Skip to main content

How to do Installation and configuration of DVWA at any Linux distribution

   


In this article we are going to learn about DVWA (Damn Vulnerable Web Application), also how to configure the web application in Ubuntu 18 virtual machine.
Before installation and configuration, lets get in what is web application? A web application is a computer program that utilizes web browser and web technology to perform task overs the internet. Web apps can be built for a wider uses which can be used by anyone from an enterprise to an entry for a variety of reasons. Frequently used web applications can include webmail.

DVWA damn vulnerable web application coded in PHP and uses MYSQL database. Its made for security professionals or aspiring security researchers, to find new issues or security flaws in web applications.
For installation of DVWA, first install apache2. Apache2 is a free open-source web server that provide HTTP server to deliver web content through the internet. Follow below commands:

1. First open your terminal in Ubuntu or any Linux distribution, after that apply root privilege's using command:
$ sudo bash
enter your root password

2. Update & Upgrade your system, through below command:
$ apt update
$ apt upgrade

3. Now start installation of apache2, using below command:
apt install apache2

To be ensure that apache2 is installed into system correctly, just you have put your ip address of the ubuntu system into web browser. In my case my ip address is 192.168.29.107, whenever i will put this ip address into web browser then it will show the apache2 official page. This means apache2 installed perfectly.

4. After installation of Apache2, it will build a HTML directory inside of var/www/ , Now we have place our DVWA application into var/www/html/ directory. Use cd command to get inside of the HTML directory.

cd /var/www/html/
git clone https://github.com/ethicalhack3r/DVWA


5. After the installation, go inside of the DVWA and there will you find a config folder, now we will move inside the config folder and there we find the config.inc.php.dist file. Use mv command to move the config.inc.php.dist to config.inc.php

# mv config.inc.php.dist config.inc.php

6. Open the config.inc.php file and you can change the file content or change the database user and password. Using command nano config.inc.php 


In my case we have use raj as db user and db password 123.

7. Now we will try to open DVWA lab in the browser by using the following URL and click on Create/Reset Database

http://localhost/DVWA/setup.php


We have successfully configured the DVWA lab setup in ubuntu 18 virtual machine, we can see the welcome login page of DVWA.


Now we can get access of this DVWA from other computer system. Only we have to use the Ubuntu (System where you have installed DVWA) ip address to get the access of DVWA into different system.
In my case the Ubuntu ip address is 192.168.29.107, type this ip address into web browser like this http://192.168.19.107/DVWA/

For login we will use the DVWA default username and password which is admin and password.


Here you can practice different web application attacks and find vulnerabilities. Also you can adjust your difficulty level through setting pf DVWA. There will be three mode of difficulty level i.e, Normal, Medium, Hard & Impossible.

So w have learn how to setup the web application and how to configure web application within the html directory and access using localhost.
Labels:

Comments

Post a Comment

If you have any doubts. Please let me know.

Popular posts from this blog

The Top 5 Laptops Under 50,000 in India December 2023

  Explore the curated selection of the finest laptops under 50,000 Rupees available on prominent e-commerce platforms such as Amazon and Flipkart, as well as in offline market. Enhance your festive season with the perfect blend of performance and affordability this Christmas and New Year's Eve. All the 5 laptops, those are listed below, all of them are capable of playing mid-range games, video editing, practice coding, and also for those who starts journey in any IT department. All of them having outstanding performance under 50,000 Rupees. You're in the proper location! let's see all the 5 laptops in this list. 1. HP Victus Ryzen 5 Hexa core One of the best laptops at this price range, available in the market. With the HP Victus Ryzen 5 Hexa core 5600H, fall deeper in love with computing than ever before. It comes with AMD Radeon RX 6500M of GDDR6 dedicated graphic memory of 4 GB, pre-installed 8 GB DDR4 RAM and it can be maximum upgraded up to 16 GB. The CPU clock speed i
Post a Comment
Read more

What are the Basic Nmap commands for Cyber security enthusiast.

Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service up-time.  Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.  It was designed to rapidly scan large networks but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Let's check out the basic nmap command in our day-to day life. Host Scan Host scan is used by penetration tester to identify active host in a network by sending ARP request
Post a Comment
Read more