31 просмотров
Рейтинг статьи
1 звезда2 звезды3 звезды4 звезды5 звезд
Загрузка...

Инструменты Kali Linux

Инструменты Kali Linux

Damn Vulnerable Web Application (DVWA) — это веб-приложение на PHP/MySQL, которое чертовски уязвимо. Его главная цель — помочь профессионалам по безопасности протестировать их навыки и инструменты в легальном окружении, помочь веб-разработчикам лучше понять процесс безопасности веб-приложений и помочь и студентам и учителям в изучении безопасности веб-приложений в контролируем окружении аудитории.

Цель DVWA попрактиковаться в некоторых самых распространённых веб-уязвимостях, с различными уровнями сложности, с простым прямолинейном интерфейсом. Обратите внимание, что имеются как задокументированные, так и незадокументированные уязвимости в этом программном обеспечении. Это сделано специально. Вам предлагается попробовать и обнаружить так много уязвимостей, как сможете.

Damn Vulnerable Web Application чертовски уязвимо! Не загружайте его в публичную html папку вашего хостинг провайдера или на любой сервер, имеющий выход в Интернет, поскольку они будут скомпрометированы. Рекомендуется использовать виртуальную машину (такую как VirtualBox или VMware), которые установлены в сетевой режим NAT. Внутри гостевой машины вы можете загружать и установить веб-сервер и базы данных.

Некоторые из уязвимостей веб-приложений, который содержит DVWA;

  • Брут-форс: Брут-форс HTTP формы страницы входа; используется для тестирования инструментов по атаке на пароль методом грубой силы и показывает небезопасность слабых паролей.
  • Исполнение (внедрение) команд: Выполнение команд уровня операционной системы.
  • Межсайтовая подделка запроса (CSRF): Позволяет «атакующему» изменить пароль администратора приложений.
  • Внедрение (инклуд) файлов: Позволяет «атакующему» присоединить удалённые/локальные файлы в веб-приложение.
  • SQL внедрение: Позволяет «атакующему» внедрить SQL выражения в HTTP из поля ввода, DVWA включает слепое и основанное на ошибке SQL внедрение.
  • Небезопасная выгрузка файлов: Позволяет «атакующему» выгрузить вредоносные файлы на веб-сервер.
  • Межсайтовый скриптинг (XSS): «Атакующий» может внедрить свои скрипты в веб-приложение/базу данных. DVWA включает отражённую и хранимую XSS.
  • Пасхальные яйца: раскрытие полных путей, обход аутентификации и некоторые другие.

Автор: RandomStorm & Ryan Dewhurst

Setting up DVWA for Kali Linux

Hello there, and welcome to another Security Sunday series!

Today i will be going through a guide on setting up DVWA, otherwise known as Damn Vulnerable Web Application, as our subsequent posts will be most likely about breaking this application and thereby improving our hacking/pentesting skills!

First up you will need these things:

  • A Virtual Box/VMware that can run Kali Linux, or any Linux distribution
  • A working PC of course

With all that ready, let’s begin setting up DVWA.

Number 1: Setting up a Web Server

DVWA will be running on your own local network (localhost or 127.0.0.1), thus it is essential you have a web server running in order to run DVWA. Here are the steps!

In your Kali terminal, type:

Let the terminal run its things, and when it is done, go to the browser in Kali and either type localhost or 127.0.0.1 on the URL and press enter. You should see this:

If you get this, you are on the right track, and ready to move to step 2.

Number 2: Download DVWA

Of course DVWA does not come from thin air, you will have to download it into your VM. Here’s one way to do it:

First, go to your apache2 folder by running this command on the terminal:

Then clone, DVWA from github, through this command in the terminal:

If you happen to run into an error saying git is not available, it means you have yet install Git! So you can run this command on your terminal first before cloning DVWA into var/www/html!

The second way is to download DVWA as a zip folder, and unzip it under the same directory (var/www/html)

Before we move onto the next step of configuring DVWA, we would need to set correct permissions to DVWA, and we continue by running this command in the terminal:

Do note that the above line assumes you are still in the var/www/html directory. If you are not, ie you reopened a new terminal, then run this command instead:

Also note that the directory could be case sensitive!

With that DVWA is installed! Now we can move onto setting up our database

Number 3: Setting up Database (MYSQL)

First you need to install mysql on your VM through this command on terminal:

Note that they might ask you to create your password for root user in MYSQL!

If, in the event that the above command does not work, there is a possibility that you already have MySQL or similar database in your VM, just proceed to the next two commands to find out!

I tried the above two commands last night on my Kali VM because i failed to install mysql-server, and it gave me a MariaDB instead of MySQL. But fret not, you simply key in this command in MariaDB to switch your database to MySQL.

Do note that you have to do this or else DVWA just doesn’t work!

Note that the password at the start will be blank, so just click Enter will do!
So once you are into MariaDB, simply put the command ‘use mysql’ to switch database!

Читать еще:  Pure j прошивка. Получение root прав на Highscreen Pure J

Anyway so once you are done with the above, it’s not over yet, for you now need to create the database with these lines:

These are the fields you can change to whichever name you want:

  • database name, ie dvwa on lines 1 and 3
  • user on lines 2 and 3, as well as password on line 2

Last line exits the database back to your terminal. And we can move to the Number 4.

Number 4: Install php

Now that we have the database setup and DVWA, we would need to install php, using this command:

If this fails, just check your php version through your terminal by navigating into this directory through this command:

To see the directories in this folder. For my case, it is a php 7.3, and i just left it as it is. I strongly believe that there will be repercussions to this, but if you would like to just proceed, it is fine! Or else head to the link below to downgrade you php to at least a 5.6! https://askubuntu.com/questions/761713/how-can-i-downgrade-from-php-7-to-php-5-6-on-ubuntu-16-04

Being able to navigate to localhost/info.php means you are ready to proceed to the next step!

Number 5: Configure DVWA

Last but not least, you would need to configure DVWA for it to work properly.

First head to this directory through this command on the terminal:

Because it is vim, essentially what you want to do is to edit the contents in the config.inc.php.dist file.

Here’s what you gonna configure: db_user, db_password.
OPTIONAL: recaptcha_public_key, recaptcha_private key. If you want to generate your own keys for the captcha, head to Number 6!

Once you are done editing, type the following command (After pressing ESC) to save the file: (Press Enter after the command)

Next copy config.inc.php.dist into config.inc.php file using this command:

Next, head to this directory using this command

Or, if you are using php7.3 like me,

And change the following:

Screenshot courtesy of https://medium.com/@TheShredder/create-your-ethical-hacking-environment-install-dvwa-into-your-kali-linux-4783282dea6a

Change allow_url_fopen and allow_url_include to On. DO NOTE THIS HAS TO BE DONE FOR DVWA TO WORK

With that, perfect you successfully set up DVWA! Start DVWA through these commands:

Now your browser should show the setup.php. Simply Click on Create/Regenerate database and you will be navigated to the login page. Now you can start hacking.

Note the username and password by default in the login page is

OPTIONAL NUMBER 6: SETUP RECAPTCHA

To set up recaptcha, simply run these commands:

php5-gd is the module for enabling recaptcha. Do note that the directory will be in var/www/html/dvwa

For me i did not do this since i am not using php5 anyway.

And that’s all for today! Happy hacking!

  • Игрушка / брелок Android

Anything in here will be replaced on browsers that support the canvas element

Как установить bWAPP в Windows

Наконец установим и настроем bWAPP в Windows

В папке c:Serverdatahtdocspentest создайте каталог bWAPP. Распакуйте содержимое архива bWAPP_latest.zip в директорию c:ServerdatahtdocspentestbWAPP.

Откройте файл c:ServerdatahtdocspentestbWAPPbWAPPadminsettings.php и найдите в нём строку:

В этой строке поменяйте bug на пароль вашей MySQL (по умолчанию пустой). Сохраните и закройте этот файл.

Найдите там надпись Click here to install bWAPP и на ней ссылку http://localhost/pentest/bWAPP/bWAPP/install.php?install=yes — перейдите по ней.

Для входа Имя пользователя: bee, а пароль: bug

Примечание: к сожалению, из-за того, что bWAPP уже давно не обновлялась, некоторые из её страниц не совместимы с новыми версиями PHP. Например, страницы для отработки SQL-инъекции будут выдавать ошибку из-за использования функции mysql_connect(). В принципе, особых проблем в исправлении нет — достаточно просто перейти на mysqli_connect(). Для этого нужно отредактировать файл c:ServerdatahtdocspentestbWAPPbWAPPconnect.php (можно просто скопировать в него содержимое c:ServerdatahtdocspentestbWAPPbWAPPconnect_i.php, а также все файлы вида c:ServerdatahtdocspentestbWAPPbWAPPsqli_*.php.

При желании, вы можете этим заняться самостоятельно — бонусное упражнение, так сказать. Либо просто используйте другие уязвимые среды, рассмотренные выше, для практики в эксплуатации SQL-инъекций.

Step 4. Install PHP5

For our last component in DVWA Installation, we will set up and install PHP. Installing this on your VM is quite easy.

  • To install PHP, simply type the following command:

Agree to the installation and PHP 5 will be installed on your Server.

  • Restart Apache Server

Now, let’s take a moment to test the PHP software that you just installed. Move into your public web directory:

Once there, use the text editor to create a file named info.php by typing the following command:

This command will use the command line editor vim to open a new blank file with this name. Inside this file, type the following:

Inside this file, copy paste the following:

Save your changes by entering:

Once done, open your web browser and type your localhost IP address in the browser.

You will see the default PHP information page, similar to this:

When you are done looking at this test PHP page, you can remove this file if you want by typing the following command:

  • Install MySQL Extension for PHP.

To Install MySQL Extension for PHP Support, type the following:

Once done, you have completed the PHP installation required for DVWA.

DVWA requires a module for php which is not installed into Kali Linux or elementaryOS. So we need to add a Debian source for APT.

sudo apt update

sudo apt install php5-gd

Once done, you have completed the PHP installation for DVWA.

Setup & Install DVWA Into Your Linux Distribution

DVWA is made with PHP and MySQL for security professionals or aspiring security professionals to discover as many issues as possible and exploit some of the most commons vulnerabilities of web platforms like SQL injection, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and more.

Note: This guide is for beginners. If you’re unable to complete any of the steps or encounter any error message during the installation. I encourage you to use StackOverflow for an answer or leave a comment below.

Читать еще:  InterZet заблокировал доступ к YouTube за экстремистский ролик

Step 1. Setup Web server (Install Apache)

  • To install Apache, Open your Terminal and type the following:

Once done, type 127.0.0.1 in the browser and you will see the default Apache 2 web page, similar to this:

If you see this page, then congratulations — you have successfully installed Apache.

When you are done looking at this test page, you can remove it by typing the following command:

Step 2. Download DVWA

We need to download the archive of DVWA from Github.

  • To install Git, type following command:
  • Go to the apache2 folder.
  • Clone DVWA from Github, type the following command:

Once done, type 127.0.0.1/DVWA/ in the browser and you will see the DVWA page, similar to this:

  • Change permissions for DVWA

Step 3. Install MySQL

The next component for Setting up DVWA is Installing MySQL.

  • To install MySQL, type the following:

Note that the installation routine may ask you to create a new password for the root MySQL user. Once you have completed all of the required steps, your MySQL installation should be completed. Let’s double-check that our new MySQL server is running. Type this command:

Enter the root password you created for MySQL when you installed the software package. Once in, the following to get the server status, version information and more:

This is a good way to ensure that you’ve installed MySQL and are ready for further configuration.

  • Restart Apache Server
  • Create Database and User

To create a MySQL database and user, follow these steps:

At the command line, type the following:

  • Type the MySQL root password, and then press Enter.
  • To create a database, type the following command:
  • To create a database user, type the following command. Replace dvwausrwith the user you want to create, and replace dvwa@123 with the user’s password:
  • Grant permission, type the following command:
  • Once done, exit the application by typing either of the following commands:

Step 4. Install PHP5

For our last component in DVWA Installation, we will setup and install PHP. Installing this on your VM is quite easy.

  • To install PHP, simply type the following command:

Agree to the installation and PHP 5 will be installed on your Server.

  • Restart Apache Server

Now, let’s take a moment to test the PHP software that you just installed. Move into your public web directory:

Once there, use the text editor to create a file named info.php by typing the following command:

This command will use the command line editor vim to open a new blank file with this name. Inside this file, type the following:

Inside this file, copy paste the following:

Save your changes by entering:

Once done, open your web browser and type your localhost IP address in the browser.

You will see the default PHP information page, similar to this:

When you are done looking at this test PHP page, you can remove this file if you want by typing the following command:

  • Install MySQL Extension for PHP.

To Install MySQL Extension for PHP Support, type the following:

Once done, you have completed the PHP installation required for DVWA.

  • Install PHP-GD

DVWA requires a module for PHP which is not installed into Kali Linux or elementaryOS. So we need to add a Debian source for APT.

Once done, you have completed the PHP installation for DVWA.

Step5. Configure DVWA

Now we are ready to edit the source of PHP config files to make sure your web application connects to the database and has got a working captcha. You can obtain reCaptcha keys from your Google Account by clicking here.

We will use the text editor to edit the configuration typing the following command:

  • Add the database name, user, and password of the MySQL database.
  • Enter reCaptcha keys.

Here’s a screenshot on how your file needs to be after editing.

Once done, we need to edit the main config (php.ini) file for apache2, which is not correctly overridden for DVWA by default.

  • Enable Allow_url_fopen
  • Enable A llow_url_include

This is necessary to exploit the file upload vulnerability. Here’s a screenshot for php.ini after making changes.

After saving changes for php.ini, we need to follow few more steps.

  • Install Iceweasel
  • Restart Apache
  • Restart MySQL Service

Once done, you have completed the required configuration for DVWA.

  • Test DVWA Installation

You will be redirected to the web browser and the page similar to this will be in front of you.

When you are done looking at this DVWA Setup page, you can click on Create / Reset Database button. You will be redirected to the login page.

  • Use MySQL User and Password to Login

Now, login to change the strength of vulnerabilities by clicking on “DVWA Security”.

DVWA Security Options for Attacks: Start with Low level .

Low Level: Low-Level Security gives you the freedom to exploit all known vulnerabilities means there will be no security in a given framework and hence you can try all attacks if you are using it first Time.

Medium Level:
Medium security will have all entry-level validations and filtration which can stop any script kiddie to get the benefit of available vulnerabilities.

High Level: High Level is kind of Zero Day environment and if you can breach it then that means you are on the right track to becoming a VAPT Expert.

You’re done.

So, we have setup a simple vulnerable web application on localhost. You can now Explore DVWA interface.

If you encounter any errors during the installation or have questions, Let us know in the comments below!

You may also be interested in reading How to become a Web Security Researcher or learn Why questioning is Pivotal to Success in Web Security?

I’ve also got this Data Science newsletter that you might be into. I send a tiny email once or twice every quarter with some useful resource I’ve found.

Читать еще:  Кали Линукс не видит wifi модуль

Don’t worry, I hate spam as much as you. Feel free to subscribe.

По умолчанию веб-страница Apache это /var/www/index.html. Мы можем отредактировать этот файл. Соответственно, Apache покажет нам эту страницу уже в измененном виде. Также мы можем напрямую указать путь до страницы. А если этого не делать, что по умолчанию будет index.html.

Используйте любой понравившийся вам текстовый редактор, включая vi, gedit, Kate, KWrite, emacs и т.д. Я буду использовать Vim. На картинке снизу я уже отредактировал файл index.html

Обратите внимание, что на веб-странице по умолчанию содержится именно тот текст, который отображался при открытии нашего браузера для localhost , но в формате html. Все, что нам нужно сделать, это отредактировать этот файл, чтобы наш веб-сервер отображал нужную нам информацию.

php-gd module problem in kali linux #285

Copy link Quote reply

anonlegion commented Jan 16, 2019


I have already run this command ‘apt-get install php-gd’ and it says that php-gd is already in newest version.
What should i do?

anonlegion commented Jan 16, 2019

I have two folder one with php7.2 and another one is 7.3

anonlegion commented Jan 16, 2019

yes, i already restarted apache2 and mysql

digininja commented Jan 16, 2019

Visit the phpinfo page and see what it thinks about gd.

farhanhossin commented Jan 16, 2019

devo147 commented Jan 19, 2019

Have you managed to resolve this yet as I’m experiencing the same issue?

mike-bailey commented Jan 24, 2019

As digininja noted, run phpinfo(); and give us the output. Thanks.

mike-bailey commented Jan 27, 2019

Tagging, if this issue remains inactive for a week it’ll close

Phoenix1112 commented Jan 27, 2019 •

I’m having the same problem . No one can solve the problem .. because kali is using linux php7.2-mysql. There is no php7.2-gd installation command for php7.2 . just we have php7.3-gd installation command for php7.3 . This problem will be eliminated when kali linux starts to completely use php7.3 ..
kali linux is currently using both php7.2 and php7.3 . But our mysql server is using php7.2

digininja commented Jan 27, 2019

I’ve just done a fresh Kali install using this ISO «Kali Linux Light 64 Bit» from here:

I then logged in and installed these:

Cloned DVWA from this repo and GD is recognised and working fine.

Unless you want to mess with captchas then you don’t need GD anyway so don’t worry about it.

mike-bailey commented Jan 27, 2019

Closing as this is either something off about

Kali being weird about what to provide

People using 7.2 instead of 7.3 when they should probably use 7.3

Neither are project issues. Of note, I’m not locking discussion, just closing the issue.

@digininja also opened a MR to address the ambiguity of the warning (thanks)

bansil374 commented May 31, 2019

PHP module gd: Missing — Only an issue if you want to play with captchas
and i’m using php 7.3.4

omar1024 commented Jul 14, 2020

I’ve just done a fresh Kali install using this ISO «Kali Linux Light 64 Bit» from here:

I then logged in and installed these:

Cloned DVWA from this repo and GD is recognised and working fine.

Unless you want to mess with captchas then you don’t need GD anyway so don’t worry about it.

Hello I tried what you suggested
I got this
Reading package lists. Done
Building dependency tree
Reading state information. Done
Package php7.3-mysql is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package ‘php7.3-mysql’ has no installation candidate
E: Unable to locate package php7.3-gd
E: Couldn’t find any package by glob ‘php7.3-gd’
E: Couldn’t find any package by regex ‘php7.3-gd’
on the second command.I tried doing it other way. COuld you please tell me what to do.

omar1024 commented Jul 14, 2020

Do you want to test caphchas? If not, just ignore it.

On Tue, 14 Jul 2020, 17:15 omar, @.***> wrote: I’ve just done a fresh Kali install using this ISO «Kali Linux Light 64 Bit» from here: https://www.kali.org/downloads/ I then logged in and installed these: apt-get install vim apache2 php7.3 apt-get install mariadb-server mariadb-client php7.3-mysql php7.3-gd apt-get install git Cloned DVWA from this repo and GD is recognised and working fine. Unless you want to mess with captchas then you don’t need GD anyway so don’t worry about it. Hello I tried what you suggested I got this Reading package lists. Done Building dependency tree Reading state information. Done Package php7.3-mysql is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source E: Package ‘php7.3-mysql’ has no installation candidate E: Unable to locate package php7.3-gd E: Couldn’t find any package by glob ‘php7.3-gd’ E: Couldn’t find any package by regex ‘php7.3-gd’ on the second command.I tried doing it other way. COuld you please tell me what to do. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub , or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWOHQ3EYDT5PEGAGRG3R3SAA5ANCNFSM4GQNMIJA .

I did but it showed page not found while creating new database

Conclusion

This tutorial summarized how to install and configure Damn Vulnerable Web Application, or DVWA, on Ubuntu Linux version 18.04. Although the tutorial instructions are specific to Ubuntu Linux (Desktop or Server), the tutorial should provide suitable discussion and advice for other Linux distributions, such as Kali Linux. I hope that the tutorial helped someone, and, as always, please leave a comment if you have any questions or feedback. Also, if you are interested in a tutorial about completing any of the DVWA exercises, please leave a comment — I could also be interested in documenting the methods used in each exercise. Thanks!

Ссылка на основную публикацию
Статьи c упоминанием слов:
Adblock
detector