1.安装虚拟机
这个最基本的就不多说了。
2. 环境配置
配置ssh
yum install openssh*
编辑ssh配置文件
vi /etc/ssh/sshd_config
把下面两行取消注释
PermitEmptyPasswords no
PasswordAuthentication yes
设置
不限制root用户登录ssh
PermitRootLogin yes
重启ssh
systemctl restart sshd.service
设置开机启动
systemctl enable sshd.service
添加防火墙策略
firewall-cmd –permanent –zone=public –add-service=ssh
firewall-cmd –reload
我们先更新一下cache(可选操作)
yum makecache
升级一下(可选操作)
yum update
3. 安装必要组件
安装Apache的服务器
yum install httpd
然后启动Apache
service httpd start
查看Apache状态
service httpd status
设置httpd在运行级别为2、3、4、5的情况下都是on的状态(如果发现测试php时网页显示源代码,尝试把此代码来一遍)
chkconfig –level 2345 httpd on
firewall-cmd –permanent –zone=public –add-service=httpd
安装MySQL
//因为最新版的linux系统开始,默认的是Mariadb
而不是mysql~//
检查系统是否装有mysql,返回空值则说明没有安装
rpm -qa |grep mysql
//yum install虽然可执行,但是只是用来更新Mariadb的//
wget
http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
安装mysql-community-release-el7-5.noarch.rpm
rpm -ivh mysql-community-release-el7-5.noarch.rpm
安装Mysql
yum install mysql-server
安装完成后再次查看MySQL
rpm -qa | grep mysql
如果报错内容含有
Error: Package: mysql-community-libs-5.6.35-2.el7.x86_64 (mysql56-community)
Requires: libc.so.6(GLIBC_2.17)(64bit)
Error: Package: mysql-community-server-5.6.35-2.el7.x86_64 (mysql56-community)
Requires: libc.so.6(GLIBC_2.17)(64bit)
Error: Package: mysql-community-server-5.6.35-2.el7.x86_64 (mysql56-community)
Requires: systemd
Error: Package: mysql-community-server-5.6.35-2.el7.x86_64 (mysql56-community)
Requires: libstdc++.so.6(GLIBCXX_3.4.15)(64bit)
Error: Package: mysql-community-client-5.6.35-2.el7.x86_64 (mysql56-community)
Requires: libc.so.6(GLIBC_2.17)(64bit)
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
解决:
yum install glibc.i686
yum list libstdc++*
重置密码
首先登陆
mysql -u root
登录时有可能报这样的错:
ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
原因是/var/lib/mysql的访问权限问题。下面的命令把/var/lib/mysql的拥有者改为当前用户
chown -R root:root /var/lib/mysql
重启服务
service mysqld restart
登陆MySQL重置密码
mysql -u root
mysql > use mysql;
mysql > update user set password=password(‘123456’) where user=’root’;
mysql > exit;
重启Mysq服务
service mysqld restart
下载DVWA
wget
https://github.com/ethicalhack3r/DVWA/archive/v1.9.tar.gz
cp v1.9.tar.gz /var/www/html/
cd /var/www/html
tar zxvf v1.9.tar.gz
安装PHP
yum install php.x86_64 php-mysql.x86_64 php-pear php-pear-DB php-gb
将虚拟机配置成桥接模式后,访问测试网页
http://x.x.x.x/dvwa/setup.php
根据红色的提示,设置环境
vim /etc/php.ini
配置内容
allow_url_fopen = On
allow_url_include = On
编辑配置文件
cd /var/www/html/dvwa/config
cp config.inc.php config.inc.php.bak #备份一下
vim config.inc.php
key可以是自己生成,地址是https://www.google.com/recaptcha/admin/create
$_DVWA[ 'db_server' ] = '127.0.0.1';
$_DVWA[ 'db_password' ] = 'mysqlpassword';
$_DVWA[ 'recaptcha_public_key' ] = '6LePqhAUAAAAAH6Bn2okO9-8G-zNw46PNhotV4Q6';
$_DVWA[ 'recaptcha_private_key' ] = '6LePqhAUAAAAAMVqhBbFr1NVA9H13FKyfAgBeZYx';
然后给予权限可写
cd /var/www/html/dvwa/hackable/
chmod 777 uploads
cd /var/www/html/dvwa/external/phpids/0.6/lib/IDS/tmp
chmod 777 phpids_log.txt
如果最后还有问题调整一下安全级别
cd /var/www/html/dvwa/config
vim config.inc.php
$_DVWA[ 'default_security_level' ] = 'low';
友情提示
DVWA默认用户名:admin
DVWA默认密码:password