Home / Hacking / Setting up Damn Vulnerable Web Application (DVWA) – Pentesting Lab

Setting up Damn Vulnerable Web Application (DVWA) – Pentesting Lab

Fixing missing modules

If a module is shown as missing , then we need to install it. In my case, everything is installed. Most likely, since you are also using XAMPP, everything would be installed. However, if that is not the case, then you have to figure out how to install the modules. If you aren’t using XAMPP and did everything manually, then apt-get would be the way to go. Otherwise look at XAMPP’s (or whichever bundle you are using) documentation.

Fixing File Ownership

We need to give www-data user write access to two directories. We’ll can use chgrp and chmod commands in unison to give only the privileges that are needed, or we could go the lazy way and use chmod 777 (full read, write and execute privileges to everyone). I’m feeling lazy and I’m just gonna go the chmod way. Run the command below-

chmod 777 <directory> Replace directory with the correct directory.

Configure your web application pentesting lab - 30

This is the last thing that needs to be done

Configure your web application pentesting lab - 31

Everything is green finally! Also, notice the credentials, we’ll need it later.
“admin // password”

Configure your web application pentesting lab - 32

Database created. Populated with tables.

Configure your web application pentesting lab - 33

Finally the damn vulnerable application is running.

The username = “admin” and password is “password” (“admin // password” that we saw three pics ago).

Configure your web application pentesting lab - 34

Everything is running perfectly. This is the page you should see after successful login.

Check Also

A .vimrc config file everyone should use

Ever had that issue when you login to a Linux terminal, editing a file and …

Remove cloud-init from Ubuntu - blackMORE Ops - 2

Remove cloud-init from Ubuntu

Cloud images are operating system templates and every instance starts out as an identical clone …

Use WordPress.com, Twitter, Facebook, or Google+ accounts to comment (anonymous comments allowed)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.