You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
120 lines
2.6 KiB
120 lines
2.6 KiB
= LabInstance dvwa!
|
|
|
|
|
|
== Quickstart
|
|
|
|
This is a quickstart guide of howto use this *LabInstance*
|
|
|
|
=== Default Configuration
|
|
|
|
- Working Directory
|
|
|
|
> /home/docker/project
|
|
|
|
- Default user
|
|
|
|
> docker
|
|
|
|
- Default password
|
|
|
|
> docker
|
|
|
|
- Default password4root
|
|
|
|
> pass
|
|
|
|
|
|
== LabInstance Info
|
|
|
|
|
|
Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
|
|
|
|
- Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.
|
|
|
|
- The aim of DVWA is to practice some of the most common web vulnerability, with various difficultly levels, with a simple straightforward interface. Please note, there are both documented and undocumented vulnerability with this software. This is intentional. You are encouraged to try and discover as many issues as possible.
|
|
|
|
IMPORTANT: **WARNING** This Instance is vulnerable to several kinds of attacks, please don't deploy it to any public servers.
|
|
|
|
IMPORTANT: Damn Vulnerable Web Application is damn vulnerable! **Do not upload it to your hosting provider's public html folder or any Internet facing servers, as they will be compromised**
|
|
|
|
|
|
[TIP]
|
|
====
|
|
Disclaimer (*)
|
|
|
|
We do not take responsibility for the way in which any one uses this application (DVWA). We have made the purposes of the application clear and it should not be used maliciously. We have given warnings and taken measures to prevent users from installing DVWA on to live web servers. If your web server is compromised via an installation of DVWA, it is not our responsibility, it is the responsibility of the person/s who uploaded and installed it.
|
|
|
|
(*) https://github.com/digininja/DVWA
|
|
|
|
====
|
|
|
|
== Web login
|
|
|
|
Login with default credentials
|
|
|
|
To login you can use the following credentials:
|
|
|
|
|
|
> Username: admin
|
|
|
|
> Password: password
|
|
|
|
|
|
== More info
|
|
|
|
https://github.com/digininja/DVWA[^]
|
|
|
|
|
|
== RUN INSTANCE
|
|
|
|
Swarmlab services can be run in different ways.
|
|
|
|
- You can run them **through the swarmlab hybrid environment** (http://docs.swarmlab.io/SwarmLab-HowTos/swarmlab/docs/swarmlab/docs/hybrid/start-microservices.html)
|
|
- or use them individually at will on the **command line of your system**
|
|
|
|
|
|
=== CLI
|
|
|
|
> git clone ...
|
|
|
|
> cd [DIRECTORY]
|
|
|
|
|
|
=== help
|
|
|
|
> make help
|
|
|
|
|
|
==== create service
|
|
|
|
> make create
|
|
|
|
|
|
=== start service
|
|
|
|
> make start
|
|
|
|
|
|
=== stop service
|
|
|
|
> make stop
|
|
|
|
|
|
=== list service
|
|
|
|
> make list
|
|
|
|
|
|
=== clean service
|
|
|
|
> make clean
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|