1. docker vuln Environment

2. OWASP SecurityShepherd

https://github.com/OWASP/SecurityShepherd

虚拟机/安装包

https://github.com/OWASP/SecurityShepherd/releases/tag/v3.0

Docker镜像

https://hub.docker.com/r/ismisepaul/securityshepherd/

获取镜像：

docker pull ismisepaul/securityshepherd

获取shell：

docker run -i -p 80:80 -p 443:443 -p 27017:27017 -t ismisepaul/securityshepherd /bin/bash

运行mysql和tomcat：

/usr/bin/mongod &
/usr/bin/mysqld_safe &
service tomcat7 start

如果你没有安装配置authbind：

sudo apt-get install authbind
touch /etc/authbind/byport/80
touch /etc/authbind/byport/443
chmod 550 /etc/authbind/byport/80
chmod 550 /etc/authbind/byport/443
chown tomcat7 /etc/authbind/byport/80
chown tomcat7 /etc/authbind/byport/443

2.1. 配置

参见：https://github.com/OWASP/SecurityShepherd/wiki

3. dvwa

github dvwa install dvwa on ubuntu14

linux install requirements

apt-get -y install apache2 mysql-server php5 php5-mysql php5-gd

默认用户

DVWA默认的用户有5个，用户名密码如下：

admin/password

gordonb/abc123

1337/charley

pablo/letmein

smithy/password

Vulnapp

1. docker vuln Environment

2. OWASP SecurityShepherd

2.1. 配置

3. dvwa

results matching ""

No results matching ""