Shulou(Shulou.com)06/01 Report--

Build Windows vulnerability environment here involves WAMP, DVWA, XSS, sqli-labs experimental environment windows host is gone, do not need any environment today is to build the environment what is WAMP?

WAMP is the abbreviation for Apache, MySQL, and PHP environments in windows to WAMP.

Set up WAMP

First of all, we need to download a WAMP. There is an official website where you can download the official website address directly.

Click Download after entering the official website, click the changelog jump page under the corresponding version, and then click GetUpdates.

After the download is completed, the installation software will flash out and a cmd window will be gone.

Then we type 127.0.0.1 into the browser and a Server Configuration interface appears.

In this way, our WAMP is finished.

When the download is complete, clicking on the shortcut just pops up the window of cmd and then it's gone. This is normal. Don't think like me that it hasn't been installed for a long time.

What is DVWA to build a DVWA vulnerability environment?

DVWA is an open source platform for testing vulnerabilities, including XSS, SQL injection, file upload, CSRF, brute force cracking and other test environments.

Set up DVWA

Did you think that you could just go to the official website to download DVWA?

NO NO NO

We still lack an integrated environment, so we need php study here.

Download the official website address of php study first.

Since the latest version is still under internal testing, it is not yet open to download, so if you have to use the latest version, add their QQ group on the official website and download the latest version in the group.

If you don't pick, you can download version 2018 and use it. It's all the same. It doesn't make much difference. The new version is still under testing and may be unstable.

When the download is complete, open it after installation

Just click to start.

To test whether the environment is successful, we open a browser and enter 127.0.0.1/phpmyadmin/

If the installation is successful, the login interface will appear.

You don't have to log in here, and you don't know the password if you want to.

I don't know. It's okay. Let's just take a look.

Open the installation directory of DVWA and find the config file under php-study\ PHPTutorial\ WWW\ DVWA-master

There is a config.inc.php under config that opens it with notepad.

Next, modify the user name, password and database name of the database.

After the change, we go back to the login screen and start logging in, with the account number root and password root.

Log in successfully

Now it's time to download DVWA and search DVWA directly.

If you download from the official website, the loading of the web page is too slow. You can choose another download method.

After the download is complete, put the downloaded dvwa-master into the www directory

Note that if you can't put it under the www file under php study, you need to put it under the www file under WAMP.

Let's verify that DVWA can access

It is impossible to enter 127.0.0.1/setup.php directly in the browser. You need to add the path 127.0.0.1/dvwa-master/setup.php.

See if there are any places showing red, such as this allow_url_include:Disabled.

We search the ini.php configuration file under php study and change the allow_url_include = Off in the file to = On

If reCAPTCHA key:missing finds the config/config.inc.php under DVWA, if it's not that name, change it to this name.

Then open it with notepad and find reCAPTCHA key and enter 6LdK7xITAAzzAAJQTfL7fu6I-0aPl8KHHieAT_yJg.

If there are other problems that can be solved by Baidu on its own, basically there will be solutions, so I won't go into details here.

After solving the problem, click the Create/Reset Database at the bottom and click Login.

We log in using the default account.

Username:admin

Password:password

This interface is displayed after logging in.

Build SQL injection platform what is SQL injection platform?

Sqli-labs is an open source platform for learning SQL injection. There are 75 different types of injection.

Set up sqli-labs

You need to download the download address on GitHub.

Put the downloaded sqli-labs file under the www file of php-study

Now we need to go back to the login interface of the database and create a new database security

Click the security on the right to enter the database, select the import above, and select the sql-lab.sql file under the downloaded sqli-labs-master.

Let's go into the folder and see if there is a sqli-labs-master folder.

Access 127.0.0.1/sqli-labs-master/ in a browser

Click Setup/reset Database for labs to jump to the next page

Done!

Build a XSS test platform. What is XSS?

The XSS test platform is a platform for testing XSS vulnerabilities to obtain Cookie and accept Web pages. XSS can do everything JS can do, including, but not limited to, stealing Cookie, phishing, modifying web code, website redirection, etc.

Set up XSS

Download the xsser.me source code, you can search one on Baidu.

Enter the database and create a new xssplatform library to place the website directory for building the XSS platform.

After building the database, move the downloaded XSS file to the www directory under php-study

Modify the user name, password, database name, registration configuration, url address in the config.php file under the XSS file

Enter the xssplatfrom library and import the xssplatfrom.sql file in the XSS folder

Then execute the SQL statement

We select the oc_user on the left in the xssplatfrom library to do the settings in the drawing.

You also need to create a static file under the XSS file with the suffix .htaccess, which is set to xss .htaccess.

Write in a file

# apache environment RewriteEngine OnRewriteBase / RewriteRule ^ ([0-9a-zA-Z] {6}) $/ xss/index.php?do=code&urlKey=$1 [L] RewriteRule ^ do/auth/ (\ w?) (/ domain/ ([\ w\.] +?)? $/ index.php?do=do&auth=$1&domain=$3 [L] RewriteRule ^ register/ (. *?) $/ xss/index.php?do=register&key=$1 [L] RewriteRule ^ register-validate/ (. *?) $/ xss/index.php?do=register&act=validate & key=$1 [L] rewrite "^ / ([0-9a-zA-Z] {6}) $" / index.php?do=code&urlKey=$1 break Rewrite "^ / do/auth/ (wicked?) (/ domain/ ([w.] +?)? $" / xss/index.php?do=do&auth=$1&domain=$3 break;rewrite "^ / register/ (. *?) $" / index.php?do=register&key=$1 break;rewrite "^ / register-validate/ (. *?) $" / index.php?do=register&act=validate&key=$1 break;rewrite "^ / login$" / index.php?do=login last

Now let's check whether the XSS has been built successfully.

Access 127.0.0.1/xss/ in a browser

See if it comes out of the login interface.

Click in the upper right corner to register an account

Because you just changed invite to normal in the registration configuration office, you don't have to enter the invitation code here. If you don't change it, you need the invitation code to register.

Log in using the registered account

FAQ: after installing WAMP, it will be gone in a flash.

It is also mentioned in the article that the frame of cmd is gone with a flash. If you visit 127.0.0.1 in the browser, you can see both hello world and Server Configuration.

About phpstudy

After we have installed WAMP, that is to say, we now have an environment for Apache, MySQL, and PHP, but we need an integrated software to combine them, and phpstudy does this.

Display Disabled when installing DVWA

This has also been said in the article. I will say a little more.

PHP function allow_url_include: disabled

If this is displayed, go to php-study\ PHPTutorial to find the php file, and search for ini.php under this folder.

Find all the corresponding files to edit and change allow_url_include=Off to = allow_url_include=On

If the Disabled is still displayed after the change, it doesn't matter as long as there's nothing else, just click the bottom button.

ReCAPTCHA key:missing

To display this, you need to add a section of code to this option in the matching file. You can search it on Baidu.

I only have these two problems. That's all I have to say first.

About sqli-labs and xsser.me downloads

If there is a problem in the process or can not find a place to download

You can find me to get the resources of the network disk.

Sqli-labs enter URL not found

Not found should be the problem of input path or phpstudy.

If you are not sure about the path, go to the folder and have a look.

But it's usually 127.0.0.1/sqli-labs-master/.

There is another situation that happened today.

That is, the problem with phpstudy is that sometimes one of the three services of phpstudy can lead to unsuccessful access.

About which www directory to put the download files into

There are two www folders, WAMP and phpstudy.

I don't know the exact answer.

I put sqli-labs XSS under the www folder under phpstudy

Put DVWA into the www file under WAMP

Error when accessing 127.0.0.1/sqli-labs-master/sql-connections/setup-db.php

I also forgot the screenshot of the error picture of the prompt. The meaning on the web page is something like this:

I:\ DVWA\ PHP-Study\ php-study\ PHPTutorial\ WWW\ sqli-labs-master\ sql-connections error in sql-connections.php 6

This is probably the hint. I checked all kinds of blind spots in phpstudy.

Finally, I checked and found that it was due to the problem with the version of php used in phpstudy.

Just switch the version to a higher version in the phpstudy midpoint.

Phpstudy status always shows red

If these two on the left are still red after you start phpstudy

Maybe it's because you changed the installation location of phpstudy.

Display helloworld when accessing the xss login interface

I was confused when this happened.

Everything comes out when you visit xss and log in, helloWord.

After a while, it probably narrowed down the scope of the problem.

It may be an error in the operation of the database xssplatfrom

It is very likely that there is an error in executing the SQL statement and adminlevel1.

The easiest way is to delete the xssplatfrom library and do it again.

.htaccess pseudo-static file

The contents of this file can be found by Baidu, but some are not.

Be sure to note that some of the lines in this file have / xss/index.php at the end. Don't make a mistake, you can also write / index.php, but sometimes add / xss/.

Summary

To build this vulnerability environment in order to study the SQL injection.

It does look simple, but there are all kinds of mistakes when it's built.

I built these surroundings for more than six hours during the Dragon Boat Festival, with all kinds of problems.

When I wrote my blog today, I followed my notes again, and I made another unexpected mistake.

You can only grope a little according to the wrong tips.

I hope the problems I encounter can make beginners like me take fewer detours.

If there are any mistakes in the article, please contact me in time, and I will correct them in time.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.