LAB Testing with DVWA – [Installation]
DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment. Beside it’s also provide a better understanding for web developers in securing web applications and a web application learning environments for newbies.
WARNING!! – from DVWA: User are not suppose and not encourage to upload it to your hosting provider’s public html folder or any working web server as it will be hacked!!
Step 1: [Installation] Guide from DVWA:
Default username = admin
Default password = password
- Installation of DVWA can be done by installing ‘XAMPP’ if you do not have a web server setup.
- XAMPP is a very easy to install Apache Distribution for Linux, Solaris, Windows and Mac OS X. The package includes the Apache web server, MySQL, PHP, Perl, a FTP server and phpMyAdmin.
- XAMPP can be downloaded from: http://www.apachefriends.org/en/xampp.html
- Simply unzip dvwa.zip, place the unzipped files in your public html folder, then point your browser to http://127.0.0.1/dvwa/index.php
Step 2: [Setup Database]
Click on the Setup button in the main menu, then click on the ‘Create / Reset Database’ button. This will create / reset the database for you with some data in.
‘After installation, DVWA is successful hosted and running on My SQL backend Database’
Any error while trying to create your database, make sure your database credentials are correct within /config/config.inc.php