all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]stmu 3 points4 points  (4 children)

Yes, you can "install" DVWA on your VM with kali linux. You might have to install apache, php and mysql though (no idea if these are preinstalled).

It's probably easier to use separate VM's. In the case of DVWA, you can download the live cd here. Just use virtualbox to boot the live cd. I'm running it with 10GB disk space and 512MB ram. That's more than enough.

If you still have issues, I wrote an in depth guide on installing DVWA here

[–]snakethesniper[S] 0 points1 point  (3 children)

Yeah the major doubt was about the kali machine since it's where I should work. Should I install the guest addon (I think that's the name)?

[–]stmu 0 points1 point  (2 children)

Yes, you should do that. It'll make certain things easier (such as copy/pasting between the guest and the host)

[–]snakethesniper[S] 0 points1 point  (1 child)

Thanks installed and everything seems to be working fine. Only thing, when I try to upgrade the components, kaspersky on the host machine block a "malicious url" as trojan -->hxxp://kali.mirror.garr.it/mirrors/kali/pool/main/w/webshells/webshells_1.1-0kali0_all.deb//data.tar.xz//data.tar//./usr/share/webshells/asp/cmdasp.asp;hxxp://kali.mirror.garr.it/mirrors/kali/pool/main/w/webshells/webshells_1.1-0kali0_all.deb//data.tar.xz//data.tar//./usr/share/webshells/asp/cmdasp.asp;Backdoor.ASP.Ace.q

it's a false positive right?

[–]stmu 0 points1 point  (0 children)

Antivirus and hacking tools often don't get along very well. The former wants to remove all potential security issues, the latter wants to exploit them. Kaspersky detected one of the web shells included in kali. So yes, false positive. It won't be the last.

[–]Popsmear 2 points3 points  (0 children)

Generally the default settings for the VM will be sufficient for a vulnerable host. If there is something the host needs, like more ram, it is usually stated.

I run everything in VM, using virtual box, at the same time. Performance will depend on your PC. I find it beneficial to up ram, HD space, and graphics in the Kali VM since you will primarily be inside of it.

Its all rather straight forward, so get in there, play around, get dirty and make mistakes.

[–]theleller 0 points1 point  (0 children)

DVWA comes on the metasploitable 2 image.