Installing Attacker Machine - Kali Linux
In this topic:
- We will be setting up our Kali Linux (as an Attacker)
- Making sure that we can reach the DWVA page from the Attacker Side
Setting up Kali Linux / Setting up Network Interface
This is an easy step. Simply create a Kali Linux. You can rename the machine to the attacker.
We will be keeping the VM on NAT to imitate an attacker from the outside.
Now, let boot it up and see if we can reach our DVWA
Reaching the DVWA page from the attacker perspective:
Go to the machine that hosting the DVWA webpage and type ipconfig
Here we have 172.20.25.12 (Yours might be different)
But what I’m going do is take that IP and go to my attacker machine and type
172.20.25.12/DVWA/login.php
Once we have this, we can log in.
Default credentials:
admin/password
Boom, we’re ready to go and explore these countless attacks.
That is it for now. We’re done with the installation.
I plan to cover each attack individually and how it looks via PCAP, and how to block/detect it in Suricata.
[Click-Here] for the first post of the OWASP TOP 10 series (Brute-Force)