dvwa 测试靶机简易安装
dvwa 安装
yum install -y nginx php-fpm php-mysql php-gd
systemctl start nginx.service php-fpm.service
systemctl enable nginx.service php-fpm.service
---------------------
yum remove mariadb-libs-5.5.60-1.el7_5.x86_64 -y
rpm -qa |grep mariadb
yum install mariadb-server -y
systemctl start mariadb
systemctl enable mariadb
mysql_secure_installation
回车
n
y
y
y
y
mysql
create database nginx_1;
grant all privileges on nginx_1.* to nginx_1@localhost identified by '123456';
----------------------------------
wget https://github.com/ethicalhack3r/DVWA/archive/master.zip
cd /usr/share/nginx/html/DVWA/config
cp config.inc.php.dist config.inc.php
vim config.inc.php
$_DVWA[ 'db_server' ] = '127.0.0.1';
$_DVWA[ 'db_database' ] = 'nginx_1';
$_DVWA[ 'db_user' ] = 'nginx_1';
$_DVWA[ 'db_password' ] = '123456';
29行、30行 替换
$_DVWA[ 'recaptcha_public_key' ] = '6LdJJlUUAAAAAH1Q6cTpZRQ2Ah8VpyzhnffD0mBb';
$_DVWA[ 'recaptcha_private_key' ] = '6LdJJlUUAAAAAM2a3HrgzLczqdYp4g05EqDs-W4K';
chmod -R +777 /usr/share/nginx/html/DVWA/hackable/uploads/
chmod -R +777 /usr/share/nginx/html/DVWA/external/phpids/0.6/lib/IDS/tmp
chmod -R +777 /usr/share/nginx/html/DVWA/config
sed -i 's/allow_url_include = Off/allow_url_include = On/g' /etc/php.ini
systemctl restart nginx.service php-fpm.service mariadb.service
访问:ip/DVWA
DVWA 的默认登陆帐号是 admin 密码是 password
dvwa一键安装
wget -c http://soft.vpser.net/lnmp/lnmp1.4.tar.gz && tar zxf lnmp1.4.tar.gz && cd lnmp1.4 && ./install.sh lamp
--------------------------
cd /home/wwwroot/default/
wget https://github.com/ethicalhack3r/DVWA/archive/master.zip
unzip master.zip
mv DVWA-master/ DVWA
cd /home/wwwroot/default/DVWA/config
cp config.inc.php.dist config.inc.php
sed -i 's/p@ssw0rd/123456/g' config.inc.php.dist
将 $_DVWA[ 'db_password' ] = 'p@ssw0rd'; 这行的密码修改为我们的 MySQL 使用的默认密码
29行、30行 替换
$_DVWA[ 'recaptcha_public_key' ] = '6LdJJlUUAAAAAH1Q6cTpZRQ2Ah8VpyzhnffD0mBb';
$_DVWA[ 'recaptcha_private_key' ] = '6LdJJlUUAAAAAM2a3HrgzLczqdYp4g05EqDs-W4K';
chmod -R +w /home/wwwroot/default/DVWA/hackable/uploads/
chmod -R +w /home/wwwroot/default/DVWA/external/phpids/0.6/lib/IDS/tmp
chmod -R +w /home/wwwroot/default/DVWA/config
sed -i 's/allow_url_include = Off/allow_url_include = On/g' /usr/local/php/etc/php.ini
systemctl restart nginx.service php-fpm.service mariadb.service
访问:ip/DVWA
菜鸟9528号,请求开炮。