1,sudo apt-get -y install apache2 mariadb-server php php-mysql php-gd libapache2-mod-php
2,https://github.com/digininja/DVWA
3,sudo service mariadb start;sudo service apache2 start
4,mysql_secure_installation
5,wsl kali之/mnt/c or d,解压、改名、移动为/var/www/html/dvwa。cd /var/www/html,chmod -R xxx dvwa/(这一步不可少)
6,mysql -u root -p
7,仿:(如果是phpstudy则不可用,有坑。因为限制了远程数据库root的权限,必须在本机或管理面板创建数据库用户dvwa)
CREATE DATABASE dvwa;CREATE USER 'dvwa'@'%' IDENTIFIED BY 'XXXXXXXXX';
GRANT ALL ON dvwa.* TO 'dvwa'@'%';
8,编辑 your DVWA configuration file (located at /config/config.inc.php)
9,编辑。allow_url ----均为On,即allow_url_fopen = On 和 allow_url_include = On
10,密钥
$_DVWA[ 'recaptcha_public_key' ] = '6LdK7xITAAzzAAJQTfL7fu6I-0aPl8KHHieAT_yJg';
$_DVWA[ 'recaptcha_private_key' ] = '6LdK7xITAzzAAL_uw9YXVUOPoIHPZLfw2K1n5NVQ';
sudo service apache2 restart
初次运行时先reset数据库:http://127.0.0.1/dvwa/setup.php
然后登陆:http://127.0.0.1/dvwa/login.php with admin/xxxxxxxx
sudo apt-cache madison php-gd 查版本
11,如果是phpstudy则
sudo find /usr/local/phpstudy/ -name php.ini
sudo find /www -name php.ini
然后修改两个Allow_url为On