DVWA初始化

centos7部署DVWA

创建数据库和dvwa用户，设置远程访问

1
2
3

create database dvwa;
grant all on dvwa.* to dvwa@'%' identified by 'dvwa12345';
flush privileges;

安装apache+php，启动httpd

1
2
3

yum -y install apache2 php php-mysqli php-gd libapache2-mod-php
systemctl start httpd
systemctl enable httpd

验证php

1	echo -e "<?php\nphpinfo();\n?>" > /var/www/html/phpinfo.php

开放防火墙

1 2	firewall-cmd --add-port=80/tcp --permanent firewall-cmd --reload

部署dvwa

cd /var/www/html/
git clone https://github.com/digininja/DVWA.git
##太慢就直接下载zip上传上去
unzip DVWA-master.zip
mv DVWA-master dvwa
cd /var/www/html/dvwa
chmod -R 755 setup.php

初始化dvwa

访问http://ip/dvwa/

1	DVWA System error - config file not found. Copy config/config.inc.php.dist to config/config.inc.php and configure to your environment.

进入/var/www/html/dvwa/config目录

1	cp config.inc.php.dist config.inc.php

vim config.inc.php

配置数据库

$_DVWA = array();
$_DVWA[ 'db_server' ]   = 'localhost';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ]     = 'dvwa';
$_DVWA[ 'db_password' ] = 'dvwa12345';
$_DVWA[ 'db_port'] = '3306';

注意这里要是localhost，127.0.0.1不行

添加keys，可访问这里获取

1
2
3

#   You'll need to generate your own keys at: https://www.google.com/recaptcha/admin
$_DVWA[ 'recaptcha_public_key' ]  = '6LePqhAUAAAAAH6Bn2okO9-8G-zNw46PNhotV4Q6';
$_DVWA[ 'recaptcha_private_key' ] = '6LePqhAUAAAAAMVqhBbFr1NVA9H13FKyfAgBeZYx';

红字报错解决

vim /etc/php.ini
## 更改成如下配置
allow_url_fopen = On
allow_url_include = On

1
2
3

[User: root] Writable folder /var/www/html/dvwa/hackable/uploads/: **No**
[User: root] Writable file /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp/phpids_log.txt: **No**
[User: root] Writable folder /var/www/html/dvwa/config: **No**

解决方法：