• KALI搭建DVWA


    首先声明一下我不太推荐kali来搭建DVWA,因为kali默认安装的mysql的数据库是mariaDB,DVWA使用那个mariaDB数据库没有root权限

    步骤:

    1. 首先去github上下载DVWA的安装包,网址为:https://github.com/ethicalhack3r/DVWA

    2. 将下载好的压缩包解压并改名为dvwa,然后将其复制到 /var/www/html 文件夹中

    3. 打开终端,执行以下命令:
    将apache2停止:service apache2 stop
    给dvwa文件夹相应的权限:chmod -R 755 /var/www/html/dvwa
    启动mysql服务: service mysql start
    打开mysql: mysql -u root -p
    创建数据库:create database dvwa;
    退出mysql:exit
    启动apache2服务:service apache2 start
    打开浏览器,在地址栏中输入 127.0.0.1/dvwa (或者 localhost/dvwa) ,浏览器会自动跳转到127.0.0.1/dvwa/setup.php 页面,看来要大功告成了,点击页面下方
    Create/Reset Database按钮,竟然不能创建数据库,提示 Could not connect to the MySQL service. Please check the config file. 原来是相应配置文件还没有修改。
    找到/var/www/html/dvwa/config文件夹,打开其中的config.inc.php文件,将$_DVWA[ 'db_password' ] = 'p@ssw0rd'; 这一行改为$_DVWA[ 'db_password' ] = '';

    再次进入上述网址点击Create/Reset Database按钮,提示数据库创建成功。接下来就可以进入DVWA演练平台进行练习了。默认用户名为admin,密码为password。


    !!!!!!出现mysql数据库连接失败问题!!!!!!!!!
    找到php配置文件修改 PHP function allow_url_include:修改为on
    密码设置为空
    主要思路:kali的mysql默认安装的mariaDB,DVWA使用那个mariaDB数据库没有root权限,我在这的解决方法是新建一个数据库并且提权

    下面是上次解决问题是的全程终端界面

    ##########################################################################################
    root@kali:~# whichis php
    bash: whichis: 未找到命令
    root@kali:~# whereis php
    php: /usr/bin/php /usr/bin/php7.2 /usr/lib/php /etc/php /usr/share/php7.2-mysql /usr/share/php7.2-readline /usr/share/php7.2-gd /usr/share/php7.2-json /usr/share/php7.2-common /usr/share/php7.2-opcache /opt/lampp/bin/php /usr/share/man/man1/php.1.gz
    root@kali:~# cd /usr/bin/php
    bash: cd: /usr/bin/php: 不是目录
    root@kali:~# cd /etc/php/
    root@kali:/etc/php# ls
    7.2
    root@kali:/etc/php# cd 7.2/
    root@kali:/etc/php/7.2# ls
    apache2 cli mods-available
    root@kali:/etc/php/7.2# cd apache2/
    root@kali:/etc/php/7.2/apache2# ls
    conf.d php.ini
    root@kali:/etc/php/7.2/apache2# vi php.ini
    root@kali:/etc/php/7.2/apache2# grepit
    bash: grepit: 未找到命令
    root@kali:/etc/php/7.2/apache2# cd /var/www/html/
    root@kali:/var/www/html# ls
    dvwa index.html index.nginx-debian.html
    root@kali:/var/www/html# cd dvwa/
    root@kali:/var/www/html/dvwa# ls
    about.php dvwa index.php php.ini vulnerabilities
    CHANGELOG.md external instructions.php README.md
    config favicon.ico login.php robots.txt
    COPYING.txt hackable logout.php security.php
    docs ids_log.php phpinfo.php setup.php
    root@kali:/var/www/html/dvwa# cd config/
    root@kali:/var/www/html/dvwa/config# ls
    config.inc.php
    root@kali:/var/www/html/dvwa/config# vim config.inc.php
    root@kali:/var/www/html/dvwa/config# mysql -u root -p abcd
    Enter password:
    ERROR 1049 (42000): Unknown database 'abcd'
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 43
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> quit
    Bye
    root@kali:/var/www/html/dvwa/config# vim config.inc.php
    root@kali:/var/www/html/dvwa/config# service apache restart
    Failed to restart apache.service: Unit apache.service not found.
    root@kali:/var/www/html/dvwa/config# service apache2 restart
    root@kali:/var/www/html/dvwa/config# service mysql restart
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 35
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> use mysql;
    Reading table information for completion of table and column names
    You can turn off this feature to get a quicker startup with -A

    Database changed
    MariaDB [mysql]> update user set password=PASSWORD('') where User='root';
    Query OK, 1 row affected (0.01 sec)
    Rows matched: 1 Changed: 1 Warnings: 0

    MariaDB [mysql]> flush privileges;
    Query OK, 0 rows affected (0.01 sec)

    MariaDB [mysql]> create database dvwa;
    Query OK, 1 row affected (0.00 sec)

    MariaDB [mysql]> quit
    Bye
    root@kali:/var/www/html/dvwa/config# service mysql restart
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 34
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> create user dvwa;
    Query OK, 0 rows affected (0.00 sec)

    MariaDB [(none)]> flush privileges;
    Query OK, 0 rows affected (0.00 sec)

    MariaDB [(none)]> quit
    Bye
    root@kali:/var/www/html/dvwa/config# cd /var/www/html/dvwa/config/
    root@kali:/var/www/html/dvwa/config# vi config.inc.php
    root@kali:/var/www/html/dvwa/config# service mysql restart
    root@kali:/var/www/html/dvwa/config# service apache2 restart
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 34
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> quit
    Bye
    root@kali:/var/www/html/dvwa/config# mysql -u dvwa -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 35
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> showdatabases;
    ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'showdatabases' at line 1
    MariaDB [(none)]> show databases;
    +--------------------+
    | Database |
    +--------------------+
    | information_schema |
    +--------------------+
    1 row in set (0.00 sec)

    MariaDB [(none)]>
    MariaDB [(none)]> quir
    -> Ctrl-C -- exit!
    Aborted
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 36
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> drop database dvwa;
    Query OK, 0 rows affected (0.00 sec)

    MariaDB [(none)]> show databases;
    +--------------------+
    | Database |
    +--------------------+
    | information_schema |
    | mysql |
    | performance_schema |
    +--------------------+
    3 rows in set (0.00 sec)

    MariaDB [(none)]> Ctrl-C -- exit!
    Aborted
    root@kali:/var/www/html/dvwa/config# service mysql restart
    root@kali:/var/www/html/dvwa/config# service apache2 restart
    root@kali:/var/www/html/dvwa/config# GRANT ALL PRIVILEGES ON dvwa.* TO dvwa IDENTIFIED BY"";
    bash: GRANT: 未找到命令
    root@kali:/var/www/html/dvwa/config# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 36
    Server version: 10.1.29-MariaDB-6 Debian buildd-unstable

    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON dvwa.* TO dvwa IDENTIFIED BY"";
    Query OK, 0 rows affected (0.00 sec)

    MariaDB [(none)]> FLUSH PRIVILEGES;
    Query OK, 0 rows affected (0.00 sec)

    MariaDB [(none)]> quit
    Bye
    root@kali:/var/www/html/dvwa/config# service mysql restart
    root@kali:/var/www/html/dvwa/config# service apache2 restart
    root@kali:/var/www/html/dvwa/config#

  • 相关阅读:
    优酷土豆的Redis服务平台化之路
    [C#]使用Gembox.SpreadSheet向Excel写入数据及图表
    [C#]使用Join与GroupJoin将两个集合进行关联与分组
    [C#]使用TcpListener及TcpClient开发一个简单的Chat工具
    超棒黑客必备清单
    [C#]使用dnSpy对目标程序(EXE或DLL)进行反编译修改并编译运行
    [C#源代码]使用SCPI指令对通信端口(RS232/USB/GPIB/LAN)进行仪器编程
    [C#]使用Costura.Fody将源DLL合并到目标EXE
    [C#]使用ILMerge将源DLL合并到目标EXE(.NET4.6.2)
    详解C#7.0新特性
  • 原文地址:https://www.cnblogs.com/threesoil/p/9855642.html
Copyright © 2020-2023  润新知