Intro - Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.It is a best platform to practice web application hacking and security.
1. Download DVWA http://sourceforge.net/projects/dvwa/
(click image for large view)
2. Unzip download file
3. Copy dvwa folder into Computer → File system → var → www
4. Set permission of DVWA into 755 for this open Termianl and type
chmod -R 755 /var/www/dvwa and hit enter
5. Run Apache for this go to Application → kali linux → System Service → HTTP → apache2start
6. Apache run successfully
7. Run My SQL for this go to Application → kali linux → System Service → MySQL → mysql start
8. My SQL run successfully
9. Now Create Database for dvwa
→ Open Terminal and type
→ mysql –u root –p and hit enter
→ when it ask for Password simply hit enter
→ now type create database dvwa; and hit enter (here you can see an error because I have already created my database for dvwa but if you are creating first time than you will see a successful msg)
→ If you want to exit terminal type exit and hit enter
10. Now go to your browser and write http://127.0.0.1/dvwa or http://localhost/dvwa and write your username and password by default it is username – admin and password – password than click in login
11. Are you getting this error Table 'dvwa.users' doesn't exist ?
12. Now time to solve the above error open terminal and type curl --data ‘create db=create+%2F+Reset+Database’ http://127.0.0.1/dvwa/setup.php# --cookie PHPSESSID=1 and hit enter
13. Now again go to your browser and login with default username and password
14. You have successfully logged in.
(click image for large view)
No comments:
Post a Comment