Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

B wapp – bee bug – installation

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities.bWAPP prepares one to conduct successful penetration testing and ethical hacking projects.

  • Als Erste(r) kommentieren

B wapp – bee bug – installation

  1. 1. • bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. • It covers all major known web bugs, including all risks from the OWASP Top 10 project. • I will now show you how to install bWAPP two different ways. – Option 1: Windows with IIS and MySQL, with XAMPP – Option 2: Using bee-box, a custom Linux VM pre-installed with bWAPP.
  2. 2. • Download Page: • http://sourceforge.net/projects/bwapp/files/? source=navbar
  3. 3. Step 1 Windows – bWAPP & XAMPP • Download the latest version of bWAPP from SourceForge and XAMPP from apachefriends. – http://sourceforge.net/projects/bwapp/files/bWA PP/ – https://www.apachefriends.org/download.html • Unzip XAMPP within the C: Drive and install
  4. 4. • Run XAMPP to get to the control Panel – Hit Start Apache – Hit Start MySQL
  5. 5. • Unzip bWAPP, copy and its full contents into C:xampphtdocs
  6. 6. • Edit the file 'admin/settings.php' with your own database connection settings.
  7. 7. • Open the Security console XAMPP directory
  8. 8. • Set the the MYSQL password within the MYSQL SECTION: "ROOT" PASSWORD
  9. 9. • Browse to the file 'install.php' in the directory 'bWAPP'. • Login with the default credentials, or make a new user. – default credentials: bee/bug
  10. 10. Step 2: VMware Bee-Box and local Windows • Bee-box is a custom Linux VM pre-installed with bWAPP. Bee-box is a custom Linux VM (virtual machine) pre-installed with bWAPP. • Bee-box gives you several ways to hack and deface the bWAPP website. It's also possible to hack the bee-box to get root access... • With bee-box you have the opportunity to explore all bWAPP vulnerabilities! • Download the latest version of bWAPP from SourceForge – http://sourceforge.net/projects/bwapp/files/bee-box/
  11. 11. • Unzip bee-box and double click on the bee-box – VMware virtual machine configuration this will load the config file into VMware
  12. 12. • From here it is ready to use, although we will be making some changes.
  13. 13. • Open a terminal and run ifconfig command to find the assigned
  14. 14. • Now that we know the bWAPP IP we will now alter the network configurations using for eth0 using the following command – sudo gedit /etc/network/interfaces • My IP is 192.168.68.132, yours will be different and you will need to alter the following file similar too mine.
  15. 15. • Once the network configuration for Bee-Bug is complete carry out a network restart. – sudo /etc/init.d/networking restart • • The last step is too paste the following in a Windows file explorer and choose notepad to open the hosts file. – C:WindowsSystem32Driversetchosts • • Enter the IP obtained within Bee-Bug – again mine was 192.168.68.132 so mines look like the following and save.
  16. 16. • The process is now compete and simply type itsecgames.com into the windows browser and start hacking.
  17. 17. • This project is part of the ITSEC GAMES project. ITSEC GAMES are a fun approach to IT security education. IT security, ethical hacking, training and fun... all mixed together. – https://twitter.com/MME_IT

    Als Erste(r) kommentieren

    Loggen Sie sich ein, um Kommentare anzuzeigen.

  • Drag0nR3b0rn

    Oct. 27, 2014
  • Fabiantronc

    Feb. 13, 2016

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities.bWAPP prepares one to conduct successful penetration testing and ethical hacking projects.

Aufrufe

Aufrufe insgesamt

28.890

Auf Slideshare

0

Aus Einbettungen

0

Anzahl der Einbettungen

26.408

Befehle

Downloads

22

Geteilt

0

Kommentare

0

Likes

2

×