{"id":9653,"date":"2021-07-12T22:03:26","date_gmt":"2021-07-12T19:03:26","guid":{"rendered":"https:\/\/kifarunix.com\/?p=9653"},"modified":"2024-03-18T19:38:59","modified_gmt":"2024-03-18T16:38:59","slug":"install-and-setup-dvwa-on-rocky-linux-8","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-and-setup-dvwa-on-rocky-linux-8\/","title":{"rendered":"Install and Setup DVWA on Rocky Linux 8"},"content":{"rendered":"\n

If you want to play around with Damn Vulnerable Web Application<\/a>, then follow through this guide to learn how to install and setup DVWA on Rocky Linux 8 as a legal environment to run your web application security tests.<\/p>\n\n\n\n

Installing DVWA on Rocky Linux 8<\/h2>\n\n\n\n

Install LAMP Stack on Rocky Linux 8<\/h3>\n\n\n\n

One of the major requirements for setting up DVWA lab is to have LAMP Stack up and running. Follow the guides below to learn how to install LAMP stack on Rocky Linux 8.<\/p>\n\n\n\n

Note that we use PHP 7.4.<\/p>\n\n\n\n

Install LAMP Stack with MariaDB 10 on Rocky Linux 8<\/a><\/p>\n\n\n\n

Install additional PHP modules and other packages;<\/p>\n\n\n\n

dnf install php-gd git vim<\/code><\/pre>\n\n\n\n
Create DVWA Database and Database User<\/h3>\n\n\n\n
Once the LAMP stack installation is done, proceed to create MariaDB DVWA database and database user.<\/p>\n\n\n\n
mysql -u root -p<\/code><\/pre>\n\n\n\n
Create DVWA database. Replace the database name accordingly.<\/p>\n\n\n\n
create database dvwa;<\/code><\/pre>\n\n\n\n
Create DVWA database user and grant all privileges. Replace the database user accordingly.<\/p>\n\n\n\n
grant all on dvwa.* to dvwauser<\/strong>@localhost identified by 'Str0nGp@ssword<\/strong>';<\/code><\/pre>\n\n\n\n
Reload the privileges table and exit the database.<\/p>\n\n\n\n
flush privileges;<\/code><\/pre>\n\n\n\n
quit<\/code><\/pre>\n\n\n\n
Install DVWA on Rocky Linux 8<\/h3>\n\n\n\n
Clone the latest version of the DVWA to Apache default web root directory, \/var\/www\/html<\/code><\/strong>.<\/p>\n\n\n\n
git clone https:\/\/github.com\/digininja\/DVWA.git \/var\/www\/html\/<\/code><\/pre>\n\n\n\n
Check the contents of \/var\/www\/html\/<\/code>.<\/p>\n\n\n\n
ls -1 \/var\/www\/html\/<\/code><\/pre>\n\n\n\n
about.php\nCHANGELOG.md\nconfig\nCOPYING.txt\ndocs\ndvwa\nexternal\nfavicon.ico\nhackable\nids_log.php\nindex.php\ninstructions.php\nlogin.php\nlogout.php\nphpinfo.php\nphp.ini\nREADME.md\nREADME.zh.md\nrobots.txt\nsecurity.php\nsetup.php\ntests\nvulnerabilities\n<\/code><\/pre>\n\n\n\n
Configure DVWA on Rocky Linux 8<\/h3>\n\n\n\n
Setup DVWA Database Connection<\/h4>\n\n\n\n
Begin by renaming the sample configuration file \/var\/www\/html\/config\/config.inc.php.dist<\/code><\/strong> to \/var\/www\/html\/config\/config.inc.php<\/code><\/strong><\/p>\n\n\n\n
cp \/var\/www\/html\/config\/config.inc.php{.dist,}<\/code><\/pre>\n\n\n\n
Next, edit the configuration file, \/var\/www\/html\/config\/config.inc.php<\/code><\/strong> and set the database connection details.<\/p>\n\n\n\n
vim \/var\/www\/html\/config\/config.inc.php<\/code><\/pre>\n\n\n\n
Replace the database and database user and the password accordingly.<\/p>\n\n\n\n…\n
# Database variables\n...\n$_DVWA = array();\n$_DVWA[ 'db_server' ]   = '127.0.0.1';\n$_DVWA[ 'db_database' ] = 'dvwa';\n$_DVWA[ 'db_user' ]     = 'dvwauser';\n$_DVWA[ 'db_password' ] = 'Str0nGp@ssword';\n<\/srong><\/code><\/pre>\n…\n\n\n\n
Install reCAPTCHA keys<\/h4>\n\n\n\n
Generate recapture values from Google service<\/a>.<\/p>\n\n\n\n
Once generated, simply copy and paste the site key<\/strong> and site secret key<\/strong> to $_DVWA[ 'recaptcha_public_key' ]<\/code><\/strong> and $_DVWA[ 'recaptcha_private_key' ]<\/strong><\/code> respectively.<\/p>\n\n\n\n…\n
# ReCAPTCHA settings\n#   Used for the 'Insecure CAPTCHA' module\n#   You'll need to generate your own keys at: https:\/\/www.google.com\/recaptcha\/admin\n$_DVWA[ 'recaptcha_public_key' ]  = '6Lc4BsMUAAAAAKs72dKl4ZTVsA8giXiN7yqQcoVz';\n$_DVWA[ 'recaptcha_private_key' ] = '6Lc4BsMUAAAAAI9v0sd_xvlh_PMXTcgtqRYJ6VEd';<\/strong>\n<\/code><\/pre>\n…\n\n\n\n
Save and exit the configuration file.<\/p>\n\n\n\n
Restart MariaDB<\/p>\n\n\n\n
systemctl restart mariadb<\/code><\/pre>\n\n\n\n
Configure PHP<\/h3>\n\n\n\n
The version PHP installed in our case here is 7.4.<\/p>\n\n\n\n
php -v<\/code><\/pre>\n\n\n\n
PHP 7.4.6 (cli) (built: May 12 2020 08:09:15) ( NTS )\nCopyright (c) The PHP Group\nZend Engine v3.4.0, Copyright (c) Zend Technologies\n    with Zend OPcache v7.4.6, Copyright (c), by Zend Technologies<\/code><\/pre>\n\n\n\n
Proceed to edit \/etc\/php.ini<\/strong><\/code><\/strong> and make the following changes.<\/p>\n\n\n\n
vim \/etc\/php.ini<\/code><\/pre>\n\n\n\n