ubuntu 搭建 DVWA web渗透测试系统
DVWA 搭建
- 1,系统环境
- 2,DVWA依赖安装
- 3,安装DVWA
- 4,创建数据库
- 5,将本地测试环境放到公网上
1,系统环境
$ cat /etc/issue
Ubuntu 18.04.2 LTS \n \l
$ uname -a
Linux R 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
2,DVWA依赖安装
- 查看PHP 是否已经安装
$ dpkg -l | grep php
- 添加PPA
$ sudo add-apt-repository ppa:ondrej/php
- 更新系统
$ sudo apt-get update
$ sudo apt-get upgrade
- 安装php5.6(php7 好像也可以用没试过)
$ sudo apt-get install php5.6
$ php -v
PHP 5.6.40-5+ubuntu18.04.1+deb.sury.org+1 (cli)
- 安装依赖
$ sudo apt-get install php5.6-mbstring php5.6-mcrypt php5.6-mysql php5.6-xml
- 启动 apache2
$ sudo service apache2 restart
- 安装apache2
sudo apt install apache2
sudo a2enmod php5.6
3,安装DVWA
$ cd /var/www/html/
$ sudo wget https://github.com/ethicalhack3r/DVWA/archive/master.zip
$ sudo unzip master.zip
$ sudo mv DVWA-master/ dvwa
$ pwd
/var/www/html/dvwa/config
$ sudo cp config.inc.php.dist config.inc.php
http://192.168.1.101/dvwa
$ pwd
/etc/php/5.6/apache2
$ sudo vim php.ini
#allow_url_include = Off
allow_url_include = On
$ sudo service apache2 restart
$ pwd
/var/www/html/dvwa/config
sudo vim config.inc.php
$_DVWA[ 'db_server' ] = '127.0.0.1';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root';
$_DVWA[ 'db_password' ] = '';
-
申请免费域名
免费域名申请网站 -
使用reCaptcha
https://www.google.com/recaptcha/admin
- config.inc.php 输入reCAPTCHA key
$ sudo apt-get install -y php5.6-gd
$ sudo service apache2 restart
$ sudo chgrp www-data hackable/uploads/
$ sudo chgrp www-data /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt
$ sudo chgrp www-data config/
$ sudo service apache2 restart
$ sudo chmod g+w hackable/uploads/
$ sudo chmod g+w /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt
$ sudo chmod g+w config/
4,创建数据库
- 安装 mysql
$ sudo apt-get install mysql-server
- 修改mysql 登录密码
$ sudo vim /etc/mysql/debian.cnf
[client]
host = localhost
user = root
password = root
- 创建数据库 dvwa
$ sudo mysql -u root -p
mysql> show databases;
mysql> create database dvwa;
- dvwa连接 mysql数据库
$ pwd
/var/www/html/dvwa/config
$ sudo vim config.inc.php
$_DVWA[ 'db_server' ] = '127.0.0.1';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'dvwa';
$_DVWA[ 'db_password' ] = 'dvwa1234';
$ pwd
/var/www/html/dvwa
$ sudo vim info.php
<?php phpinfo(); ?>
- mysql 创建用户dvwa 授权访问数据库dvwa
$ sudo mysql -u root -p.root
mysql> create user 'dvwa'@'localhost' identified 'dvwa1234';
mysql> grant all on dvwa.* to 'dvwa'@'localhost';
$ sudo service apache2 restart
$ sudo service mysql restart
-
数据库 连接成功
-
查看DVWA 登录密码
$ mysql -u dvwa -p
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| dvwa |
+--------------------+
2 rows in set (0.00 sec)
mysql> use dvwa;
mysql> show tables;
+----------------+
| Tables_in_dvwa |
+----------------+
| guestbook |
| users |
+----------------+
2 rows in set (0.00 sec)
mysql> select * from users;
+---------+------------+-----------+---------+----------------------------------+
| user_id | first_name | last_name | user | password |
+---------+------------+-----------+---------+----------------------------------+
| 1 | admin | admin | admin | 5f4dcc3b5aa765d61d8327deb882cf99 |
mysql> update users set password = md5('admin') where user_id = 1 ;
mysql> select * from users;
+---------+------------+-----------+---------+----------------------------------+
| user_id | first_name | last_name | user | password |
+---------+------------+-----------+---------+----------------------------------+
| 1 | admin | admin | admin | 21232f297a57a5a743894a0e4a801fc3 |
在线MD5值解密
- 最终登录用户名密码为 admin
5,将本地测试环境放到公网上
- 使用免费的谷歌云服务器 + 开源软件frp
# pwd
/etc/apache2/sites-available
# vim 000-default.conf
#DocumentRoot /var/www/html
DocumentRoot /var/www/html/dvwa
- frpc.ini 端口转发
[dvwa]
type = tcp
local_ip = 127.0.0.1
local_port = 80
remote_port = 80
- 使用freenom 申请的免费域名
参考:
- DVWA GitHub
- How to setup DVWA (Damn Vulnerable Web Application)
- How to Install DVWA Into Your Linux Distribution
- Installing and Configuring Damn Vulnerable Web Application (DVWA) on Ubuntu Server 18.04
- [TOP10]十大渗透测试演练系统