Installing DVWA on Backtrack



If you are visiting this site means you have an interest in hacking and security related things. Today in this post you will learn how to install Damn Vulnerable Web Application (DVWA) and build you own mini pen testing lab.

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. you can practice various attacks like SQL injection, XSS, CSRF, File upload etc using it. In this post i will show you how to setup DVWA in Backtrack the easy way and start learning various methods of web application attack without hacking into someone else's website.
Please note that not recommended to install it on your hosting.

Steps to install DVWA are -

1. Download DVWA

2. Now Extract into local web server root (var/www)
      unzip DVWA-1.0.7.zip -d /var/www/ 




3. Set permission of DVWA into 755
     chmod -R 755 /var/www/dvwa



4. Now open the DVWA folder and open the config folder in it. Now open the config.inc.php file via gedit text editor and enter your login password as shown in the picture and save it.



5. Run MySQL, Start menu->Backtrack->Service->MySQL->Start Mysql

6. Run Apache, Star menu->Backtrack->Service->HTTPD->apache start

7. Now run your dvwa from your favorite browser  http://127.0.0.1/dvwa

8. Now login to DVWA. The default login id is admin and password is password.

9. Now click on Setup --> create / reset database



Now your own mini pen testing lab is ready where you can practice various attacks.