Difference between revisions of "DVWA: instalasi Ubuntu 16.04"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 38: | Line 38: | ||
chown -Rf nobody.nogroup tmp | chown -Rf nobody.nogroup tmp | ||
chmod -Rf 777 /var/www/html/DVWA-1.9/hackable/uploads/ | chmod -Rf 777 /var/www/html/DVWA-1.9/hackable/uploads/ | ||
+ | |||
+ | ==Tambahan Konfigurasi== | ||
+ | |||
+ | |||
+ | |||
+ | go to: | ||
+ | |||
+ | C:\xampp\php\php.ini | ||
+ | |||
+ | change: | ||
+ | |||
+ | allow_url_include=Off into allow_url_include=on | ||
+ | |||
+ | |||
+ | edit | ||
+ | |||
+ | vi /var/www/html/DVWA-1.9/config/config.inc.php | ||
+ | |||
+ | ubah | ||
+ | |||
+ | $_DVWA[ 'recaptcha_public_key' ] = ' '; | ||
+ | $_DVWA[ 'recaptcha_private_key' ] = ' '; | ||
+ | |||
+ | menjadi | ||
+ | |||
+ | $_DVWA[ 'recaptcha_public_key' ] = '6LdK7xITAAzzAAJQTfL7fu6I-0aPl8KHHieAT_yJg'; | ||
+ | $_DVWA[ 'recaptcha_private_key' ] = '6LdK7xITAzzAAL_uw9YXVUOPoIHPZLfw2K1n5NVQ'; | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
==Edit konfigurasi Database== | ==Edit konfigurasi Database== | ||
Line 62: | Line 94: | ||
grant ALL on root.* to dvwa@localhost; | grant ALL on root.* to dvwa@localhost; | ||
exit | exit | ||
− | |||
==Restart Apache== | ==Restart Apache== |
Revision as of 18:06, 3 March 2017
DVWA (Damn Vurnelabel Web App) dapat digunakan untuk belajar SQL Injection / SQLmap untuk melakukan serangan ke Web & Database-nya
Download
wget https://github.com/RandomStorm/DVWA/archive/v1.9.zip
Instalasi Aplikasi Pendukung
Downgrade
sudo add-apt-repository ppa:ondrej/php sudo apt-get update sudo apt-get install php7.0 php5.6 php5.6-mysql php-gettext php5.6-mbstring php-mbstring php7.0-mbstring \ php-xdebug libapache2-mod-php5.6 libapache2-mod-php7.0
sudo a2dismod php7.0 ; sudo a2enmod php5.6 ; sudo service apache2 restart
Ubuntu 16.04
sudo apt-get install apache2 php5.6 php5.6-xmlrpc php5.6-mysql php5.6-gd php5.6-cli php5.6-curl \ mysql-client mysql-server libphp-adodb libgd2-xpm-dev \ php5.6-curl php-pear unzip
Versi 1.9
mv v1.9.zip /var/www/html cd /var/www/html unzip v1.9.zip
cd /var/www/html/DVWA-1.9/external/phpids/0.6/lib/IDS chmod -Rf 777 tmp chown -Rf nobody.nogroup tmp chmod -Rf 777 /var/www/html/DVWA-1.9/hackable/uploads/
Tambahan Konfigurasi
go to:
C:\xampp\php\php.ini
change:
allow_url_include=Off into allow_url_include=on
edit
vi /var/www/html/DVWA-1.9/config/config.inc.php
ubah
$_DVWA[ 'recaptcha_public_key' ] = ' '; $_DVWA[ 'recaptcha_private_key' ] = ' ';
menjadi
$_DVWA[ 'recaptcha_public_key' ] = '6LdK7xITAAzzAAJQTfL7fu6I-0aPl8KHHieAT_yJg'; $_DVWA[ 'recaptcha_private_key' ] = '6LdK7xITAzzAAL_uw9YXVUOPoIHPZLfw2K1n5NVQ';
Edit konfigurasi Database
vi /var/www/html/DVWA-1.9/config/config.inc.php
Edit
$_DVWA = array(); $_DVWA[ 'db_server' ] = 'localhost'; $_DVWA[ 'db_database' ] = 'dvwa'; $_DVWA[ 'db_user' ] = 'root'; $_DVWA[ 'db_password' ] = 'p@ssw0rd';
Pastikan sesuai dengan password root yang ada, misalnya
$_DVWA[ 'db_password' ] = '123456';
Lakukan di shell
mysql -u root -p123456
create database dvwa; grant ALL on root.* to dvwa@localhost; exit
Restart Apache
/etc/init.d/apache2 restart
Akses ke DVWA
Misalnya
http://ip-server/DVWA-1.9/ http://192.168.0.80/DVWA-1.9/ http://192.168.0.100/DVWA-1.9/ http://192.168.0.111/DVWA-1.9/
Klik
Click here to setup the database. Create / Reset Database
Atau misalnya ke,
http://ip-server/DVWA-1.9/setup.php http://192.168.0.80/DVWA-1.9/setup.php http://192.168.0.100/DVWA-1.9/setup.php http://192.168.0.111/DVWA-1.9/setup.php
Create / Reset Database
Login ke DVWA
username admin password password