6 thoughts on “moth: vulnerable vm image for web app security scans”

1. Something to note, the keyboard layout is set to “latam” and not “us”. To change this you need to edit /etc/default/console-setup and change the setting for xkblayout.
   Some keys to make life easier
   type & to get a /
   type / to get a –
   type > to get a : (I believe… not sure on this one).

2. Hi,
   I get completely messed up with the networking configuration. I can see two network interfaces in the VMX file (one bridge and one NAT), but after logging in I can see only “lo” amd “vnet0”. Any possible solutions ?

3. Me, too.
   Any suggestions?

4. Hey Fred and Nick!
   I have the same issue. Try running “sudo ifconfig -a” to see ALL of your interfaces. When I brought it up, I also have eth2 (NAT) and eth3 (BRIDGED) which you could change in the VMWare settings for that VM if you’d like.
   Hope this helps!

5. Tyler – Thanks a ton for your posting. I would have been there for a while trying to figure out the translated keys…got it working in us format now.
   For the other 2 – The resolution prevents you from seeing all of the output when you ifconfig. You might pipe the output to more like this (dont forget the pipe | symbol)
   ifconfig | more
   Alternatively you can say
   ifconfig eth0
   …or whatever interface you’re interested in.

6. I downloaded this app and I haven’t been able to get it to work correctly.
   First off you need to change the keyboard layout: “sudo loadkeys us”.
   You also need to fix some of the Wivet files (menu.php, etc.) because it is not calculating the base address correctly and you need to remove some php code in the code… The Buffer overflow and string format vulns don’t work. The python and perl code eval don’t work either. If I get them working I will post the fixed vmware image. =/

Comments are closed.