Damn Vulnerable Webapp

Dawn Vulnerable Webapp Installation

docker pull vulnerables/web-dvwa

sudo docker create --name dvwa -p 80:80 -it vulnerables/web-dvwa

sudo docker ps -a

sudo docker start dvwa

started docker container DVWA

Check ip address and port of container

docker exec -it dvwa /bin/bash

hostnmae -i

ss -ntlpa

listening on port 80 (http) and 3306 (MySQL)

After login with admin / admin we see that some configuratrion are missing

Fix allow_url_include

apt update

apt install nano

cd /etc/php/7.0/apache2

nano php.ini

service apache2 restart

Fix recaptcha key

nano /var/www/html/config/config.inc.php

Search for recaptcha and place private and public key here:

6LedPRUaAAAAAHNz7OibZK4zKY-PVxGqGt_kdrjf

6LedPRUaAAAAABfGeIjtnAf45ZXgYPwH_EyU1c-G

Now we can create the database and we are finish:

Default credentials are admin/password