Difference between revisions of "Raspbian: Instalasi DVWA"

From OnnoWiki
Jump to navigation Jump to search
(New page: DVWA (Damn Vurnelabel Web App) dapat digunakan untuk belajar SQL Injection / SQLmap untuk melakukan serangan ke Web & Database-nya ==Download== wget https://github.com/RandomStorm/DVWA/...)
 
 
(3 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
  php5-curl mysql-client mysql-server libphp-adodb libgd2-xpm-dev \
 
  php5-curl mysql-client mysql-server libphp-adodb libgd2-xpm-dev \
 
  php5-curl php-pear unzip
 
  php5-curl php-pear unzip
 +
 +
==Extract==
 +
 +
mkdir /var/www/dvwa
 +
mv v1.0.8.zip /var/www/
 +
cd /var/www/
 +
unzip v1.0.8.zip
 +
 +
cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
 +
chmod -Rf 777 tmp
 +
chown -Rf nobody.nogroup tmp
 +
 +
 +
 +
==Extract==
 +
 +
mkdir /var/www/dvwa
 +
mv DVWA-1.0.8.zip /var/www/
 +
cd /var/www/
 +
unzip DVWA-1.0.8.zip
 +
 +
cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
 +
chmod -Rf 777 tmp
 +
chown -Rf nobody.nogroup tmp
 +
 +
==Edit konfigurasi Database==
 +
 +
vi /var/www/DVWA-1.0.8/config/config.inc.php
 +
 +
Edit
 +
 +
$_DVWA = array();
 +
$_DVWA[ 'db_server' ] = 'localhost';
 +
$_DVWA[ 'db_database' ] = 'dvwa';
 +
$_DVWA[ 'db_user' ] = 'root';
 +
$_DVWA[ 'db_password' ] = 'p@ssw0rd';
 +
 +
Pastikan sesuai dengan password root yang ada, misalnya
 +
 +
$_DVWA[ 'db_password' ] = '123456';
 +
 +
Lakukan di shell
 +
 +
mysql -u root -p123456
 +
 +
create database dvwa;
 +
grant ALL on root.* to dvwa@localhost;
 +
exit
 +
 +
 +
 +
 +
 +
==Akses ke DVWA==
 +
 +
http://ip-server/DVWA-1.0.8/
 +
atau
 +
http://192.168.0.3/DVWA-1.0.8/
 +
 +
 +
Klik
 +
 +
Click here to setup the database.
 +
Create / Reset Database
 +
 +
 +
Atau ke
 +
 +
http://ip-server/DVWA-1.0.8/setup.php
 +
atau
 +
http://192.168.0.3/DVWA-1.0.8/setup.php
 +
 +
Create / Reset Database
 +
 +
==Login ke DVWA==
 +
 +
username admin
 +
password password

Latest revision as of 15:19, 16 January 2015

DVWA (Damn Vurnelabel Web App) dapat digunakan untuk belajar SQL Injection / SQLmap untuk melakukan serangan ke Web & Database-nya

Download

wget https://github.com/RandomStorm/DVWA/archive/v1.0.8.zip

Instalasi Aplikasi Pendukung

sudo apt-get install apache2 php5 php5-xmlrpc php5-mysql php5-gd php5-cli \
php5-curl mysql-client mysql-server libphp-adodb libgd2-xpm-dev \
php5-curl php-pear unzip

Extract

mkdir /var/www/dvwa
mv v1.0.8.zip /var/www/
cd /var/www/
unzip v1.0.8.zip

cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
chmod -Rf 777 tmp
chown -Rf nobody.nogroup tmp


Extract

mkdir /var/www/dvwa
mv DVWA-1.0.8.zip /var/www/
cd /var/www/
unzip DVWA-1.0.8.zip

cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
chmod -Rf 777 tmp
chown -Rf nobody.nogroup tmp

Edit konfigurasi Database

vi /var/www/DVWA-1.0.8/config/config.inc.php

Edit 

$_DVWA = array();
$_DVWA[ 'db_server' ] = 'localhost';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root';
$_DVWA[ 'db_password' ] = 'p@ssw0rd';

Pastikan sesuai dengan password root yang ada, misalnya 

$_DVWA[ 'db_password' ] = '123456';

Lakukan di shell 

mysql -u root -p123456

create database dvwa;
grant ALL on root.* to dvwa@localhost;
exit



Akses ke DVWA

http://ip-server/DVWA-1.0.8/

atau 

http://192.168.0.3/DVWA-1.0.8/


Klik 

Click here to setup the database.
Create / Reset Database


Atau ke 

http://ip-server/DVWA-1.0.8/setup.php

atau 

http://192.168.0.3/DVWA-1.0.8/setup.php

Create / Reset Database

Login ke DVWA

username admin
password password
Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Raspbian:_Instalasi_DVWA&oldid=42103"