Recent
DVWA 1.0.7 is here!
After 9 months since the last release we are proud to present the all new Damn Vulnerable Web Application version 1.0.7.
What’s new?
The vulnerability help page has been improved.
We now display the logged on username along with the vulnerability level and php-ids status.
Blind SQL injection has been implemented.
We now have official documentation.
You can now compare all vulnerable source code in one page with the ‘view all’ button.
The whole theme has been redesigned, including a new great looking logo.
Many bug fixes and small changes throughout the application.
But that’s not all, we have continued the work that Duncan Alderson had done on the 1.0.6 LiveCD, as the LiveCD proved to be a great success. The new LiveCD is not only a vulnerable web application but also a badly configured web server which includes many server misconfiguration.
DVWA 1.0.7 LiveCD specs:
Ubuntu Server 10.04 minimal
XAMPP Linux 1.7.3a (Apache 2.2.14, MySQL 5.1.41, PHP 5.3.1)
WebDav
Fluxbox (optional)
Firefox 3.6.8
Firefox addons include XSS Me, SQL Inject Me, Access Me, Tamper Data, REST Client, HackBar, ShowIP, Useragent Switcher, Firebug, NoScript and more.
The DVWA 1.0.7 LiveCD is designed for the beginner to jump right in to learning web application security or a quick way to demo the severities of a vulnerability to your managers. The great thing about DVWA is its flexibility, whether you want to learn, teach, test or demo, DVWA makes it easy.
This will be the last 1.x release of DVWA as were busy working on the next version which were really exited about. DVWA 2.0 codenamed Ivey will be a complete rewrite of the whole of DVWA, we plan to take what’s awesome about the 1.x release and combine it with a whole new concept. DVWA Ivey will have multiple database support, so you can demo SQL injection over multiple databases and be so modular you will be able to write your own vulnerable code and have it integrated with DVWA within minutes.
We would like to thank all of the DVWA contributors for making this release and the next possible.
If your at BruCON this year why not pop into our workshop where you can learn how to use DVWA 1.0.7 to its maximum potential.
Download: http://www.dvwa.co.uk/DVWA-1.0.7.iso
