Setup dvwa on kali linux and ubuntu.
What is dvwa?
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
How to setup DVWA on kali linux 2016/Ubuntu.
- go to this link and and download zip file & extract it. OR open terminal and enter:
“git clone https://github.com/ethicalhack3r/DVWA.git”
- now you should have DVWA folder and have some files in it. copy DVWA folder to /var/www/html.
- Set permission of dvwa folder to 755 by Open Terminal and type
“chmod -R 755 /var/www/html/DVWA and Press enter”
- start apache:
“service apache2 start”
- start mysql server:
“service mysql start”
- open mysql
- Create Database for DVWA, type below command and Press enter.
“mysql -u root -p”
- again press enter without entering any password.
“create database dvwa;”
- after above command type exit and press enter.
open browser and enter in url bar 127.0.0.1/DVWA
A dvwa page will open click on create/reset database.
a login page will open.
enter “admin” as user name and “password” as password.
you have successfully setup dvwa on your machine.
Note: Setup dvwa on kali and ubuntu are same procedure, you can follow this for ubuntu and kali linux both.
if you get error to connecting database. open your config file and delete password for db_password parameter:
so now you should have value like below line:
$_DVWA[ ‘db_password’ ] = ‘ ‘;
save file refresh browser page.
Next Tutorial will be How to perform a xss attack on dvwa.
feel free to ask any question.