Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.It is a best platform to practice web application hacking and security.
1. Download DVWA :
pentestal0ne@kali:/# wget http://downloads.sourceforge.net/project/dvwa/DVWA-1.0.7.zip? r=&ts=1410092252
or you can also use web browser to download :
http://sourceforge.net/projects/dvwa/files/latest/download
2. Unzip download file
pentestal0ne@kali:/# unzip DVWA-1.0.7.zip
4. Set permission of DVWA into 755
pentestal0ne@kali:/# chmod -R 755 /var/www/dvwa and hit enter
9. Now Create Database for dvwa
pentestal0ne@kali:/# service apache2 start && service mysql start
pentestal0ne@kali:/# mysql
pentestal0ne@kali:/# show databases;
pentestal0ne@kali:/# create database dwva
pentestal0ne@kali:/# exit
Terminal type exit and hit enter( or Ctrl+D)
10. Open Web Browser and Type
http:// 127.0.0.1/dvwa
or
http://localhost/dvwa
in your web address then Press Enter.
the default username and password of dvwa is:
admin password
No comments:
Post a Comment