Raspbian: Instalasi DVWA

From OnnoWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

DVWA (Damn Vurnelabel Web App) dapat digunakan untuk belajar SQL Injection / SQLmap untuk melakukan serangan ke Web & Database-nya

Download

wget https://github.com/RandomStorm/DVWA/archive/v1.0.8.zip

Instalasi Aplikasi Pendukung

sudo apt-get install apache2 php5 php5-xmlrpc php5-mysql php5-gd php5-cli \
php5-curl mysql-client mysql-server libphp-adodb libgd2-xpm-dev \
php5-curl php-pear unzip

Extract

mkdir /var/www/dvwa
mv v1.0.8.zip /var/www/
cd /var/www/
unzip v1.0.8.zip

cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
chmod -Rf 777 tmp
chown -Rf nobody.nogroup tmp


Extract

mkdir /var/www/dvwa
mv DVWA-1.0.8.zip /var/www/
cd /var/www/
unzip DVWA-1.0.8.zip

cd /var/www/DVWA-1.0.8/external/phpids/0.6/lib/IDS
chmod -Rf 777 tmp
chown -Rf nobody.nogroup tmp

Edit konfigurasi Database

vi /var/www/DVWA-1.0.8/config/config.inc.php

Edit 

$_DVWA = array();
$_DVWA[ 'db_server' ] = 'localhost';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root';
$_DVWA[ 'db_password' ] = 'p@ssw0rd';

Pastikan sesuai dengan password root yang ada, misalnya 

$_DVWA[ 'db_password' ] = '123456';

Lakukan di shell 

mysql -u root -p123456

create database dvwa;
grant ALL on root.* to dvwa@localhost;
exit



Akses ke DVWA

http://ip-server/DVWA-1.0.8/

atau 

http://192.168.0.3/DVWA-1.0.8/


Klik 

Click here to setup the database.
Create / Reset Database


Atau ke 

http://ip-server/DVWA-1.0.8/setup.php

atau 

http://192.168.0.3/DVWA-1.0.8/setup.php

Create / Reset Database

Login ke DVWA

username admin
password password
Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Raspbian:_Instalasi_DVWA&oldid=42103"