Today, We will see how can we install DVWA on the localhost and practice our skills on legal environment.
4) Now, Open "dvwa" folder, "DVWA-MASTER". There will be a folder named "config". Open that folder and you can see a file named "config.inc.php.dist".
5) Copy "config.inc.php.dist" file and paste it in same folder. and rename it to .php extension "config.inc.php".
6) Now, Edit "config.inc.php" file with notepad and remove "p@ssw0rd" from $_DVWA[ 'db_password' ] = 'p@ssw0rd';
So, the command would be : $_DVWA[ 'db_password' ] = '';
and save the file.
12) Now, You can see the folders and files those are inside your htdocs folder. Click on the dvwa. and you will the dvwa setup page as shown below :
13) Scroll down the screen, You will a button Create/Reset database. Click on that button.
14) After clicking on that button, Your database would be created. Now, scroll down your screen You will see, Setup successful. Please Login. Click on Login.
15) Now, You will see the login panel of dvwa. The default username is admin and password is password.
Congratulations. DVWA is successfully setup. Now You can test your hacking skills and attacks on your local server in which most vulnerabilities are very famous. So, you can test those vulnerabilities on your localhost in four security levels :
1) Low
2) Medium
3) High
4) Impossible
And You can see the database of dvwa also. It is shown in the below screenshot.
Thank You
 |
1) What is DVWA ?
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
 |
| Download From the link given in screenshot or above. |
3) Download the zip file and extract it and rename it to "dvwa".
 |
| Extract the downloaded dvwa zip and rename it to dvwa. |
4) Now, Open "dvwa" folder, "DVWA-MASTER". There will be a folder named "config". Open that folder and you can see a file named "config.inc.php.dist".
 |
| Open config folder |
5) Copy "config.inc.php.dist" file and paste it in same folder. and rename it to .php extension "config.inc.php".
 |
6) Now, Edit "config.inc.php" file with notepad and remove "p@ssw0rd" from $_DVWA[ 'db_password' ] = 'p@ssw0rd';
So, the command would be : $_DVWA[ 'db_password' ] = '';
and save the file.
 |
7) For installing dvwa on your local server, You will have to install XAMPP on your windows machine and if you are a linux user, You could use LAMPP.
If you have installed it already Skip this step ;)
8) Download Xampp and install it.
Download Link : https://www.apachefriends.org/download.html
 |
| Download Xampp Image screenshot. |
9) After completing the installation of XAMPP, copy the extracted DVWA folder and paste it into :
C:\xampp\htdocs\
 |
| Move that folder in xampp\htdocs |
10) Now, Run XAMPP software and Start Apache and MySQL service and Minimize it.
 |
| Start Apache and MySQL service in XAMPP |
11) Open your browser, and type in the url : "localhost" and hit enter.
 |
| Open browser and type localhost in the URL |
12) Now, You can see the folders and files those are inside your htdocs folder. Click on the dvwa. and you will the dvwa setup page as shown below :
 |
13) Scroll down the screen, You will a button Create/Reset database. Click on that button.
 |
14) After clicking on that button, Your database would be created. Now, scroll down your screen You will see, Setup successful. Please Login. Click on Login.
 |
15) Now, You will see the login panel of dvwa. The default username is admin and password is password.
 |
Congratulations. DVWA is successfully setup. Now You can test your hacking skills and attacks on your local server in which most vulnerabilities are very famous. So, you can test those vulnerabilities on your localhost in four security levels :
1) Low
2) Medium
3) High
4) Impossible
 |
And You can see the database of dvwa also. It is shown in the below screenshot.
 |
Thank You
0 Comments
Please do not enter any spam link in the comment box.