(1. The applications run mysql in a terminal type the command # / etc / init.d / mysql start)
2. jalankan aplikasi apalikasi apace di terminal #/etc/init.d/apache2 start
( 2. run the application apalikasi APACE in terminal # / etc / init.d / apache2 start)
3. buka DVWA di browser
4 setelah masuk maka login dengan username dan password
4 after entering the login with a username and password
5setelah login maka buka aplikasi burp suitekelik di pojok kiri atas applications->parrot->web application -> web Vunability scanner
5setelah login then burp suitekelik open application in the top left corner Applications> parrot-> web application -> Vunability web scanner
6 selanjutnya muncul pilihan tab advance klikk setting pilih manual proxy configuration dan diisi dengan ip local
6 next appeared selection klikk advance tab choose manual proxy configuration settings and filled with local ip
7 selanjutnya pilih intercept client request di ceklis yang bagian And URL
7 then select intercept the client request in the checklist are part And URL
8 setelah itu maka pilih tab intruder lalu pilih position pada kolom tersebut pembatas antar dodar isinya dihapus disisakan lambang dolar saja
8 after the intruder then select the tab and then select the position on the column contents removed dodar barrier between the dollar sign is left alone
9.maka will appear a lot of options by typing on the tab intruder into the payload. on the payload option, there are many options for mengimput words. can be directly typed and can be uploaded
10.setelah itu maka hasil akhirnya
kelik intruder klik start atack buat melihat hasil dari scaner brup tersebut.
10. After that, the end result
Kelik intruder click start atack made to see the results of the brup scanner.
11.supaya mengetahui password tersebut bisa dilihat dari hasil langth
11.know the password can be seen from the results langth *--*
Tidak ada komentar:
Posting Komentar