Blog

Crawsec > DVWA > Installation of DVWA in Windows 10 Using XAMPP

Installation of DVWA in Windows 10 Using XAMPP

  • August 14, 2023
  • Posted by: Vijay
  • Category: DVWA
No Comments
Installation of DVWA in Windows 10 Using XAMPP

Introduction

DVWA, short for Damn Vulnerable Web Application, is a PHP/MySQL-based web application, specifically engineered to contain security flaws. For budding cybersecurity enthusiasts, DVWA provides a safe and legal platform to hone their hacking skills and test penetration tools.

Prerequisites

  • A computer running Windows 10.
  • Administrative rights on the computer for installation purposes.
  • Basic knowledge of web servers and databases.

Why XAMPP?

Before we delve into the installation, let’s understand why we’re using XAMPP. XAMPP is a powerful software distribution that provides an easy way to host web applications locally. It’s user-friendly, free, and offers cross-platform functionality.

Installation Process

1. Installing XAMPP

XAMPP serves as the backbone in this setup, providing necessary services like Apache and MySQL.

  1. Download XAMPP: Head over to XAMPP’s official website and download the latest stable release for Windows.
  2. Run the Installer: Once downloaded, initiate the setup. Follow the installation prompts. Ensure that both Apache and MySQL modules are selected.
  3. Post Installation: After successful installation, open the XAMPP Control Panel. You should see a list of services. Start both Apache and MySQL.

2. Tweaking PHP for DVWA

For DVWA to function effectively, certain PHP parameters need adjustment.

  1. Head to C:\xampp\php\ and locate the php.ini file.
  2. Using any text editor, open php.ini.
  3. Find the line allow_url_include and set its value to On:
    graphql
    allow_url_include = On
  4. Save the file and exit.
  5. Remember to restart Apache from the XAMPP Control Panel to implement these changes.

3. Deploying DVWA

  1. Get DVWA: Visit DVWA’s GitHub page: https://github.com/digininja/DVWA. Click on the green “Code” button and download the ZIP file.
  2. Place in XAMPP: Once downloaded, extract the ZIP file and place it in C:\xampp\htdocs. For ease, rename the folder to simply dvwa.
  3. Configuration Tweaks: Inside the dvwa folder, navigate to config. Rename the file config.inc.php.dist to config.inc.php.

4. Initializing DVWA

  1. In your preferred web browser, visit http://localhost/dvwa.
  2. DVWA requires a database setup. Click on the Create / Reset Database button. This action initializes the required database components.
  3. Post setup, the login page emerges. Default credentials are:
    • Username: admin
    • Password: password

Safety First

DVWA is intentionally vulnerable. Hence, do not host it on external servers or expose it to the internet. Keep it restricted to your local environment.

Learning Path

Now that you have DVWA installed:

  1. Discover: Explore each section of DVWA. Understand the vulnerabilities it showcases.
  2. Research: For each vulnerability, research about its nature, why it exists, and its real-world implications.
  3. Practice: Use the knowledge gained to exploit these vulnerabilities. Tools like Burp Suite and OWASP Zap can be instrumental.

Conclusion

Installing DVWA on Windows using XAMPP is a simple yet rewarding endeavor. It provides a sandboxed environment for cybersecurity enthusiasts to learn, experiment, and grow. Always remember the ethical boundaries and use your knowledge responsibly. Happy hacking!

Read More Blogs

INTERNET OF THINGS PENETRATION TESTING COURSE NOW AVAILABLE IN SAKET, NEW DELHI – 2023
10 BEST LAPTOPS FOR HACKING IN 2023
HOW TO START A CAREER IN CYBERSECURITY: YOUR PATH TO A THRIVING TECH FUTURE
JOIN THE DIGITAL CYBER FORENSICS INVESTIGATION COURSE IN SAKET, NEW DELHI
3 REASONS TO CONSIDER A CYBER SECURITY CAREER IN INDIA

Leave a Reply