The readability of a tech blog is very important, which is a big reason to write a tech blog.
If the vulnerability library is actually used, dvwa must be the first choice, because it is really convenient and easy to use, and it is a good target drone.
First install docker on your own computer, my computer operating system is kali linux 2018.1, the installation tutorial is as follows
1、vim /etc/apt/sources.list.d/backports.list
2. Join deb http: // http.debian.net/debian wheezy-backports main
3, apt-get update, refresh the software source
4. apt -get purge lxc -docker *, apt -get purge docker .io *, delete the old version of docker
5, apt-get update, refresh the software source
6. apt -get install apt -transport -https ca -certificates, install the certificate
7、apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
8、vim /etc/apt/sources.list.d/docker.list
9, join deb https://apt.dockerproject.org/repo debian-wheezy main
#On Debian Jessie
#deb https://apt.dockerproject.org/repo debian-jessie main
#On Debian Stretch/Sid
#deb https://apt.dockerproject.org/repo debian-stretch main
10、apt-get update
11、apt-cache policy docker-engine
12、apt-get update
13、apt-get install docker-engine
14、service docker start
15、docker run hello-world
Ok, so that docker is installed, you must follow the operation.
For learning about docker, related reference links:
1. The way of Docker learning (1)
2. Docker Learning Road (2) Methods of installing Docker under four systems
3, Docker learning road (3) small test knife
4. Docker Learning Road (4) Guardian Containers
5. Docker Learning Road (5) Basic operation of mirroring
6. Docker Learning Road (6) Create an image with the commit command
7. Docker in action: easier, more enjoyable, and more efficient
8. Typical application scenarios of Docker
Another related tutorial, in fact, after reading these, you already have a basic grasp of docker
1. Docker (1): Docker introductory tutorial
2. Docker (2): Introduction to the use of Dockerfile
3. Docker (3): Detailed explanation of Dockerfile command
4. Docker (four): Docker Compose of the Docker Three Musketeers
5. Docker (5): Docker Machine of the Docker Three Musketeers
6. Docker (6): Docker Swarm of the Docker Three Musketeers
The following describes the process of installing dvwa in docker
1、docker search dvwa
2 、 vi /etc/docker/daemon.json
3. Add {"registry-mirrors":["http://hub-mirror.c.163.com"]}, save and exit
4、service docker restart
5、docker pull vulnerables/web-dvwa
6. docker network create --subnet=192.168.3.0/24 kalilinux, created a virtual network card called kalilinux
7. docker network ls, check the operation of the network card
8、docker run -d --name dvwa --net kalilinux --ip 192.168.3.2 vulnerables/web-dvwa
9、docker start dvwa
10. Enter 192.168.3.2 in the browser
Related reference links:
1. Beginner's guide: Brute Force of DVWA -1.9 full-level tutorial
2. Beginner's guide: Command Injection in DVWA -1.9 full-level tutorial
3. Beginner's guide: CSRF of DVWA -1.9 full-level tutorial
4. Beginner's guide: File Inclusion of DVWA -1.9 full-level tutorial
5. Beginner's guide: File Upload of DVWA -1.9 full-level tutorial
6. Beginner's guide: Insecure CAPTCHA of DVWA -1.9 full-level tutorial
7. Beginner's guide: SQL Injection in DVWA -1.9 full-level tutorial
8. Beginner's Guide: SQL Injection (Blind) of DVWA -1.9 Full Level Tutorial
9. Beginner's guide: XSS of DVWA -1.9 full-level tutorial (the end, with examples)
In addition, regarding sqli-labs, the following person has cleared the experimental environment, and I admire it very much
http://www.cnblogs.com/AmoBlogs