Header AD

How to Install DVWA on Your Personal Machine

How to Install DVWA on Your Personal Machine

How to Install DVWA on Your Personal Machine
How to Install DVWA on Your Personal Machine

Install and configure Damn vulnerable web app(DVWA).

Damn vulnerable web app(DVWA) is a tool designed for web penetration testing.You can practice your hacking skills in a legal environment on your local computer. As the name suggest DVWA is vulnerable to SQL Injection, XSS and remote file inclusion and brute force etc.
It gives you a lab on your local computer to practice your hacking skills without having set to up virtual machines.Let's Start the installation process.

Things you need to setup DVWA

Once you have downloaded DVWA then you have to unzip the file.
Now switch to the directory where you have your downloaded DVWA zipped file.In my case, i have placed on the desktop. Open your terminal and type cd Desktop if your file is in Download directory type cd Download.
Type the following command ls

listing content
Now we need to unzip DVWA file type the following command in your terminal
root@seven:~/Desktop# unzip DVWA-1.9.zip 
Now type ls again in your terminal and you will see an unzipped directory DVWA-1.9.
Before going further we need to start 2 necessary services. Apache web server and Mysql server.
Start Apache web server type the following command
root@seven:~# service apache2 start
now check apache2 status whether it is running or not with the following command.
root@seven:~# service apache2 status
check status

As you can see our apache2 is up and running which is highlighted with text (Active and running).
Start Mysql server type the following command in your terminal.
root@seven:~#  service mysql start
Check whether it's running or not.
root@seven:~# service mysql status
checking mysql status

As you can see it's up and running highlighted with green texts.
Now we need to move whole directory (DVWA-1.9) to the /var/www/html because in kali linux 2.0 default server for web pages in apache is /var/www but in this case it is going to be /var/www/html .
So we need to move our extracted directory DVWA-1.9 to /var/www/HTML directory.
You can do it graphically to just copy the data file and paste to HTML directory.Or follow the below step.
Type the following command in your terminal.The below command will do 2 things
1-it will move directory to the /var/www/HTML.
2-it will rename DVWA-1.9 to the dvwa reason for renaming is that it is easy to remember.later on we will need to type this on our browser.You must be inside the same directory as DVWA-1.9 to execute below command.
root@seven:~/Desktop# mv DVWA-1.9 /var/www/html/dvwa
Now we need to give read, dev writes and execute permission data directory.Make sure that your present working directory is /var/www/html.So change your directory to html first with following command:
root@seven:~# cd /var/www/html
type the following command to give read , write and execute permission to dvwa.
root@seven:/var/www/html# chmod -R 755 dvwa
Now we need to configure config.inc.php file which is present inside config directory.So change directory to config directory.
root@seven:/var/www/html# cd dvwa/config
Open config.inc. file in nano editor with the following command:
nano config.inc.php
Remove the default password and leave the password field blank. press ctr+o to Save and ctr+x to exit.
remove password
now we need to create password for root user type the following command.Make sure that you are inside the same directory as me(config).When you are asked to enter password just press enter leave password field blank.
root@seven:/var/www/html/dwva/config# mysql -u root -p
When you execute above command successfully you will be presented with mysql shell. Now we need to create another database.Type the following command.
 create database dvwa1;
Type exit to come out of mysql shell.
Now we need to reset our database on our local server.Be careful here copy and paste this command carefully.
curl --data  'create db=create+%2F+Reset+Database' --cookie PHPESSID=1
Now go to the browser and paste this url: http://localhost/dvwa/login.php
If you are following along correctly then a login page should open.If you are not then i suggest go back do it from the scratch.
Use these credentials to login:
Username: Admin
Password: password

So above are the How to Install DVWA on Your Personal Machine. Hope you like this article, keep on sharing with others too. Also, share your experience with us in a comment box below.

No comments