Damn Vulnerable Web Application

Disclaimer

This guide is solely for educational purposes only. Any acts of hacking taught here is for Ethical Hacking. Any hacking actions done without permission of owner is considered an illegal act by the law. Hence, do practice on your own network structure and your own devices.

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. It usually be used for hacking practice as it is intentionally being made vulnerable. I will explain how to setup DVWA to be used:

1. Move directory to web root directory

cd /var/www/html

2. Download the master file from DVWA GitHub

wget https://github.com/ethicalhack3r/DVWA/archive/master.zip

3. Extract the file

unzip master.zip

4. Change the owner of /var/www/html

chown -R www-data:www-data/var/www/html

You can check the owner status for each file by using command “ls -l”

5. start web server and database in Kali Linux

service apache2 start; service mysql start

6.Open in your browser using IP

Leave a Reply

Your email address will not be published. Required fields are marked *