In previous blog's we discussed SSL, Detailing of SESSION ID. In this post, i will tell you about how to set up the Damn Vulnerable Web App (DVWA) website for penetration testing which is 100% legal.Most of the people face difficulty in performing Pentest on websites because it is illegal but you can start your learning from that website. You may use Kali Linux OS for Penetration Testing because most of the software for Pentest is Pre-install.
2.Open Terminal
3. Type chmod +x full path of file with name (By grabbing the .run file from folder to the terminal)
4.Type sudo full path of file with name and the GUI will pop up
5.Install the setup by following the simple instructions
6.after successfully install you may starts the servers
2.Extract the ZIP folder
3.Copy and paste it into \opt\lampp\htdocs
2.Type User name=admin and Password=password
2. find the line: $ DVWA[ ’db password’ ] = ’p@ssw0rd’;
3.change it to: $ DVWA[ ’db password’ ] = ”;
This error can be resolved by changing the permissions of the folder.
THREE STEP PROCESS:
Step 1: Installing XAMPP
1.Download XAMPP2.Open Terminal
3. Type chmod +x full path of file with name (By grabbing the .run file from folder to the terminal)
4.Type sudo full path of file with name and the GUI will pop up
5.Install the setup by following the simple instructions
6.after successfully install you may starts the servers
STEP 2: Installing DVWA
1.Download DVWA2.Extract the ZIP folder
3.Copy and paste it into \opt\lampp\htdocs
STEP 3: Configure DVWA
1.Go to the web browser and go to http://127.0.0.1/dvwa/login.php2.Type User name=admin and Password=password
Error Handling:
ERROR 1:You should recieve a mysql error: that’s okay.
1.Open up \opt\lampp\htdocs\dvwa\config\config.inc.php2. find the line: $ DVWA[ ’db password’ ] = ’p@ssw0rd’;
3.change it to: $ DVWA[ ’db password’ ] = ”;
ERROR 2: Object Not Found 404
This error is due to name mismatch.so, use the same nameERROR 3: Access Forbidden error 403
This error can be resolved by changing the permissions of the folder.
Simple to configure dvwa
ReplyDeleteThanx...
Delete