Building an ethichal hacking lab on your laptop with VirtualBox – Part 11 – Damn Vulnerable Web Application (DVWA)

DVWA is much like the install of Metasploitable and by that I mean simple!

Download DVWA from the download link on their website

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is as the name suggests damn vulnerable.

It’s main goal is to aid security professionals and allow them to test their skills in a legal environment, once setup in our internal environment that is what we will achieve here so let’s get to it!

In VirtualBox click the ‘New’ button to create a new virtual machine and enter in the name type and version as seen in the image below and click on ‘Next’ to continue

1 - DVWA VirtualBox Name Type Version

1 – DVWA VirtualBox Name Type Version

Allocate 1GB of memory as that is enough, you can always increase this later anyway

2 - DVWA RAM allocation

2 – DVWA RAM allocation

Leave the creation of the hard drive with the defaults and click ‘Create’ to continue

3 - DVWA create hard drive

3 – DVWA create hard drive

Leave with the defaults once again and click ‘Next’ to continue as VDI is fine for what we are doing here

4 - DVWA VDI selection

4 – DVWA VDI selection

Defaults are fine again, click ‘Next’ to continue and leave the dynamically allocated disk selected

5 - DVWA Dynamically allocated selection

5 – DVWA Dynamically allocated selection

Leave the defaults again, 8GB’s is fine so click on ‘Create’ to continue

6 - DVWA Hard disk size

6 – DVWA Hard disk size

Once created open up the virtual machine settings and remove the floppy and move the CD/DVD and HDD up in the boot order

7 - DVWA remove floppy move disks

7 – DVWA remove floppy move disks

Next step is to add your ISO to the CD/DVD drive so that you can boot from it

8 - DVWA add ISO to disc drive

8 – DVWA add ISO to disc drive

Next change the NIC to internal so that you do not broadcast on your local network

9 - DVWA change NIC to internal

9 – DVWA change NIC to internal

Finally boot it up and press Enter to continue at the screen below

10 - DVWA first boot press Enter

10 – DVWA first boot press Enter

At the next screen choose the live boot option or just wait and it will boot for you with no interaction

11 - DVWA select live boot

11 – DVWA select live boot

Next you will see the following screen which means you have successfully booted up the live CD

12 - DVWA Booted

12 – DVWA Booted

In the next installment we will go through the installation and configuration of Kali Linux which is a penetration testing distribution created for security professionals and researchers. You will then have something to poke the vulnerable systems installed so far and see what you can do in a safe environment.

 

Leave a Reply