Ethical Hacking — Week 7
DVWA
In today’s session, I learned about DVWA which stands for Damn Vulnerable Web App and how to install it. It has three levels of security, low, medium and high.
The first step to install DVWA is to go to kali linux and prepare the terminal and type sudo su. Then move the directory to /var/www/html by typing cd /var/www/html/then download the DVWA package by typing
wget https://github.com/ethicalhack3r/DVWA/archive/master.zip.
Afterwards, extract the file by typing unzip master.zip.
The next step is to move the master content to the current directory, type mv DVWA-Master/*./var/www/html. Afterwards, type chown -R www-data:www-data/var/www/html
Once installation is done, start the web server and database by typing service apache2 start; service mysql start. Afterwards, check mySQL server by typing mysql_secure_installation and press Y for every Y/N question asked.Type the IP address of your kali linux into the search engine of any browser. Then, you will be directed to DVWA setup.
The presence of any red coloured text indicated missing configuration, hence that must be fixed. Type mysql -u root -p in order set up the database for DVWA. You will asked to enter the password.
Afterwards, type create database [database name];
grant all privileges on [database name].* to dvwa_user@localhost identified by ‘[password]’;
flush privileges;Then type quit to exit mySQL.
Edit the configuration in the config.inc.php and enter the details of the database created in the previous step. Refresh your browser, if there are no red coloured text then you have properly configured everything, or else check the previous steps again to ensure you did not make any mistake.
Press on Create/Reset Database You will see a login page, type admin for the username and password for the password. Afterwards, you will be able to see and use the tools available such as Brute Force, SQL injection etc.
Tags: Ethical Hacking
This entry was posted on Friday, April 3rd, 2020 at 7:55 pm and is filed under Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.