Difference between revisions of "NOWASP (Mutillidae)"

From Alpine Linux
Jump to: navigation, search
(Created page with "{{Draft}} [http://sourceforge.net/projects/mutillidae/ NOWASP (Mutillidae)] is a free, open source, deliberately vulnerable web-application. It's similar to [[Damn_Vulnerable...")
 
(Installing and configuring Piwik)
 
Line 9: Line 9:
 
{{Cmd|apk add php-mysql mysql mysql-client}}
 
{{Cmd|apk add php-mysql mysql mysql-client}}
  
= Installing and configuring Piwik =
+
= Installing and configuring Mutillidae =
  
Create the a folder named ''webapps''
+
Create the a folder named {{Path|webapps}}
  
 
{{Cmd|mkdir -p /usr/share/webapps/}}
 
{{Cmd|mkdir -p /usr/share/webapps/}}
Line 22: Line 22:
 
Unpack the archive and remove it
 
Unpack the archive and remove it
  
{{Cmd|unzip DVWA-1.0.7.zip
+
{{Cmd|unzip LATEST-mutillidae-2.3.14.zip
rm DVWA-1.0.7.zip}}
+
rm LATEST-mutillidae-2.3.14.zip}}
  
 
Change the folder permissions
 
Change the folder permissions
Line 29: Line 29:
 
{{Cmd|chmod -R 777 /usr/share/webapps/}}
 
{{Cmd|chmod -R 777 /usr/share/webapps/}}
  
Create a symlinks to the folder ''dvwa''
+
Create a symlinks to the folder {{Path|mutillidae}}
  
{{Cmd|ln -s /usr/share/webapps/dvwa/ /var/www/localhost/htdocs/dvwa}}
+
{{Cmd|ln -s /usr/share/webapps/mutillidae/ /var/www/localhost/htdocs/mutillidae}}
 
<!--
 
<!--
 
= Configuration and start MySql =
 
= Configuration and start MySql =
Line 43: Line 43:
 
{{Cmd|nano -w /usr/share/webapps/dvwa/config/config.inc.php}}
 
{{Cmd|nano -w /usr/share/webapps/dvwa/config/config.inc.php}}
  
To complete the setup, browse to the DVWA directory on the webserver.
+
To complete the setup, browse to the mutillidae directory on the webserver.
  
http://WEBSERVER_IP_ADDRESS/dvwa
+
http://WEBSERVER_IP_ADDRESS/mutillidae
  
 
Follow the link to setup the database.-->
 
Follow the link to setup the database.-->
  
 
[[Category:PHP]] [[Category:SQL]] [[Category:Security]]
 
[[Category:PHP]] [[Category:SQL]] [[Category:Security]]

Latest revision as of 19:30, 28 January 2013

Underconstruction clock icon gray.svg
This material is work-in-progress ...

Do not follow instructions here until this notice is removed.
(Last edited by Fab on 28 Jan 2013.)

NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application. It's similar to DVWA.

Install lighttpd, PHP, and MySql

For installing the additional packages first activate community packages:

vi /etc/apk/repositories

Uncomment the following:

http://pkg.example.com/alpine/v3.11/community

Update the packagelist:

apk update

Install the additional packages:

apk add lighttpd php7-common php7-iconv php7-json php7-gd php7-curl php7-xml php7-mysqli php7-imap php7-cgi fcgi php7-pdo php7-pdo_mysql php7-soap php7-xmlrpc php7-posix php7-mcrypt php7-gettext php7-ldap php7-ctype php7-dom

Configure Lighttpd

Edit lighttpd.conf

vi /etc/lighttpd/lighttpd.conf

Uncomment line:

include "mod_fastcgi.conf"


Edit mod_fastcgi.conf

vi /etc/lighttpd/mod_fastcgi.conf

Edit the section:

/usr/bin/php-cgi

To:

/usr/bin/php-cgi7

Start lighttpd service and add to needed runlevel

rc-service lighttpd start && rc-update add lighttpd default

Install extra packages:

apk add php-mysql mysql mysql-client

Installing and configuring Mutillidae

Create the a folder named webapps

mkdir -p /usr/share/webapps/

Download the source archive and unpack it

cd /usr/share/webapps/ wget http://sourceforge.net/projects/mutillidae/files/mutillidae-project/LATEST-mutillidae-2.3.14.zip

Unpack the archive and remove it

unzip LATEST-mutillidae-2.3.14.zip rm LATEST-mutillidae-2.3.14.zip

Change the folder permissions

chmod -R 777 /usr/share/webapps/

Create a symlinks to the folder mutillidae

ln -s /usr/share/webapps/mutillidae/ /var/www/localhost/htdocs/mutillidae