fix dockerized mysql function

harshagv · web-flow · commit 0fbaa8c541c4 · 2025-09-13T17:45:36.000Z
diff --git a/usyd/scripts-library/dvwa-pentest-lab.sh b/usyd/scripts-library/dvwa-pentest-lab.sh
@@ -299,7 +299,7 @@ ubuntu_install_mysql_docker_vulnerable() {
     local DVWA_DB_NAME="dvwa"
     local DVWA_DB_USER="dvwa"
     local DVWA_DB_PASS="pass"
-    local DB_HOST="localhost" # DVWA will connect to localhost, which is mapped to the container
+    local DB_HOST="127.0.0.1" # DVWA will connect to localhost, which is mapped to the container
 
     print_warn "This will stop and remove existing MySQL/MariaDB packages and data, and then install Docker."
     print_warn "It will then deploy a MySQL ${VULN_MYSQL_VERSION} Docker container."
@@ -340,6 +340,14 @@ ubuntu_install_mysql_docker_vulnerable() {
     apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
     systemctl enable docker --now
     print_success "Docker installed and started."
+    TARGET_USER=$(logname 2>/dev/null || echo "$SUDO_USER")
+    if [ -z "$TARGET_USER" ]; then
+        print_error "Could not determine target user. Exiting."
+        exit 1
+    fi
+    USER_HOME=$(eval echo "~${TARGET_USER}")
+    sudo usermod -aG docker "$TARGET_USER"
+    print_warn "User '$TARGET_USER' added to 'docker' group. Please LOG OUT and LOG BACK IN (or reboot) for this change to take full effect."
 
     # 3. Pull and Run MySQL Docker Container
     # Detect system architecture
@@ -361,13 +369,20 @@ ubuntu_install_mysql_docker_vulnerable() {
     print_info "Starting MySQL ${VULN_MYSQL_VERSION} Docker container '${CONTAINER_NAME}'.."
     # Map container port 3306 to host port 3306, relying on native DB being purged.
     # Environment variables handle initial root password, DVWA database, and DVWA user creation.
-    docker run --name "${CONTAINER_NAME}" \
-               -e MYSQL_ROOT_PASSWORD="${MYSQL_ROOT_PASSWORD}" \
-               -e MYSQL_DATABASE="${DVWA_DB_NAME}" \
-               -e MYSQL_USER="${DVWA_DB_USER}" \
-               -e MYSQL_PASSWORD="${DVWA_DB_PASS}" \
-               -p 3306:3306 \
-               -d "${MYSQL_IMAGE}:${VULN_MYSQL_VERSION}" || { print_error "Failed to start MySQL Docker container. Check 'docker logs ${CONTAINER_NAME}' for details."; exit 1; }
+    # docker run --name "${CONTAINER_NAME}" \
+    #            -e MYSQL_ROOT_PASSWORD="${MYSQL_ROOT_PASSWORD}" \
+    #            -e MYSQL_DATABASE="${DVWA_DB_NAME}" \
+    #            -e MYSQL_USER="${DVWA_DB_USER}" \
+    #            -e MYSQL_PASSWORD="${DVWA_DB_PASS}" \
+    #            -p 3306:3306 \
+    #            -d "${MYSQL_IMAGE}:${VULN_MYSQL_VERSION}"
+	docker run --name "${CONTAINER_NAME}" \
+	           --network host \
+	           -e MYSQL_ROOT_PASSWORD="${MYSQL_ROOT_PASSWORD}" \
+	           -e MYSQL_DATABASE="${DVWA_DB_NAME}" \
+	           -e MYSQL_USER="${DVWA_DB_USER}" \
+	           -e MYSQL_PASSWORD="${DVWA_DB_PASS}" \
+	           -d "${MYSQL_IMAGE}:${VULN_MYSQL_VERSION}" || { print_error "Failed to start MySQL Docker container. Check 'docker logs ${CONTAINER_NAME}' for details."; exit 1; }
 
     print_info "Waiting for MySQL container to become healthy (up to 90 seconds).."
     local RETRIES=18 # 18 * 5 seconds = 90 seconds
@@ -392,21 +407,35 @@ ubuntu_install_mysql_docker_vulnerable() {
         exit 1
     fi
     sed -i 's/\r//g' "$CONFIG_FILE" # Remove Windows-style carriage returns
-    sed -i "/'db_server'/c\\
-    \$_DVWA[ 'db_server' ] = '$DB_HOST';
-    " "$CONFIG_FILE"
-    sed -i "/'db_user'/c\\
-    \$_DVWA[ 'db_user' ] = '$DVWA_DB_USER';
-    " "$CONFIG_FILE"
-    sed -i "/'db_password'/c\\
-    \$_DVWA[ 'db_password' ] = '$DVWA_DB_PASS';
-    " "$CONFIG_FILE"
+
+	# Update db_server to $DB_HOST - e.g. '127.0.0.1' to force TCP connection
+	sed -i "s|^\s*\$_DVWA\s*\[\s*'db_server'\s*\]\s*=\s*'[^']*';|\\\$_DVWA['db_server'] = '${DB_HOST}';|" "$CONFIG_FILE"
+	sed -i "s|^\s*\$_DVWA\s*\[\s*'db_user'\s*\]\s*=\s*'[^']*';|\\\$_DVWA['db_user'] = '${DVWA_DB_USER}';|" "$CONFIG_FILE"
+	sed -i "s|^\s*\$_DVWA\s*\[\s*'db_password'\s*\]\s*=\s*'[^']*';|\\\$_DVWA['db_password'] = '${DVWA_DB_PASS}';|" "$CONFIG_FILE"
+	sed -i "s|^\s*\$_DVWA\s*\[\s*'db_database'\s*\]\s*=\s*'[^']*';|\\\$_DVWA['db_database'] = '${DVWA_DB_NAME}';|" "$CONFIG_FILE"
+	sed -i "s|^\s*\$_DVWA\s*\[\s*'db_port'\s*\]\s*=\s*'[^']*';|\\\$_DVWA['db_port'] = '${DB_PORT:-3306}';|" "$CONFIG_FILE"
     print_info "DVWA configuration file updated for Dockerized MySQL."
 
+    print_info "Restart apache2 service.."
+ 	sudo systemctl restart apache2
+
     print_success "Vulnerable MySQL (${VULN_MYSQL_VERSION}) Docker container is running and DVWA is configured to use it!"
     print_info "Remember to ensure your DVWA web server (Apache2) is running on the Ubuntu VM."
     print_info "Go to DVWA's /setup.php page in your browser (http://localhost/dvwa/setup.php) to configure and create the database tables."
     print_info "MySQL Docker container '${CONTAINER_NAME}' is configured to start automatically with Docker."
+
+ 	print_info "Verifying DVWA login page is accessible..."
+	
+	# Give the web server a few seconds to start fully
+	sleep 5
+	
+	if curl -s -o /dev/null -w "%{http_code}" http://localhost/dvwa/login.php | grep -q "200"; then
+	    print_success "DVWA login page is accessible at http://localhost/dvwa/login.php"
+	else
+	    print_error "DVWA login page is NOT accessible. Check Apache2 and Docker MySQL container."
+	    print_info "Try checking Apache logs: journalctl -u apache2 or /var/log/apache2/error.log"
+	    print_info "Also check Docker MySQL logs: docker logs ${CONTAINER_NAME}"
+	fi
 }
 
 # Function: ubuntu_set_dvwa_permissions
