Dvwa Master.zip

0 views

Skip to first unread message

Oswalda Shutte

unread,

Aug 3, 2024, 4:19:49 PM8/3/24

to prosoonunun

DVWA simply stands for Damn Vulnerable Web App, as its name it is a very vulnerable web app whose main goal is to provide aid that is used by security professionals and penetration testers to test their skills and tools in a legal environment. DVWA is PHP/MySQL based web application that helps beginners/students to learn and perform web application security in a legal way.

Let's understand with an example, Suppose you are learning Cyber Security and your trainer started a new topic which is SQL injection and he asked you to create an assignment where you have to demonstrate how databases can be hacked, now you cannot try to hack someone's database because it's not legal, so what will you do?

The simple answer is DVWA that can help you to perform database hacking in your local host and DVWA is not limited to only database hacking it can do various things that we will cover in our upcoming blogs. Now again read the first paragraph, I am damn sure you will understand each and every line.

Step 1: So first we will extract the zip file to install the DVWA, Go to your Downloads folder and find the file named DVWA-master.zip. If you found then run the below command to unzip the file

Step 4: Execution of step 4 will open the configuration file where we need to edit a few fields. If you are doing this first time then make sure your configuration should be the same as the below picture. Write the same code as in the picture.

So if you installed DVWA successfully in your local machine and you don't know the DVWA default login details such as username and password then you can enter the username as admin and password as the password. After entering credentials just click on the Login button and you will see the home page of DVWA where you can start performing your web testing.

As we discussed in the definition that with DVWA you can perform various web app testing like brute force, command injection, SQL injection, XSS Vulnerabilities, Account details etc. If you installed DVWA and want to learn further how to use it and how to perform web testing or attacks then you can visit my free tutorial blog on SQL injection where I have told in detail what is SQL injection and how you can perform it in DVWA. Click on SQL Injection on DVWA to learn more.

DVWA is the best application that every beginner who is learning Cyber Security should use it;'s not only safe also it will help you to give practical exposure to web-based attacks. This blog covers the detailed installation of DVWA from scratch.

In order to learn web app exploitation safely (and legally), it is useful to have practice applications to run on your local environment. Damn Vulnerable Web Application (DVWA) was created for just this purpose. DVWA contains many common web vulnerabilities such as SQL injection, XSS, and more that allow you to hone your web hacking skills.

As seen in the screenshot above, we do not currently have execute permissions on the XAMPP installer. To add execute permissions, we perform the following command: chmod +x xampp-linux-x64-7.2.7-0-installer.run (note: make sure to replace the file name with the one that you currently have in your directory).

We need to go into the DVWA configuration file and remove the database password located in the folder /opt/lampp/htdocs/dvwa/config. Once navigated to the directory, we will open the file using Nano text editor (note: you can use whatever text editor you like): nano config.inc.php.dist.

DVWA aims to allow penetration testers, web developers, and security professionals to test their skills and tools in a controlled environment and learn about securing web applications practically, safely, and legally.

DVWA works offline. You can cut off Wi-Fi access, and DVWA will still work. If you set it up correctly on your Kali Linux virtual machine or in Docker and confine your pentesting to your selected location, you risk no damage to the host machine.

For Kali Linux users, run dvwa-start from the Kali Linux terminal. When prompted, enter the Kali Linux password (kali). A Firefox browser window will display the DVWA interface without prompting for any more login credentials.

Extract data on all the five users in the database with the input %' or '0'='0, which yields the following unsanitized SQL query where % is a wildcard character, '0'='0' is a tautology, and the opening and closing straight apostrophes ' match in the underlying PHP code, so that it becomes:

The MySQL documentation reveals that a table called information_schema stores information about the database containing the users table. This table gives us a clue as to where to find the passwords. We also want to ensure we assign values to the two variables $first and $last by returning two columns, not one.

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application intentionally designed to be vulnerable. DVWA aims to allow penetration testers, web developers, and security professionals to test their skills and tools in a controlled environment and learn about practical web application within a safe, secure, and legal environment.

You run DVWA on Kali Linux (on a virtual machine like VirtualBox or VMWare) or Docker and exploit it with attacks such as SQL injection, Cross-Site Scripting (XSS), command injection, session hijacking, and Cross-Site Request Forgery (CSRF). DVWA permits you to practice various techniques and methodologies in web application security testing in an isolated virtual machine or Docker container.

As part of our Injection Attacks: The Free 2020 Guide course, we reviewed concepts of SQL injections, including what blind injections are. Then, we practiced various techniques against the OWASP Juice Shop and the Damn Vulnerable Web Application (DVWA) to demonstrate the dangers of such attacks, and also to learn how to defend our own applications. In this post, we perform one of the attacks demonstrated in the course: blind SQL injections with SQLMap against the DVWA.

Submit an ID change request in the DVWA, and you should see a response back letting us know that it went through.
Pull up the POST request in ZAP by double-clicking it in the History tab, and we should have information that helps us formulate our SQLMap attack, such as seeing what gets sent in the POST request:

We can replay the same command, but instead of running --dbs, we will extract table names with --tables, but since we really only care about the DVWA database, we can use -D dvwa to limit our results.

At this point, not only did it extract all of the information from the users table, but the default options also attempted to crack the passwords, and since they were easy and md5 hash, it cracked them in very little time. So now, the output contains both the hash and the actual password in parentheses.

I wanted to run a flask application using nginx. I have gone through this tutorial and up to the point when I start service using wsgi from command line everything works fine (which means I can access my page on localhost:8000 and display Hello, there! message). The location of my project is as follows:

When I enter localhost or my ip address in the browser I have 404 nginx message. I am running latest kali linux version (that's because I wanted to play around with another project - dvwa and learn a few things). One final notice: I know that using root account is a bad idea when it comes to production purposes, but this project is not intended to do so.

OK, there were several problems with my settings. First of all, including default sites-enabled override my settings. Second, I changed server name to match all cases. Last but not least the socket had to be given 666 instead of 660 rights.