Setting Upwards Damn Vulnerable Spider Web Application (Dvwa) – Pentesting Lab

Damn Vulnerable Web App (DVWA) is a PHP/MySQL spider web application that is damn vulnerable. Its top dog goals are to live an assistance for safety professionals to exam their skills in addition to tools inwards a legal environment, assist spider web developers amend empathize the processes of securing spider web applications in addition to assistance teachers/students to teach/learn spider web application safety inwards a class room environment. In this tutorial, nosotros volition live installing Damn Vulnerable Web Application (DVWA) on a Ubuntu virtual machine. Our assailant automobile would live Kali Linux, which is also installed equally a virtual automobile (or virtual box). The host tin live whatever OS, in addition to doesn’t affair since nosotros won’t live using it at all. An alternate configuration is when your host is either Kali or Ubuntu, inwards which illustration you lot require entirely 1 VM, to install their the other OS. Alternatively, you lot could exactly piece of work a unmarried Kali automobile both equally assailant equally good equally victim (running the vulnerable application). However, that makes things less realistic.

Contents

1. Pr-requisites


2. Installing DVWA


3. Configuring DVWA


4. Fixing the problems


5. Changing credentials


6. Adding recaptcha key


7. Enabling disabled stuff


8. Installing missing stuff


9. Giving write privileges

Pr-requisites

You require to cause got Kali Linux (rolling release) in addition to Ubuntu (I’m using 16.04) upward in addition to running. If you lot aren’t familiar alongside virtual machines in addition to stuff, thus accept a suspension of a few days, acquire familiar alongside them, install in addition to run a few Linux (any flavor) VMs, drinkable some coffee, etc. Once you’re comfortable alongside virtual machines (and cause got Kali & Ubuntu upward in addition to running), decease on onward.

You also require some minimal cognition of Linux, networking, in addition to spider web applications. As an exercise, you lot could endeavour getting some costless spider web host (a pitiable 1 volition suffice, since you lot are entirely doing this for learning in addition to won’t require anyone to piece of work your website), in addition to deploy a WordPress site. Tinker some the website, install themes in addition to materials to acquire a experience for it. Then, become 1 pace farther in addition to deploy a WordPress illustration on your Linux virtual machine. This time, don’t piece of work the WordPress UI to do things, but instead endeavour in addition to figure out materials manually. Install themes, modules, etc. on your ain past times placing them inwards the right directory. Just tinker away, inwards short, till you lot cause got some score of familiarity alongside spider web applications. Versions used:

• Ubuntu Version – 16.04.1 LTS


• XAMPP Version – 7.1.1

Installing DVWA

This is a fairly uncomplicated procedure. Below are screenshots alongside explanation. At the goal of the tutorial, I cause got listed commands that you lot require to type to acquire all this done (you tin only re-create glue the commands). The unnecessary steps are non acquaint inwards listing of commands (in screenshots they are in that location to heighten your agreement oh what’s going on).

1. First nosotros volition download DVWA.


2. Then nosotros read it’s MD in addition to discovery out what to do.


3. After reading doc, nosotros realize nosotros require to install XAMPP, nosotros do that.


4. After installing XAMPP, nosotros exam if it industrial plant past times starting it in addition to opening localhost on our machine.


5. Once we’re certain that XAMPP works, nosotros volition decease on in addition to re-create DVWA files to htdocs folder of XAMPP.


6. Now nosotros banking concern check if localhost/DVWA-master leads us to the vulnerable app. If it does, thus nosotros did everything right.

Open Damn Vulnerable Web App website inwards your browser. Click on download. You’ll acquire an archive, extract it.

Navigate to the extracted archive. Get a lay of the land. You’ll discovery that in that location is documentation available inwards docs folder.

Here is the relevant department of the documentation. We require to install XAMPP. You tin acquire it to piece of work alongside whatever other equivalent software bundle, but for ease, let’s stick to the recommended way.

Proceed to download the XAMPP bundle. I went alongside the latest version (going alongside latest version poses a slight occupation for us, patch DVWA is flawed, our PHP version is perfectly patched. For now, let’s ignore this. If this travail hindrance at a after stage, thus we’ll bargain alongside it)

Navigate to downloads directory in addition to run the installer for XAMPP.

Realise that you lot forgot to run the installer equally root! (kudos if you lot ran equally source in addition to didn’t brand the same error equally me)

Run installer equally root.

It’s a uncomplicated installer. You’d know what to do.

Wait for it to finish.

Start the XAMPP server (note that the directory is lampp inwards linux systems)

Check if your server is running past times typing 127.0.0.1 or localhost on your browser. XAMPP is forthwith upward in addition to running properly. Let’s run our vulnerable app on XAMPP now.

As suggested past times the documentation, nosotros only motion our folder into the htdocs directory.

Open the localhost/DVWA-master URL in addition to you’ll come across that everything industrial plant equally expected. Our initial setup is successfully done.

There is all the same farther configuration to live done, but I don’t desire to extend the tutorial whatever further. After the side past times side section, in that location is link to component 2 of this series.

Commands

For below commands to work, ensure the following-

• xampp-linux-x64-VERSION-installer.run – this file downloaded in addition to is located inwards Downloads folder


• DWVA-master directory is located inwards dwelling folder (the archive to live downloaded in addition to extracted to obtain this directory).


• Replace VERSION alongside the version you lot cause got downloaded (7.1.1.0 inwards my case)

Here are the commands-

cd  /Downloads
chmod a+x xampp-linux-x64-VERSION-installer.run
cd  
sudo ./xampp-linux-x64-VERSION-installer.run
sudo mv  /DWVA-master/ /opt/lampp/htdocs/

Extras

1. Read almost localhost (what does this URL signify – 127.0.0.1)


2. Commands used – ls, cd, mv, sudo. Use human pages to discovery out what these hateful (eg. type man mv into the terminal)

Fixing problems

If you lot retrieve from previous post, nosotros reached this point-



There’s some materials inwards ruby color.

All the materials inwards ruby needs fixing. If you lot are lucky, nosotros cause got the same laid of issues which require fixing. Otherwise, you’ll cause got to do some googling to discovery out how to prepare problems which you lot are facing in addition to I am not.

Changing mysql username in addition to password

The default credentials are ‘root’ in addition to ‘p@ssw0rd’ inwards the config.inc.php file. We alter it to the right mysql login credentials, ‘root’ in addition to ”, inwards my case. You tin alter depending on your mysql credentials. This gets rid of our biggest worry – Unable to connect to database!

This is the biggest problem. Solving this way nosotros tin create our database, some modules may non piece of work perfectly, but DVWA volition run. Without fixing this, nosotros won’t fifty-fifty live able to start. To prepare this, opened upward /opt/lamp/htdocs/DVWA-master/config/config.inc.php file inwards your favorite text editor.

This password isn’t the password of our mysql database. In my case, password is nothing, i.e. 2 unmarried quotes (i.e. ”). Update the value here. In illustration your mysql password is something else, piece of work that. Change the username also is require be.

This is the corrected password value inwards my case. After this, refresh the page in addition to click “Create/Reset database”



Now everything industrial plant fine after you lot click Create/Reset database. We’ll prepare the other remaining issues inwards side past times side section.

Fixing missing recaptcha key

First, nosotros require to solve the recaptcha cardinal missing problem. Go to this URL–

Go to the URL, you’ll come across a shape similar this.

Fill form, values don’t affair much

You obtain site cardinal in addition to hush-hush key. Site cardinal = Private key, hush-hush cardinal = mortal key

Open the config.ini.php file inwards your favourite text editor

Edit the recaptcha populace cardinal in addition to mortal cardinal fields. Here is what I did.



Now nosotros cause got a a recaptcha key. One ruby down, 3 to go.

Fixing disabled allow_url_include

We only cause got to locate the configuration file in addition to edit the value of the parameter from Off to On.

The php configuration file is located at /opt/lampp/etc/php.ini. Edit it alongside your favourite text editor, you’ll require source privileges (sudo)

Locate the allow_url_include delineate of piece of work past times using search characteristic of your text editor

Change Off to On.

 

Restart the lampp service

Reload page, you’ll come across that the upshot is fixed

Note: Any other component which is disabled tin live enabled inwards a similar manner. All settings are inwards the php.ini file. You exactly require to search for the corresponding delineate of piece of work in addition to edit it.

Fixing missing modules

If a module is shown equally missing , thus nosotros require to install it. In my case, everything is installed. Most likely, since you lot are also using XAMPP, everything would live installed. However, if that is non the case, thus you lot cause got to figure out how to install the modules. If you lot aren’t using XAMPP in addition to did everything manually, thus apt-get would live the way to go. Otherwise aspect at XAMPP’s (or whichever parcel you lot are using) documentation.

Fixing File Ownership

We require to give www-data user write access to 2 directories. We’ll tin piece of work chgrp in addition to chmod commands inwards unison to give entirely the privileges that are needed, or nosotros could become the lazy way in addition to piece of work chmod 777 (full read, write in addition to execute privileges to everyone). I’m feeling lazy in addition to I’m exactly gonna become the chmod way. Run the ascendency below-

chmod 777 <directory> Replace directory alongside the right directory.

This is the lastly thing that needs to live done

Everything is light-green finally! Also, notice the credentials, we’ll require it later.

“admin // password”

Database created. Populated alongside tables.

Finally the damn vulnerable application is running.

The username = “admin” in addition to password is “password” (“admin // password” that nosotros saw 3 pics ago).

Everything is running perfectly. This is the page you lot should come across after successful login.

Buat lebih berguna, kongsi: