DVWA 靶场搭建流程

在Linux系统中安装DVWA

# apt-get install mysql-server -y
# apt-get install mysql-client
# service mysql start 
# mysql
mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.33-0ubuntu0.16.04.1 (Ubuntu)Copyright (c) 2000, 2021, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SET PASSWORD FOR 'root'@'localhost' = 'root';
Query OK, 0 rows affected (0.00 sec)mysql> exit
Bye

# apt-get install php -y
# apt-get install nginx -y
# apt-get install apache2 -y
# apt-get install libapache2-mod-php
# apt-get install php-gd php-mysql -y

# wget https://github.com/digininja/DVWA/archive/master.zip# mv master.zip /var/www/html/
# cd /var/www/html
# unzip master.zip
# mv DVWA-master dvwa
# mv dvwa/config/config.inc.php.dist dvwa/config/config.inc.php
# vim dvwa/config/config.inc.php
$_DVWA[ 'db_password' ] = 'root';

# mysql -uroot -proot
mysql> create database dvwa;
Query OK, 1 row affected (0.00 sec)mysql> create user dvwa@localhost identified by 'root';
Query OK, 0 rows affected (0.00 sec)mysql> grant all on dvwa.* to dvwa@localhost;
Query OK, 0 rows affected (0.00 sec)mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)mysql> exit
Bye

# vim /etc/php/7.0/apache2/php.ini
allow_url_include = On
ServerName localhost:80
# vim /etc/apache2/apache2.conf# chmod -R 777 dvwa/hackable/uploads/
# rm in*# service apache2 restart
# cd /root

当可以进入该网页（127.0.0.1/dvwa/setup.php）时表示安装成功

登录是用户名/密码：admin/password