🎯 网络安全新手实验室 / Cybersecurity Beginner Lab
一个集成了多种Web安全测试环境的VMware本地化虚拟机靶场平台 / A VMware-based localized virtual machine platform integrating multiple web security testing environments
基于Ubuntu 22.04 系统搭建,包含DVWA、Pikachu、XSS-labs、sqli-labs等经典漏洞练习环境 / Built on Ubuntu 22.04 with classic vulnerability practice environments including DVWA, Pikachu, XSS-labs, sqli-labs, etc.
- 安装 VMware Workstation Pro / Install VMware Workstation Pro
- 解压压缩包 / Extract the compressed package
- 点击靶场.vmx / Click the "靶场.vmx" file
默认HTTPS服务 / Default HTTPS Service
🔗 https://localhost:8443
切记使用 https:// 否则无法访问 / Remember to use https:// otherwise access will fail
📌 如需使用80端口版本,请恢复至【靶场 V1.1 快照 80 端口版】/ To use the 80-port version, please restore to [靶场 V1.1 快照 80 端口版] snapshot
- Web服务器 / Web Server: Apache (自签名SSL证书 / Self-signed SSL certificate)
- 数据库 / Database: MySQL 8
- PHP: 8.1
- CMS: Halo
- Halo容器 / Halo Container: Docker
| 靶场名称 / Lab Name | 本地状态 / Local Status | 访问方式 / Access Method | 默认凭证 / Default Credentials |
|---|---|---|---|
| DVWA | ✅ 本地 / Local | /labs/dvwa |
admin/password |
| Pikachu | ✅ 本地 / Local | /labs/pikachu |
- |
| XSS-labs | ✅ 本地 / Local | /labs/xss-labs |
- |
| sqli-labs | ✅ 本地 / Local | /labs/sqli-labs |
- |
| upload-labs | 🌐 在线 / Online | c0ny1在线版 / Online Version | - |
📝 upload-labs因PHP兼容性问题采用外部链接方案 / upload-labs uses an external link solution due to PHP compatibility issues.
特别感谢 / Special thanks to c0ny1 for the online upload-labs project.
如有版权问题请联系 / For copyright issues please contact: [email protected]
| 服务 / Service | 用户名 / Username | 密码 / Password |
|---|---|---|
| Ubuntu系统 / Ubuntu OS | ubuntu | labs7788 |
| root账户 / root account | root | labs7788 |
| Halo后台 / Halo Admin | ubuntu | labs7788 |
| DVWA | admin | password |
- 首次访问需信任自签名SSL证书 / First access requires trusting the self-signed SSL certificate
- 建议在隔离网络环境中使用 / Recommended to use in an isolated network environment
- V1.1 80: 80端口基础版 / 80-port basic version(需通过快照恢复至【靶场 V1.1 快照 80 端口版】/ Need to restore to [靶场 V1.1 快照 80 端口版] snapshot)
- V1.1 8443: 8443端口HTTPS版 / 8443-port HTTPS version
- 仍在努力更新中,努力解决构建中的一切兼容性问题。欢迎大家共同努力!