentry_detail

Installation

  1. git clone to a non-web directory, assuming the directory is /data/prvd
git clone https://github.com/fate0/prvd.git /data/prvd
  1. composer
composer install
  1. install xmark extension
  1. edit php.ini
  • set auto_prepend_file to /data/prvd/src/Entry.php
  • set extension to xmark.so
  • for the rest of the configuration, please copy the contents of prvd.ini in this project

Configuration

edit /data/prvd/src/Config.php

define("PRVD_FUZZER_DSN", "");
define("PRVD_SENTRY_DSN", "");        
define("PRVD_TAINT_ENABLE", true);
define("PRVD_TANZI", "xtanzi");
define("PRVD_LOG_FILE", "/data/prvd/prvd.log");

Sign up for an account at https://sentry.io or install sentry server by yourself

DVWA

You can use the docker to experience prvd

docker pull fate0/prvd-dvwa
docker run -d -e "PRVD_SENTRY_DSN={YOUR_SENTRY_DSN}" -p 80:80 fate0/prvd-dvwa

The environment variables that can be set are

  • PRVD_FUZZER_DSN
  • PRVD_SENTRY_DSN
  • PRVD_TAINT_ENABLE
  • PRVD_TANZI

More about prvd-dvwa can be seen here

How it work

Ref

You can’t perform that action at this time.