Subscribe For Free Updates!

We'll not spam mate! We promise.

Friday, 23 August 2013

How to Install Damn Vulnerable Web App in Linux Backtrack 5 R1

How to Install Damn Vulnerable Web App in Linux Backtrack 5 R1 



Backtrack is the best Linux distribution for penetration testing and ethical hacking purposes,
backtrack 5 R1 is the latest one and as discussed tutorials about backtrack 5 are also applicable on backtrack 5 R1. 
So in this tutorial I will tell you how to install damn vulnerable web application on backtrack machine, 
However you can install damn vulnerable web application on windows, MAC and some other Linux distribution like Ubuntu process is approximately 

        What Is Damn Vulnerable Web Application?


Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
It is a best platform to practice web application hacking and security.


              Damn Vulnerable Web Application Tutorial Backtrack 5 R1 



Generally we need xampp server to setup damn vulnerable web application but xampp server is nothing but a collection of apache, sql, perl, PHP, openssl and other server side software's but backtrack 5 has all of these software's installed. It means there is no need to install xampp on backtrack machine. All you need to do is to get damn vulnerable web app and put it on the root directory of backtrack. We have a wonderful bash that automate all the process.


            #/bin/bashecho -e "\n#######################################"echo -e "# Damn Vulnerable Web App Installer Script #"echo -e "#######################################"echo " Coded By: Travis Phillips"echo " Website: http://theunl33t.blogspot.com"echo -e -n "\n[*] Changing directory to /var/www..."cd /var/www > /dev/nullecho -e "Done!\n"

echo -n "[*] Removing default index.html..."rm index.html > /dev/nullecho -e "Done!\n"

echo -n "[*] Changing to Temp Directory..."cd /tmpecho -e "Done!\n"

echo "[*] Downloading DVWA..."wget http://voxel.dl.sourceforge.net/project/dvwa/DVWA-1.0.7.zipecho -e "Done!\n"

echo -n "[*] Unzipping DVWA..."unzip DVWA-1.0.7.zip > /dev/nullecho -e "Done!\n"

echo -n "[*] Deleting the zip file..."rm DVWA-1.0.7.zip > /dev/nullecho -e "Done!\n"

echo -n "[*] Copying dvwa to root of Web Directory..."cp -R dvwa/* /var/www > /dev/nullecho -e "Done!\n"

echo -n "[*] Clearing Temp Directory..."rm -R dvwa > /dev/nullecho -e "Done!\n"

echo -n "[*] Enabling Remote include in php.ini..."cp /etc/php5/apache2/php.ini /etc/php5/apache2/php.ini1sed -e 's/allow_url_include = Off/allow_url_include = On/' /etc/php5/apache2/php.ini1 > /etc/php5/apache2/php.inirm /etc/php5/apache2/php.ini1echo -e "Done!\n"

echo -n "[*] Enabling write permissions to /var/www/hackable/upload..."chmod 777 /var/www/hackable/uploads/echo -e "Done!\n"

echo -n "[*] Starting Web Service..."service apache2 start &> /dev/nullecho -e "Done!\n"

echo -n "[*] Starting MySQL..."service mysql start &> /dev/nullecho -e "Done!\n"

echo -n "[*] Updating Config File..."cp /var/www/config/config.inc.php /var/www/config/config.inc.php1sed -e 's/'\'\''/'\''toor'\''/' /var/www/config/config.inc.php1 > /var/www/config/config.inc.phprm /var/www/config/config.inc.php1echo -e "Done!\n"

echo -n "[*] Updating Database..."wget --post-data "create_db=Create / Reset Database" http://127.0.0.1/setup.php &> /dev/nullmysql -u root --password='toor' -e 'update dvwa.users set avatar = "/hackable/users/gordonb.jpg" where user = "gordonb";'mysql -u root --password='toor' -e 'update dvwa.users set avatar = "/hackable/users/smithy.jpg" where user = "smithy";'mysql -u root --password='toor' -e 'update dvwa.users set avatar = "/hackable/users/admin.jpg" where user = "admin";'mysql -u root --password='toor' -e 'update dvwa.users set avatar = "/hackable/users/pablo.jpg" where user = "pablo";'mysql -u root --password='toor' -e 'update dvwa.users set avatar = "/hackable/users/1337.jpg" where user = "1337";'echo -e "Done!\n"

echo -e -n "[*] Starting Firefox to DVWA\nUserName: admin\nPassword: password"firefox http://127.0.0.1/login.php &> /dev/null &echo -e "\nDone!\n"echo -e "[\033[1;32m*\033[1;37m] DVWA Install Finished!\n"



Copy this code open text editor paste and than save it to whatever.sh and than open yout terminal locate the directory where you have saved this file before than use.


sh whatever.sh

You are done your damn vulnerable web application are install successfully, 



Socialize This Post
SOCIALIZE IT →
FOLLOW →
SHARE IT →

0 comments:

Post a Comment