$ 漏洞环境搭建
配合徐焱《Web安全攻防:渗透测试实战指南》第二章
一、在linux系统中安装LANMP
二、在Windows系统中安装WAMP
安装时缺少MSVCP110.dll和MSVCR110.dll,32位系统放在C:\Windows\SystemWOW64中,64位系统放在C:\Windows\System32中
三、搭建DVWA漏洞环境
- 保存并复制所有源码,粘贴在网站的根目录中
将dvwa-master文件夹重命名为dvwa,复制到WAMP路径下,config文件夹下的config.inc.php.dist重命名为config.inc.php
2. reCAPTCHAP key: Missing
编辑dvwa\config\config.inc.php
$_DVWA[ 'recaptcha_public_key' ] = ''
$_DVWA[ 'recaptcha_private_key' ] = ''
改为
$_DVWA[ 'recaptcha_public_key' ] = '6LdJJlUUAAAAAH1Q6cTpZRQ2Ah8VpyzhnffD0mBb';
$_DVWA[ 'recaptcha_private_key' ] = '6LdJJlUUAAAAAM2a3HrgzLczqdYp4g05EqDs-W4K';
参考文档:https://blog.csdn.net/RBPicsdn/article/details/80059132
3.
Could not connect to the MySQL service. Please check the config file.
Your database user is root, if you are using MariaDB, this will not work, please read the README.md file.
在dvwa\config中config.inc.php,将$_DVWA[ 'db_password' ]
改为“root”或为空
4. DVWA登录
默认用户名/口令:admin/password