虚拟机环境:kali 2022
使用容器:docker
一级目录
二级目录
三级目录
拉取dwva镜像
(root㉿kali) docker search web-dvwa
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
vulnerables/web-dvwa Damn Vulnerable Web App (DVWA) is a PHP/MySQ… 204 [OK]
testdockerreg77/web-dvwa 0
rbenavente/web-dvwa 0
skamthania/web-dvwa 0
tykimseclab/web-dvwa 0
seclabtykim/web-dvwa 0
bharathasampath/web-dvwa 0
raniasaleh/web-dvwa 0
wjlee96/web-dvwa 0
armorcodemayank/web-dvwa 0
选取星数最多的第一个容器
┌──(root㉿kali)-[~]
└─# docker pull docker.io/vulnerables/web-dvwa
Using default tag: latest
latest: Pulling from vulnerables/web-dvwa
3e17c6eae66c: Pull complete
0c57df616dbf: Pull complete
eb05d18be401: Pull complete
e9968e5981d2: Pull complete
2cd72dba8257: Pull complete
6cff5f35147f: Pull complete
098cffd43466: Pull complete
b3d64a33242d: Pull complete
Digest: sha256:dae203fe11646a86937bf04db0079adef295f426da68a92b40e3b181f337daa7
Status: Downloaded newer image for vulnerables/web-dvwa:latest
docker.io/vulnerables/web-dvwa:latest
查看本地镜像
┌──(root㉿kali)-[~]
└─# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
vulnerables/web-dvwa latest ab0d83586b6e 4 years ago 712MB
acgpiano/sqli-labs latest 0976afc45249 7 years ago 434MB
创建dvwa容器
docker run --name dvwa -p 8003:80 vulnerables/web-dvwa
┌──(root㉿kali)-[~]
└─# docker run --name dvwa -p 8003:80 vulnerables/web-dvwa
[+] Starting mysql...
Starting MariaDB database server: mysqld.
[+] Starting apache
Starting Apache httpd web server: apache2AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
.
==> /var/log/apache2/access.log <==
==> /var/log/apache2/error.log <==
[Fri May 19 06:00:29.027926 2023] [mpm_prefork:notice] [pid 283] AH00163: Apache/2.4.25 (Debian) configured -- resuming normal operations
[Fri May 19 06:00:29.028004 2023] [core:notice] [pid 283] AH00094: Command line: '/usr/sbin/apache2'
==> /var/log/apache2/other_vhosts_access.log <==
查看靶场
──(root㉿kali)-[~]
└─# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ad38bf2ad6e8 vulnerables/web-dvwa "/main.sh" 2 minutes ago Up 2 minutes 0.0.0.0:8003->80/tcp, :::8003->80/tcp dvwa
访问本机的8003端口

登录DVWA 账号密码:admin/password

第一次创建需要初始化数据库,点击create database,初始化登录账户和口令不变,重新登录就可以进入到了正常的靶场界面了。

本文在kali 2022虚拟机环境中,通过docker进行DWVA靶场的搭建。首先拉取镜像,然后查看本地镜像,接着创建dvwa容器,并通过8003端口访问靶场。登录账号为admin,密码为password。首次创建需初始化数据库,完成后即可进入靶场界面。
1374

被折叠的 条评论
为什么被折叠?



