Blog Rizwan
  • 🩷Welcome!
  • ⚙ī¸Debian 10
    • â™ģī¸How to Configure DHCP Server on Debian
    • đŸ–Ĩī¸How to Install Secure Shell (SSH) for Remote Access
    • 🌐How to Install and Configure a Domain Name Server (DNS)
    • 🗃ī¸How to Install FTP to Transfer Files Between Devices on the Same Network
    • 🌐How to Install Apache2 Web Server on Linux Server
    • 📝How to Install Wordpress on Server and Configuration Virtual Host
    • 🗄ī¸How to Install PhpMyAdmin to Manage the Database Using User Interfaces
  • ⚙ī¸Debian 11
    • 😁Installation 3VM
    • 🌐How to Install and Configure a DNS On a Server
    • 🗃ī¸How To Install & Configure SFTP
    • 🔐How To Install File Sharing With Samba Server
    • 🔀How To Configure VirtualHost DNS Server With Apache2
      • đŸĨ°MyWeb
      • 😎StaticWeb
      • đŸĨˇHow To Install D*mn Vunerable Web Apps For Ethical Hacking
    • 🤖How To Install Automation With Ansible
  • ☁ī¸AWS Cloud
    • 👨‍đŸ’ģInstall Cyber Panel on EC2 Instance
    • 📝Setup Wordpress in EC2 Instance With CyberPanel
    • 🌐Install NginX in EC2 Instance
    • 📸Install Zabbix For EC2 Monitoring & How To Connect To Databases On Different Resources
      • đŸ–Ĩī¸Add a New Host For Monitoring Zabbix
    • 🌎Create a New VPC Connection
    • 🗄ī¸Website Dynamic With PHP and MySQL Database
    • 🕹ī¸Install Nagios For Monitoring With a New EC2 Instance
      • 🌌Add a New Host For Monitoring Nagios (WebServer)
      • 🌃Add a New Host For Monitoring Nagios (DB-Instance)
    • 🔄How to add Auto Scaling in AWS for Resources when Network Traffic is Heavy
    • 🤝Deploy Web Server on AWS Auto Scalling Group (ASG)
      • 🏗ī¸Configuration Lab Architectures
      • 😎Deploy Web Content to Lab
      • đŸ•ĩī¸â€â™‚ī¸Test Autoscalling Architecture
  • ❄ī¸CentOS7
    • 💡How to Change IP Address and Installation SSH Service
    • 🌐How to Configure DNS Server
    • 🆖How To Install Nginx Website on CentOS 7
  • 🔐System Security
    • 😁Installation 4VM
    • ❌How to Block Internet Connection Using IPTables Tools
    • 🔐How to Create Rules to Create Strong Passwords for Users
    • 🔀Port Forwarding For Local SSH, WebServer, and FTP Service
    • ⚔ī¸Simulate MITM Attack
    • ⚔ī¸Simulate DDOS Attack
    • 🛡ī¸How to Protect the Server From Attacks By Detecting the Network Using Snort
    • 🔐The Way to Secure the Server When a User Login Must Use an OTP Code
  • 🌐Cisco Networking
    • 🔀Trunking Port & Access Port
    • 🔄Routing 3 Router
    • 🔮Domain Name System
    • ♾ī¸DHCP Server
  • 🛠ī¸Block Chain Node
    • ✨Humanode Validator
      • Installation Node
      • Node Activation
      • Setup Wallet
  • 😊My Contact
Powered by GitBook
On this page
  1. Debian 11
  2. How To Configure VirtualHost DNS Server With Apache2

How To Install D*mn Vunerable Web Apps For Ethical Hacking

PreviousStaticWebNextHow To Install Automation With Ansible

Last updated 8 months ago

Introduction

The abbreviation for Damn Vulnerable Web App is a PHP/MySQL web application that is very vulnerable to various cyber security attacks. DVWA is used for training web, pentesters, and Cyber ​​Security professionals. By using DVWA as a learning tool for ethical hackers, penetration testers or Cyber ​​Security Analysts who can practice and improve their abilities in overcoming various security vulnerability problems in web applications.

DVWA or Damn Vulnerable Web Apps is a platform used by cyber security professionals to carry out pentests to test their ability to secure web apps. In simple terms, DVWA is a playground for pentesting. DVWA can be used to test various exploits for cyber security attacks such as brute force, SQL injection, XSS and CSRF, etc.

In this DVWA we can set the security level from the lowest to the highest security level, namely impossible. DVWA is easy to use for someone who is a beginner or interested in web app security, and is very easy to install. Here's how to install DVWA.

The main advantage of DVWA in cyber security is that it helps learning about how to test the security of web apps in an easy and legal manner, so that it can be used by both teachers and students learning in cyber security classes or courses. Following are various other benefits of DVWA.

Configuration

Debian11- Server

Install Package

apt install apache2 mariadb-server mariadb-client php php-mysqli php-gd libapache2-mod-php docker -y

Setup mysql

mysql_secure_installation is a shell script contained in Unix systems and allows provers to develop MariaDB security in several ways such as: Provers can create a password for the root account. Provers can delete root accounts that can be accessed from outside the local host.

mysql_secure_installation

Create Database & User

mysql -u root -p

CREATE DATABASE dvwa_rizwan;
CREATE USER 'admin'@'127.0.0.1' IDENTIFIED BY '12345678';
GRANT ALL PRIVILEGES ON dvwa_rizwan.* TO 'admin'@'127.0.0.1';
FLUSH PRIVILEGES;
EXIT;

Install DVWA

git clone https://github.com/digininja/DVWA.git /var/www/dvwa

Change Permission

chmod 777 /var/www/dvwa/

Configuration File

cd /var/www/dvwa/config
cp config.inc.php.dist config.inc.php

nano config.inc.php

$_DVWA = array();
$_DVWA[ 'db_server' ]   = getenv('DB_SERVER') ?: '127.0.0.1';
$_DVWA[ 'db_database' ] = 'dvwa_rizwan';
$_DVWA[ 'db_user' ]     = 'admin';
$_DVWA[ 'db_password' ] = '12345678';
$_DVWA[ 'db_port']      = '3306';

Restart Service

systemctl restart apache2 mariadb mysql

Browse to dvwa.rizwanpemula.com

Login using user 'admin' and password '12345678'

Then click setup.php and then log in again

After that we log in with user 'admin' and password 'password'

⚙ī¸
🔀
đŸĨˇ
  • Introduction
  • Configuration
  • Debian11- Server
  • Install Package
  • Setup mysql
  • Create Database & User
  • Install DVWA
  • Change Permission
  • Configuration File
  • Restart Service