This is the third day of my participation in the August More text Challenge. For details, see:August is more challenging

DVWA Target Field – Ubuntu setup method

Damn Vulnerable Web App DVWA (Damn Vulnerable Web App) is a PHP/MySql based Web application designed to provide a legitimate environment for security professionals to test their skills and tools, and to help Web developers better understand the Web application security process.

Environment description

Ubuntu Server installs the DVWA platform

The installation process

Install Apache2

sudo apt install apache2 -y
Copy the code

Installing PHP

sudo apt install php -y
sudo apt-get install libapache2-mod-php -y
Copy the code

Install and configure the MySQL database

Sudo apt install mysql-server php7.2-mysql-y sudo apt-get install mysql-clientCopy the code

(1)MySQL security configuration wizard. After installing mysql-server, it will prompt you to run mysql_secure_installation

Set the password for user root
Delete anonymous Accounts
Cancel the remote login as user root
Delete the test library and access to the test library
Refresh the authorization table for the modification to take effect

mysql_secure_installation
Copy the code

(2) If no configuration information is displayed during the installation, check the initial password:

sudo vim /etc/mysql/debian.cnf
Copy the code

The initial password is found in the password field of the file

Such as:

password = GHsacqwdq1356465
Copy the code

Mysql > use this password to log in to mysql:

mysql -u debian-sys-maint -p GHsacqwdq1356465
Copy the code

After successful login, change the password:

use mysql; Update user set authentication_string=PASSWORD(" custom PASSWORD ") where user='root'; update user set plugin="mysql_native_password"; flush privileges; quit;Copy the code

And then restart mysql

/etc/init.d/mysql restart;
Copy the code

New password for logging in to the mysql database

Mysql -u root -p password;Copy the code

Install phpmyadmin

sudo apt-get install phpmyadmin
sudo apt-get install php-mbstring
sudo apt-get install php-gettext
Copy the code

Download the DVWA package from the official website

www.dvwa.co.uk/

Move the decompressed DVWA package to the /var/www/html/ file in Ubuntu.

sudo cp DVWA-master /var/www/html/
Copy the code

Configure DVWA by modifying config.inc.php

Note Change the name of the file and the password used to link to mysql in the file to the password used to configure mysql.

cd /var/www/html/DVWA-master/config/
sudo cp config.inc.php.dist config.inc.php
sudo vim config.inc.php
Copy the code

access

You can use Windows browser ubuntu Server IP address +DVWA-master to access

eg: http://IP:80/DVWA-maste

Refer to the link

Use Docker to build Web vulnerability test environment

docker-vulnerability-environment

vulnerables/web-dvwa

Freebuf series reference articles

www.cnblogs.com/HonkerYblog…

DVWA website

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Quickly build a shooting range vulnerability environment | DVWA for Ubuntu

DVWA Target Field – Ubuntu setup method

Environment description

The installation process

access

Refer to the link

Quickly build a shooting range vulnerability environment | DVWA for Ubuntu

DVWA Target Field – Ubuntu setup method

Environment description

The installation process

access

Refer to the link

Related Posts

The computer entrance examination 408 daily question DAY113

Summary of user type judgment

Js regular expressions – The basics