0% found this document useful (0 votes)

132 views64 pages

Damm Vulnerable Web Application

Uploaded by

parth garg

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

132 views64 pages

Damm Vulnerable Web Application

Uploaded by

parth garg

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 64

Damm Vulnerable Web Application

System Information
System name – Dell Inspiron 15 5501
Processor - Intel(R) Core (TM) i7-1065G7 CPU @ 1.30GHz 1.50 GHz
Ram – 24 GB
Storage – 1 TB
Window 10/11

Index of DVWA
1 Introduction to Damn Vulnerable Web Application (DVWA)
Overview
Purpose and Goals
The goals of DVWA are
Key Features of DVWA
Setting Up DVWA
Vulnerabilities in DVWA
SQL Injection
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
Command Injection
Ethical Considerations
2 Objectives of Damn Vulnerable Web Application (DVWA)

Introduction to Damn Vulnerable Web Application (DVWA)

Overview
The Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web platform
intentionally designed to have vulnerabilities. Its purpose is to assist security experts and
enthusiasts in gaining knowledge, about web application security within a setting. DVWA
serves as a resource for individuals seeking to enhance their proficiency in aspects of web
security such, as SQL injection Cross Site Scripting (XSS) Cross Site Request Forgery
(CSRF) and Command Injection.

Purpose and Goals

The main goal of DVWA is to offer an authorized space, for testing web vulnerabilities. Users
can utilize the application to delve into these vulnerabilities grasp their significance and
acquire knowledge on how to safeguard against them. This is important, as comprehending
the workings of attacks is an aspect of mastering prevention techniques.

The goals of DVWA are

In today’s age web applications play a role, in various aspects of our lives such as online
banking and social media. However, these applications are frequently targeted by individuals
because of the data they deal with. Understanding web security is crucial, for a variety of
purposes:

Safeguarding Confidential Data: It is crucial to ensure the security of details, financial

records and confidential business information to prevent entry.
Maintaining Trust: Users need to trust that their data is safe. Security breaches can lead to
loss of user trust and reputation damage.
Legal Compliance: Many industries have regulations requiring a certain level of security.
Non-compliance can result in hefty fines and legal consequences.
Preventing Financial Losses: Security breaches can lead to significant financial losses due to
theft, fraud, and remediation costs.

Key Features of DVWA

DVWA offers several features that make it an excellent tool for learning and practicing web
security:

Multiple Security Levels: DVWA has different security levels (low, medium, high, and
impossible) which allow users to test vulnerabilities in various scenarios and understand how
security measures can mitigate risks.
Wide Range of Vulnerabilities: The application includes a variety of common vulnerabilities
such as SQL Injection, XSS, CSRF, Command Injection, File Inclusion, and more.
Detailed Documentation: DVWA provides extensive documentation and guides to help users
understand the vulnerabilities and how to exploit them.
Community Support: Being open-source, DVWA has a vibrant community of users and
developers who contribute to its development and provide support.

Setting Up DVWA
Setting up DVWA is straightforward. The application requires a server environment with PHP
and MySQL. Here is a step-by-step guide to setting it up:

Install a Server Environment: Install a web server such as Apache, along with PHP and
MySQL. Tools like XAMPP or WAMP make this process easy by bundling these components
together.
Download DVWA: Download the latest version of DVWA from its official repository on
GitHub.
Configure DVWA: Extract the downloaded files into the web server's root directory. Modify
the config/config.inc.php file to set up the database connection.
Create Database: Create a MySQL database for DVWA. You can use the SQL script provided
in the DVWA setup folder to create the necessary tables.
Set Permissions: Ensure that the config directory and hackable/uploads directory are writable
by the web server.
Access DVWA: Open a web browser and navigate to http://localhost/dvwa. Follow the on-
screen instructions to complete the setup.

Vulnerabilities in DVWA
DVWA includes several types of vulnerabilities, each designed to teach different aspects of web
security. Here are some of the key vulnerabilities:
SQL Injection

SQL Injection is one of the most common and dangerous web vulnerabilities. It occurs when
an attacker can inject malicious SQL code into a query, potentially allowing them to access,
modify, or delete database data.

Example:
SELECT * FROM users WHERE username = '$username' AND password = '$password';

If the inputs are not properly sanitized, an attacker could input something like:

' OR '1'='1

This would cause the query to always return true, potentially granting unauthorized access.

Cross Site Scripting (XSS)

XSS occurs when an attacker injects malicious scripts into web pages viewed by other users.
These scripts can steal cookies, session tokens, or other sensitive information.

Example:
<input type="text" name="comment">

If the input is not properly sanitized, an attacker could input:

This would execute the script in the context of the user's browser.
Cross Site Request Forgery (CSRF)

CSRF attacks occur when a malicious site tricks a user's browser into performing actions on
another site where the user is authenticated.

Example:
<img src="http://victim.com/delete_account?id=123">
If the user is logged into victim.com, their browser would send the request to delete the
account.

Command Injection

Command Injection allows an attacker to execute arbitrary commands on the host operating
system via a vulnerable application.

Example:
$cmd = $_GET['cmd'];
system($cmd);
If the input is not sanitized, an attacker could input:
; rm -rf /
This would execute the command to delete all files on the server.

Security Levels in DVWA

DVWA’s security levels allow users to see how different security measures can affect the
exploitation of vulnerabilities. The levels are:

Low: No security measures are in place. This level is designed to be easily exploitable and
demonstrates the vulnerabilities in their most basic form.
Medium: Some basic security measures are implemented. This level is designed to show how
simple mitigations can reduce risk.
High: Stronger security measures are in place. This level requires more advanced exploitation
techniques.
Impossible: This level is designed to be secure against the vulnerability being tested. It
demonstrates best practices and effective security controls.
Using DVWA for Learning and Practice
DVWA is an excellent tool for both individual learning and structured educational programs.
Here are some ways to use DVWA effectively:

Self-Paced Learning: Users can go through the vulnerabilities at their own pace,
experimenting with different security levels and learning how to exploit and mitigate each
vulnerability.
Classroom Training: Instructors can use DVWA in a classroom setting to provide hands-on
experience with web security concepts. It can be used to demonstrate vulnerabilities, teach
exploitation techniques, and show how to implement security measures.
Capture The Flag (CTF) Competitions: DVWA can be used in CTF competitions to create
realistic web security challenges for participants to solve.
Security Awareness: Organizations can use DVWA to train developers and other staff on web
security issues, helping to raise awareness and improve overall security posture.

Ethical Considerations

While DVWA is a powerful tool for learning and practicing web security, it is important to
use it ethically and responsibly. Here are some key considerations:

Legal Use: Only use DVWA in a controlled environment where you have permission to test
and exploit vulnerabilities. Unauthorized testing on live websites or systems is illegal and
unethical.
Data Sensitivity: Be aware that DVWA is designed for learning and should not be used with
real user data. Ensure that any testing is done in a safe and secure environment.
Responsible Disclosure: If you discover new vulnerabilities in DVWA or other systems,
follow responsible disclosure practices to report them to the appropriate parties.

Objectives of Damn Vulnerable Web Application (DVWA)

Introduction
The Damn Vulnerable Web Application (DVWA) is a deliberately insecure web application
created for educational purposes. Its primary objective is to serve as a learning platform for
web security, allowing users to practice exploiting common vulnerabilities and to understand
the implications of security flaws in web applications. DVWA is an essential tool for students,
educators, security professionals, and developers who aim to improve their understanding and
skills in web security.

Purpose of DVWA
he fundamental purpose of DVWA is to provide a legal, safe, and controlled environment
where users can explore and practice various web vulnerabilities. It serves multiple
objectives:

Educational Tool: DVWA is designed to teach users about web vulnerabilities and how they
can be exploited.
Skill Development: It helps security professionals and enthusiasts develop and hone their
skills in identifying and mitigating web security issues.
Awareness and Training: It raises awareness among developers about the importance of
secure coding practices and the potential risks associated with insecure code.
Research and Testing: Researchers can use DVWA to study web vulnerabilities and test new
security tools and techniques.
Educational Objectives
1. Understanding Web Vulnerabilities
DVWA aims to educate users about a wide range of web vulnerabilities. By intentionally
incorporating common security flaws, it allows users to see firsthand how these
vulnerabilities manifest in web applications. Some of the key vulnerabilities included in
DVWA are:

SQL Injection: Demonstrates how attackers can manipulate SQL queries to access
unauthorized data.
Cross-Site Scripting (XSS): Shows how attackers can inject malicious scripts into web pages
viewed by other users.
Cross-Site Request Forgery (CSRF): Highlights how attackers can trick users into performing
actions without their consent.
Command Injection: Illustrates how attackers can execute arbitrary commands on the host
operating system.
File Inclusion: Demonstrates the risks associated with including external files in web
applications.
Brute Force: Shows how attackers can gain access by repeatedly trying different passwords.
By exploring these vulnerabilities, users gain a deep understanding of how they work and
how they can be exploited.

2. Practicing Exploitation Techniques

One of the primary objectives of DVWA is to provide a hands-on learning experience. Users
are encouraged to actively exploit the vulnerabilities present in the application. This practical
approach helps users:

Develop the technical skills required to exploit web vulnerabilities.

Understand the potential impact of security flaws on web applications.
Learn about the tools and techniques used by attackers.
Practicing these techniques in a controlled environment allows users to gain confidence in
their abilities and prepares them for real-world scenarios.

3. Learning Defensive Strategies

While exploiting vulnerabilities is a key aspect of DVWA, learning how to defend against
them is equally important. DVWA includes different security levels (low, medium, high, and
impossible) for each vulnerability, allowing users to see how various security measures can
mitigate risks. This helps users understand:

Best practices for secure coding.

Effective security controls and countermeasures.
The importance of input validation and sanitization.
How to implement security mechanisms to protect web applications.
By experimenting with different security levels, users can see the direct impact of defensive
strategies on the exploitation of vulnerabilities.

Practical Applications
1. Training Security Professionals
DVWA is widely used for training security professionals, including penetration testers,
security analysts, and ethical hackers. The application provides a realistic environment for
practicing and refining skills. Training with DVWA helps security professionals:

Stay updated with the latest exploitation techniques.

Prepare for certification exams such as CEH (Certified Ethical Hacker) and OSCP (Offensive
Security Certified Professional).
Gain hands-on experience with common web vulnerabilities.

2. Enhancing Developer Awareness

One of the critical objectives of DVWA is to raise awareness among developers about web
security. Many security issues arise due to a lack of awareness and understanding of secure
coding practices. DVWA helps developers:
Understand the consequences of insecure code.
Learn how to identify and fix security vulnerabilities in their code.
Adopt a security-first mindset during the development process.
By experiencing the exploitation of vulnerabilities, developers can appreciate the importance
of security and take proactive measures to protect their applications.

Objectives of Damn Vulnerable Web Application (DVWA)

Purpose of DVWA
The fundamental purpose of DVWA is to provide a legal, safe, and controlled environment
where users can explore and practice various web vulnerabilities. It serves multiple
objectives:

Educational Objectives
1. Understanding Web Vulnerabilities

DVWA aims to educate users about a wide range of web vulnerabilities. By intentionally
incorporating common security flaws, it allows users to see firsthand how these
vulnerabilities manifest in web applications. Some of the key vulnerabilities included in
DVWA are:

2. Practicing Exploitation Techniques

Develop the technical skills required to exploit web vulnerabilities.

3. Learning Defensive Strategies

Best practices for secure coding.

Stay updated with the latest exploitation techniques.

Prepare for certification exams such as CEH (Certified Ethical Hacker) and OSCP (Offensive
Security Certified Professional).
Gain hands-on experience with common web vulnerabilities.

2. Enhancing Developer Awareness

Understand the consequences of insecure code.

Learn how to identify and fix security vulnerabilities in their code.
Adopt a security-first mindset during the development process.
By experiencing the exploitation of vulnerabilities, developers can appreciate the importance
of security and take proactive measures to protect their applications.

CONFIDENTIALITY & PROPRIETARY

This document contains information that is confidential and proprietary, which shall not be
disclosed outside Client A, transmitted, or duplicated, used in whole or in part for any
purpose other than its intended purpose. Any use or disclosure in whole or in part of this
information without explicit written permission of Client A is prohibited. Cybereason makes
no warranty that the information contained in this document is complete or error free.
 This report is solely for the information of Client A and Client A management and
should not be used, circulated, quoted or otherwise referred to for any other purpose,
nor included or referred to in whole or in part in any document without our prior
written consent.
 The specific IP addresses / Domain were identified by Client A. Our subsequent test
work, study of issues in detail and developing action plans are directed towards the
issues identified. Consequently, this report may not necessarily comment on all the
weaknesses perceived as important by the Client A and / or Client A management.

REPORT ANALYSIS

 The issues identified and proposed action plans in this report are based on our testing.
We made specific efforts to verify the accuracy and authenticity of the information
gathered only in those cases where it was felt necessary.
 The identification of the issues in the report is mainly based on the tests carried out
during the limited time for conducting such an exercise. As the basis of selecting the
most appropriate weaknesses / vulnerabilities is purely judgmental in view of the time
available, the outcome of the analysis may not be exhaustive and representing all
possibilities, though we have taken reasonable care to cover the major eventualities.
 The vulnerabilities reported in this reported are valid as of Jan 1, 2021. Any
vulnerability, which may have been discovered after this or any exploit been made
available after May 9, 2020, does not come under the purview of this report.
 Any configuration changes or software/hardware updates made on hosts/machines on
the application covered in this test after the date mentioned herein may impact the
security posture either positively or negatively and hence invalidates the claims &
observations in this report. Whenever there is an update on the application, we
recommend that you conduct penetration test to ensure that your security posture is
compliant with your security policies.
1 open admin panel

2 dvwa security (low)

3 SQL injection

4 user ID (1)

5 %.0' or '0' = '0

6 %' or 0=0 union select null, version () #