Sep 112010

Damn vulnerable linuxDamn Vulnerable Linux – The most vulnerable and exploitable operating system ever!

Damn Vulnerable Linux is the most complete training environment for IT security with over 500.000 downloads. It includes all tools you need ready to go. Additionally tons of training material and exercises are included. Damn Vulnerable Linux works fine under Windows, Linux and Mac OSX using any virtual machine such as VMware, Qemu or KVM. You can let it run installed natively on a standard PC or even boot it from USB.

Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.

The main idea behind DVL was to build up a training system that I could use for my university lectures. My goal was to design a Linux system that was as vulnerable as possible, to teach topics such as reverse code engineering, buffer overflows, shellcode development, Web exploitation, and SQL injection.

I’ve used it in a virtual machine on VirtualBox and I’ve been very happy with the system, when it starts you have the opportunity to start KDE or Fluxbox, I chose Fluxbox. Once started, you will have the opportunity to start various “services” that will be used in exercises, such as a webserver and mysql.

I tried the web exploit and start from simple PHP form to  more complicated XSS, is certainly interesting for programmers and for those who manage these services.

DVL is a live CD available as a 1,8 GB ISO. It contains older, easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons, as well as several tools available to help you compile, debug, and break applications running on these services, including GCC, GDB, NASM, strace, ELF Shell, DDD, LDasm, LIDa, and more.

DVL is made by people with significant black hat backgrounds, incorporating the community of and It contains a huge amount of lessons, including lesson descriptions and solutions if the level has been solved by a community member at

In this video, how to configure a virtual machine with Virtualbox under Ubuntu to run Damn vulnerable linux

Popular Posts:

Flattr this!

  4 Responses to “Damn Vulnerable Linux”

  1. I’ve seen DVL before, and just haven’t had the skills to face it head on, nor the time either. However I might have to have a go in the near future.

    • Hello Barney, it take some time for sure, but DVL is nice also because include manuals and help pages, so the first tutorials teach almost from 0 some common tricks, and attacks to system/web page and daemons. Definetely to test In my opinion. Thanks for the feedback

  2. Im trying to download it, but I can not find an option to download it – I have not looked at torrents yet

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>