secengtum/dvwa Docker 镜像 - 轩辕镜像 | Docker 镜像高效稳定拉取服务

The Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application designed to be highly vulnerable. Its primary purpose is to serve as a resource for security professionals to test their skills and tools in a safe, legal setting. It also aims to assist web developers in understanding how to secure web applications and provides an educational platform for students and teachers to explore web application security in a classroom environment.

DVWA offers a range of common web vulnerabilities at various difficulty levels through a simple and clear interface. Please be aware that this software contains both known and unknown vulnerabilities on purpose to encourage users to identify as many security issues as possible.

WARNING: This application is susceptible to multiple types of ***s. To ensure safety, do not deploy it on any public servers.

This version of DVWA is specifically tailored for students of the Security Engineering class.

Getting started

To execute this image, you must have Docker installed on your system. Simply execute the following command:

bash
docker run --rm -it -p 1337:80 secengtum/dvwa

Wait for Docker to download and start the image. Once it's running, you will be able to access the dvwa on your local machine via http://localhost:1337/login.php

For logging in, use the default credentials provided below:

Username: admin Password: password

Reset Database

If you need to reset the database for any reason, navigate to http://localhost:1337/setup.php and perform the database reset there.

Adjust the difficulty level

Initially, the difficulty level is set to 'low'. You can modify this setting by selecting the "DVWA Security" option from the left menu. For the exercises we will use the 'low' difficulty level.

Have fun

You can start with the Command Injection as a easy starting point. Just try

127.0.0.1 && whoami

as an input, and see what happens!

About DVWA

You can visit DVWA official github repository if you want more information.