Korban: Install DVWA 1.9

From OnnoWiki
Revision as of 10:41, 18 January 2020 by Onnowpurbo (talk | contribs) (Konfigurasi)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Download

cd /usr/local/src
wget https://github.com/RandomStorm/DVWA/archive/v1.9.zip


Persiapan

Edit 

vi /etc/apt/sources.list



deb http://archive.ubuntu.com/ubuntu bionic main universe multiverse
deb http://archive.ubuntu.com/ubuntu bionic-security main universe multiverse
deb http://archive.ubuntu.com/ubuntu bionic-updates main universe multiverse

Jalankan 

sudo add-apt-repository ppa:ondrej/php

sudo apt update
sudo apt -y install php7.0 php5.6 php5.6-mysql \
php5.6-mbstring php-mbstring php7.0-mbstring \
php-xdebug libapache2-mod-php5.6 libapache2-mod-php7.0 \
apache2 php5.6 php5.6-xmlrpc php5.6-mysql php5.6-gd \
php5.6-cli php5.6-curl php5.6-curl php-pear unzip

sudo a2dismod php7.0 ; sudo a2enmod php5.6 ; sudo service apache2 restart

Install Percona

cd /usr/local/src
wget https://repo.percona.com/apt/percona-release_latest.$(lsb_release -sc)_all.deb
dpkg -i percona-release_latest.$(lsb_release -sc)_all.deb
apt update
apt -y install percona-server-server-5.7

Set password root percona, kalau masih dalam proses belajar bisa menggunakan 123456

unzip DVWA

mv v1.9.zip /var/www/html
cd /var/www/html
unzip v1.9.zip

cd /var/www/html/DVWA-1.9/external/phpids/0.6/lib/IDS
chmod -Rf 777 tmp
chown -Rf nobody.nogroup tmp
chmod -Rf 777 /var/www/html/DVWA-1.9/hackable/uploads/

Konfigurasi

Edit 

vi /etc/php/5.6/cli/php.ini /etc/php/5.6/apache2/php.ini /etc/php/7.0/cli/php.ini /etc/php/7.0/apache2/php.ini

atau satu per satu 

vi /etc/php/5.6/cli/php.ini
vi /etc/php/5.6/apache2/php.ini
vi /etc/php/7.0/cli/php.ini
vi /etc/php/7.0/apache2/php.ini

Ubah, supaya 

allow_url_include=On


Edit 

vi /var/www/html/DVWA-1.9/config/config.inc.php

Ubah, supaya 

$_DVWA = array();
$_DVWA[ 'db_server' ] = 'localhost';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root';
$_DVWA[ 'db_password' ] = '123456';

$_DVWA[ 'recaptcha_public_key' ]  = '6LdK7xITAAzzAAJQTfL7fu6I-0aPl8KHHieAT_yJg';
$_DVWA[ 'recaptcha_private_key' ] = '6LdK7xITAzzAAL_uw9YXVUOPoIHPZLfw2K1n5NVQ';

$_DVWA[ 'default_security_level' ] = 'low';

Buat database 

mysql -u root -p123456

CREATE USER 'dvwa'@'%' IDENTIFIED BY '123456';
create database dvwa;
CREATE USER 'dvwa'@'localhost' IDENTIFIED WITH mysql_native_password BY '123456';
GRANT ALL PRIVILEGES ON dvwa.* TO 'dvwa'@'localhost';
grant ALL on root.* to dvwa@localhost;
exit

Restart

/etc/init.d/apache2 restart
Retrieved from "https://lms.onnocenter.or.id/wiki/index.php?title=Korban:_Install_DVWA_1.9&oldid=58685"