DVWA

What You Need for This Project

A computer with VMware Player, Fusion, or Workstation

Task 1: Select Team Roles

Each team needs a Manager, a Writer, a Researcher and one or more Technicians.

The Manager is responsible for ensuring that all the tasks are completed correctly and on time, by delegating tasks to the other team members, monitoring their progress, and reallocating resources as neeed.

The Writer records the important actions performed by the team and prepares a Report for the client.

The Researcher searches the Web to find out information about the target and any other information the team needs.

The Technicians scan and attack the target, keeping notes of what they have done.

Task 2: Prepare Target

Download DVWA from

http://www.dvwa.co.uk/DVWA-1.0.7.iso (480 MB)

Create a default VM and boot it from the ISO. Find your VM's IP address, as shown below.

Open that IP address in a browser. Log in as admin with a password of password as shown below.

On the lower left, click "DVWA Security". Set the security level to low, as shown below.

On the lower left, click "Brute Force".

For this project, only this page is in scope, as shown below. Don't test other parts of the page. However, feel free to try higher security levels after completing the challenge at "low" security.

Task 3: Exploit the Target

Find vulnerabilities, and hack the target. Keep track of what you have done.

Task 4: Report Findings

This will be either a written report, or a 5-minute in-class presentation, explaining what you did, and how you did it.

Posted 8-15-18