Linux centos6.5 builds its own penetration test practice environment damn vulnerable Web application__linux

The damn vulnerable Web application is selected

Go to download Address download PHP package, https://codeload.github.com/ethicalhack3r/DVWA/zip/v1.9

Install apache:yum-y Install httpd

Start Apache:service httpd Start

Install php:yum-y Install PHP

Install mysql-server:yum-y Install Mysql-server

Start Mysql-server:service mysqld Start (remote login assignment, etc. must be done without a detailed statement)

Install Php-mysql Association: Yum Install php-mysql php-pear php-gd-y

So far..... Need to install the software to complete

Test PHP Build
Cd/var/www/html
VI index.php

<?php
phpinfo ();

Visit ip/test.php The following figure shows the success

FAQ:

Error Httpd:could not reliably determine the server ' s fully qualified domain name

Solution: Vi/etc/httpd/conf/httpd.conf added a ServerName localhost:80

VI mysql.php

<?php
$con = mysql_connect ("localhost", "root", "");
if (! $con)
  {
  die (' Could not connect: '. Mysql_error ());
  }


mysql_select_db ("MySQL", $con);


$result = mysql_query ("SELECT * from user");


while ($row = Mysql_fetch_array ($result))
  {
  echo $row [' User ']. " " . $row [' Host '];
  echo "<br/>";
  }


Mysql_close ($con);
? >

Visit ip/mysql.php

The MySQL information appears successful

CP entire project to program publish path, default/var/www/html/

Modify the database information in config/config.inc.php, access to the address, click Create/reset db, you can see the following figure

Then you can log in, the default is Admin/password