Hello Ultimates! Today we will learn how to setup bWAPP in Linux to practice web application hacking. With bWAPP you can test your skills by hacking into webapps that are vulnerable to Cross Site Scripting, HTML Injection, SQL Injection, Broken authentication etc.
Download and Extract bWAPP
First of all download it from here and then extract the files
Copying files to the /var/www/html directory
Open the newly extracted bWAPP folder and copy the content. Now go to /var/www/html directory and paste the files
Starting essential services and giving permissions to bWAPP
Next thing we need to do is to start apache2 service (needed to run bWAPP) and mysql service (for database purposes). We also need to give proper permission to the bWAPP to make it work. For this purpose I will enter these commands in the terminal one by one:
service apache2 start
service mysql start
chmod -R 777 /var/www/html
Removing database password
Edit the settings.php file located under /var/www/html/bWAPP/admin/settings.php and delete the password “bug” and save the file.
Everything is ready now.
Visit this link in your browser to install bWAPP —> http://localhost/bWAPP/install.php
After installing bWAPP. Login using the default credentials bee, bug.
You will get a list of vulnerabilities you can try to hack after logging into the bWAPP
You can start testing your skills with bWAPP now 😉
There are 3 levels available for every test Low, Medium, High. Choose the one which suits your level of skills and keep practicing.