## https://sploitus.com/exploit?id=1BA82890-B9C2-5B5A-BF01-241E59E8B1B6
# DVWA Web Security Labs
## Project Description
This project creates a web security testing environment based on DVWA (Damn Vulnerable Web Application). It involves reproducing multiple common web-based vulnerabilities, performing packet capture analysis, testing payloads, and summarizing defense measures. This project integrates the following basic vulnerability experiments:
1. SQL Injection
2. XSS (Cross-Site Scripting)
3. CSRF (Cross-Site Request Forgery)
4. File Upload Vulnerabilities
5. Command Injection
6. File Inclusion Vulnerabilities
This project is primarily used for learning web security basics, practicing vulnerability reproduction, and showcasing personal GitHub projects. ---
## Technology Stack
- Windows 11
- Docker Desktop
- DVWA
- Burp Suite Community Edition
- Google Chrome / Burp Built-in Browser
- MySQL / MariaDB
- Git / GitHub
---
## Experimental Environment
| Component | Description |
|---|---|
| Operating System | Windows 11 |
| Testing Environment | DVWA |
| Container Environment | Docker Desktop |
| Packet Capture Tool | Burp Suite Community Edition |
| Browser | Google Chrome / Burp Built-in Browser |
| Database | MySQL / MariaDB |
| Security Level | Low / Medium |
---
## Project Structure
```
dvwa_web_security_labs/
β
βββ README.md
βββ payloads/
β βββ dvwa_payloads.txt
βββ reports/
β βββ dvwa_basic_vulnerabilities_report.md
βββ screenshots/
βββ 01_sql_injection/
βββ 02_xss/
βββ 03_csrf/
βββ 04_fileUpload/
βββ 05_command_injection/
βββ 06_file_inclusion/
```
---
## DVWA Environment Launch
Enter the DVWA project directory and execute:
```bash
docker compose up -d
```
Access from a browser:
```text
http://localhost:4280
```
Default account:
```text
admin
```
Default password:
```text
password
```
If you changed the password during previous experiments, you can log in with the current password, or reset the database by going to DVWAβs βSetupβ or βReset DBβ page. ---
# 1. SQL Injection
## Vulnerability Description
SQL Injection occurs when the backend directly inserts user input into SQL statements, allowing attackers to alter the SQL query logic, thereby reading, enumerating, or modifying database content. ## Experiment Details
This experiment includes:
- Normal ID queries;
- Burp Suite packet capture analysis;
- Checking the number of fields in ORDER BY clauses;
- UNION SELECT queries;
- Enumerating information about `database()` and `version()` functions;
- Extracting hashed usernames and passwords from the `users` table. ## Key Screenshots





---
# 2. XSS Cross-Site Scripting
## Vulnerability Description
XSS occurs when websites do not properly handle user input and page outputs, allowing attackersβ injected JavaScript to be executed by the browser. This experiment includes:
- Reflected XSS
## Experiment Content
This experiment has completed the following tasks:
- Verified reflected XSS using `alert(1)`;
- Verified stored XSS using ββ;
- Observed the persistence of Stored XSS;
- Tested DOM XSS;
- Analyzed simple filtering rules and attempted bypasses.
### Key Screenshots









---
# 3. CSRF Cross-Site Request Forgery
## Vulnerability Description
CSRF is a technique where an attacker induces logged-in users to access malicious pages, causing the userβs browser to send sensitive requests to the target website while carrying cookies.
### Experiment Content
This experiment has completed the following tasks:
- Captured packets for normal password modification requests;
- Analyzed the `password_new` and `password_conf` parameters;
- Created the `csrf_attack.html` file;
- Automatically triggered password modification requests using JavaScript;
- Understood that CSRF exploits the userβs login state.
### Key Screenshots




---
# 4. File Upload Vulnerabilities
## Vulnerability Description
File upload vulnerabilities occur when the server does not strictly verify the type, content, and execution permissions of uploaded files, allowing attackers to upload executable scripts.
### Experiment Content
This experiment has completed the following tasks:
- Normal image uploads;
- Captured multipart/form-data upload requests using Burp;
- Uploading PHP test files at a low level;
- Accessing and executing the uploaded PHP files;
- Blocking direct PHP uploads at a medium level;
- Bypassing MIME type detection by changing the Content-Type to image/jpeg.
### Key Screenshots







# 5. Command Injection β Command Execution Vulnerabilities
## Vulnerability Description
Command injection vulnerabilities occur when the backend directly appends user-input data into system commands, allowing attackers to execute additional system commands. ## Experiment Details
This experiment included:
- A normal ping test;
- Capturing command execution requests using Burp;
- Verifying command execution with `; whoami`;
- Checking the execution environment using `pwd`, `id`, and `uname -a`;
- Observing filtering effects at Medium difficulty level;
- Using the pipe character `| whoami` to perform basic bypass techniques. ## Key Screenshots







---
# 6. File Inclusion β File Inclusion Vulnerabilities
## Vulnerability Description
File inclusion vulnerabilities arise when the backend loads files based on parameters provided by users, without strict restrictions on file paths. This allows attackers to read local server files through path traversal. ## Experiment Details
This experiment included:
- Normal inclusion of `file1.php`;
- Analyzing the `page` parameter in URLs;
- Reading `/etc/passwd` using path traversal;
- Capturing LFI requests with Burp;
- Intercepting normal path traversal at Medium difficulty level;
- Using the `....//` path manipulation technique to bypass simple filters. ## Key Screenshots






---
# Learning Summary
Through this project, we have replicated and analyzed several basic Web vulnerabilities in the DVWA environment. We have mastered:
- How to use the DVWA training environment;
- How to capture packets with Burp Suite and replay Repeater requests;
- The basic testing process for SQL injections;
- Three common types of XSS attacks;
- The principle of CSRF requests;
- Vulnerabilities related to file uploads and Content-Type bypasses;
- Vulnerabilities related to command execution and character set bypasses;
- Vulnerabilities related to file inclusion and path traversal;
- Defense strategies for common Web vulnerabilities. ---
## Detailed Report
The complete experiment process, vulnerability analysis, payloads, and defense recommendations can be found in:
```text
reports/dvwa_basic_vulnerabilities_report.md
```
Payloads can be found in:
```text
payloads/dvwa_payloads.txt
```
---
## Disclaimer
This project is solely for web security learning, vulnerability reproduction, and research purposes. All experiments were conducted within the local DVWA environment. It is strictly prohibited to use it for unauthorized targets.