Kali与编程:如何快速搭建OWASP网站安全实验靶场?

学网站安全没实验靶场,怎么办?我们强烈推荐OWASP,它是基础Ubuntu Linux搭建起来的靶机,里面包含DVWA、bWAPP等子靶场,安装一个靶场顶安装好几个!

1.下载OWASP靶场
https://sourceforge.net/projects/owaspbwa/files/latest/download

2.安装OWASP靶场
(1)扫描虚拟机
图片: https://uploader.shimo.im/f/JA5uNeLKJ7eJ9Pt9.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

(2)定位到OWASP的下载路径【每个人不一样】
图片: https://uploader.shimo.im/f/X2P8CNg55inmqiDF.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

(3)扫描出可用虚拟机,点击完成,而后点击关闭
图片: https://uploader.shimo.im/f/FQUXNx0OOD568UZI.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

图片: https://uploader.shimo.im/f/E98ij7Q0yvXy4zVE.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

(4)点击开启虚拟机,开始配置图片: https://uploader.shimo.im/f/X8fWV3IzzPsc6VrI.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

(5)按提示输入用户名和密码
用户名:root
密码:owaspbwa
注:为保护密码安全,输入密码时默认是不显示的!
图片: https://uploader.shimo.im/f/Wn5mEZZulDhDjANg.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU

(6)查询IP地址
ipconfig
(7)打开物理机的浏览器,访问IP地址,若出现此页面说明安装成功
后续我们经常需要用到这个靶场进行渗透测试
图片: https://uploader.shimo.im/f/bjBynrF0649d9Srw.png!thumbnail?accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6ImRlZmF1bHQiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhY2Nlc3NfcmVzb3VyY2UiLCJleHAiOjE2NTQ2OTIzOTgsImZpbGVHVUlEIjoibTRrTUxKWDQyUEg1ZGJxRCIsImlhdCI6MTY1NDY5MjA5OCwidXNlcklkIjo1MzMxNDM5M30.qdGAJ-WBAX33h_MH-pWhb4g5w7SLUpFb6fafNtCAHKU
点我学习更多网络安全技术!

posted @ 2022-06-08 21:07  Kali与编程  阅读(68)  评论(0编辑  收藏  举报  来源