DVWA 搭建
1,系统环境
$ cat /etc/issue
Ubuntu 18.04.2 LTS \n \l
$ uname -a
Linux R 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
2,DVWA依赖安装
- 查看PHP 是否已经安装
$ dpkg -l | grep php
- 添加PPA
$ sudo add-apt-repository ppa:ondrej/php
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install php5.6
$ php -v
PHP 5.6.40-5+ubuntu18.04.1+deb.sury.org+1 (cli)
$ sudo apt-get install php5.6-mbstring php5.6-mcrypt php5.6-mysql php5.6-xml
- 启动 apache2
$ sudo service apache2 restart
sudo a2enmod php5.6
3,安装DVWA
$ cd /var/www/html/
$ sudo wget https://github.com/ethicalhack3r/DVWA/archive/master.zip
$ sudo unzip master.zip
$ sudo mv DVWA-master/ dvwa
$ pwd
/var/www/html/dvwa/config
$ sudo cp config.inc.php.dist config.inc.php
$ pwd
/etc/php/5.6/apache2
$ sudo vim php.ini
#allow_url_include = Off
allow_url_include = On
$ sudo service apache2 restart
$ pwd
/var/www/html/dvwa/config
sudo vim config.inc.php
$_DVWA[ 'db_server' ] = '127.0.0.1';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root';
$_DVWA[ 'db_password' ] = '';
-
申请免费域名
免费域名申请网站 -
使用reCaptcha
https://www.google.com/recaptcha/admin
- config.inc.php 输入reCAPTCHA key
$ sudo apt-get install -y php5.6-gd
$ sudo service apache2 restart
$ sudo chgrp www-data hackable/uploads/
$ sudo chgrp www-data /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt
$ sudo chgrp www-data config/
$ sudo service apache2 restart
$ sudo chmod g+w hackable/uploads/
$ sudo chmod g+w /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt
$ sudo chmod g+w config/
4,创建数据库
参考: