DVWA: Difference between revisions
Content added Content deleted
No edit summary |
No edit summary |
||
Line 7: | Line 7: | ||
sudo apt update && sudo apt upgrade |
sudo apt update && sudo apt upgrade |
||
sudo apt install apache2 mysql-server libapache2-mod-php7.0 libapache2-mod-fastcgi php7.0-fpm php7.0 php-mysql php7.0-mbstring php7.0-gd |
sudo apt install apache2 mysql-server libapache2-mod-php7.0 libapache2-mod-fastcgi php7.0-fpm php7.0 php-mysql php7.0-mbstring php7.0-gd |
||
When prompted, create a password for MySQL. |
|||
Edit PHP function: |
Edit PHP function: |
||
vim /etc/php/7.0/apache2/php.ini |
sudo vim /etc/php/7.0/apache2/php.ini |
||
allow_url_include = On |
allow_url_include = On |
||
In the bottom of apache.conf add the hostname: |
|||
nano /etc/apache2/apache2.conf |
|||
ServerName localhost |
|||
Download the DVWA files: |
Download the DVWA files: |
||
Line 17: | Line 23: | ||
Rename config.inc.php and Edit MySQL password: |
Rename config.inc.php and Edit MySQL password: |
||
sudo mv /var/www/html/dvwa/config/config.inc.php.dist /var/www/html/dvwa/config/config.inc.php |
sudo mv /var/www/html/dvwa/config/config.inc.php.dist /var/www/html/dvwa/config/config.inc.php |
||
vim /var/www/html/dvwa/config/config.inc.php |
sudo vim /var/www/html/dvwa/config/config.inc.php |
||
$_DVWA[ 'db_password' ] = 'dbpassword'; |
$_DVWA[ 'db_password' ] = 'dbpassword'; |
||
Give the write permission to folder and file: |
Give the write permission to folder and file: |
||
chmod 777 /var/www/html/dvwa/hackable/uploads/ |
sudo chmod 777 /var/www/html/dvwa/hackable/uploads/ |
||
If there are access related issue then only make the directory globally writeable: |
If there are access related issue then only make the directory globally writeable: |
||
chmod -R 777 /var/www/html/dvwa |
sudo chmod -R 777 /var/www/html/dvwa |
||
Create DVWA database: |
Create DVWA database: |
||
Line 35: | Line 41: | ||
Restart Apache: |
Restart Apache: |
||
service apache2 restart |
sudo service apache2 restart |
||
Access the application: |
Access the application: |
Latest revision as of 20:19, 25 May 2018
Source: linuxsecurityblog.com, th3phantoms.blogspot.in
Installation:
sudo apt update && sudo apt upgrade sudo apt install apache2 mysql-server libapache2-mod-php7.0 libapache2-mod-fastcgi php7.0-fpm php7.0 php-mysql php7.0-mbstring php7.0-gd
When prompted, create a password for MySQL.
Edit PHP function:
sudo vim /etc/php/7.0/apache2/php.ini allow_url_include = On
In the bottom of apache.conf add the hostname:
nano /etc/apache2/apache2.conf ServerName localhost
Download the DVWA files:
https://github.com/ethicalhack3r/DVWA/archive/master.zip
Rename config.inc.php and Edit MySQL password:
sudo mv /var/www/html/dvwa/config/config.inc.php.dist /var/www/html/dvwa/config/config.inc.php sudo vim /var/www/html/dvwa/config/config.inc.php $_DVWA[ 'db_password' ] = 'dbpassword';
Give the write permission to folder and file:
sudo chmod 777 /var/www/html/dvwa/hackable/uploads/
If there are access related issue then only make the directory globally writeable:
sudo chmod -R 777 /var/www/html/dvwa
Create DVWA database:
mysql -u root -p create database dvwa; exit
Open the application & scrolling down and find the button Create / Reset Database
http://10.10.10.1/dvwa/setup.php
Restart Apache:
sudo service apache2 restart
Access the application:
http://10.10.10.1/dvwa/ username: admin password: password
- References
{{#widget:DISQUS
|id=networkm
|uniqid=DVWA
|url=https://aman.awiki.org/wiki/DVWA
}}