In one of the the previous articles I described the necessary steps to install bWAPP or a buggy web application. That was pretty easy.
In this article I will demonstrate the installation and configuration of bWAPP on the Samurai Web Testing Framework.
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web penetration testing environment. The image contains the best of the open source and free tools that focus on testing and attacking websites.
Once
you have booted Samurai WTF you can copy the bWAPP tar file to the desktop.
Extract it from here. A new directory 'bWAPP' will be
created.
Move the directory 'bWAPP' and its entire content to the folder '/var/www'. You need root privileges!
Edit the file 'admin/settings.php'. Use the Samurai MySQL settings.
You need to change the password to 'samurai'. Yes... the password of the MySQL root user on Samurai is actually 'samurai'.
Browse to the file 'install.php' in the directory 'bWAPP'. Click 'here'.
The database 'bWAPP' will be created and populated.
Syntax
cd /home/samurai/Desktop/
unzip bWAPP.zip
Move the directory 'bWAPP' and its entire content to the folder '/var/www'. You need root privileges!
Syntax
sudo su
mv /home/samurai/Desktop/bWAPP /var/www
Edit the file 'admin/settings.php'. Use the Samurai MySQL settings.
You need to change the password to 'samurai'. Yes... the password of the MySQL root user on Samurai is actually 'samurai'.
Browse to the file 'install.php' in the directory 'bWAPP'. Click 'here'.
The database 'bWAPP' will be created and populated.
Go to the login page. You can login with the default credentials (bee/bug) or you can make a new user. It's up to you!
You are ready to explore and exploit the bee!
Choose your favorite bug and a security level (low - medium - high).
Enjoy!
Regards
Malik Mesellem
https://twitter.com/MME_IT
