BWAPP
This material is work-in-progress ... Do not follow instructions here until this notice is removed. |
bWAPP or a buggy web application is a vulnerable web application.
Install lighttpd, PHP, and MySql
Basic Installation
For installing the additional packages first activate community packages and update the package index
Install the required packages:
# apk add lighttpd php82 fcgi php82-cgi
Configure Lighttpd
Edit lighttpd.conf (/etc/lighttpd/lighttpd.conf) and uncomment the line:
Contents of /etc/lighttpd/lighttpd.conf
Edit mod_fastcgi.conf (/etc/lighttpd/mod_fastcgi.conf), find and change /usr/bin/php-cgi to /usr/bin/php-cgi82.
Contents of /etc/lighttpd/mod_fastcgi.conf
Start lighttpd
service and add it to default runlevel
# rc-service lighttpd start # rc-update add lighttpd default
Install extra packages:
This material is obsolete ...
|
apk add php-mysql mysql mysql-client php-zlib
Installing and configuring SQLol
Create a folder named webapps
mkdir -p /usr/share/webapps/
Switch to the webapps folder and download the source files
cd /usr/share/webapps/ wget https://downloads.sourceforge.net/project/bwapp/bWAPPv1.3/bWAPPv1.3.zip
Unpack the archive and delete it
unzip bWAPPv1.3.zip rm bWAPPv1.3.zip
Rename the folder
mv bWAPP bwapp
Change the folder permissions
chown -R lighttpd /usr/share/webapps/
Create a symlink to the bwapp folder
ln -s /usr/share/webapps/bwapp/ /var/www/localhost/htdocs/bwapp
Configuration and start MySQL
/usr/bin/mysql_install_db --user=mysql rc-service mysql start && rc-update add mysql default /usr/bin/mysqladmin -u root password 'password'
bWAPP configuration
Please add the MySQL configuration details to the bWAPP config file.
nano -w /usr/share/webapps/bwapp/config.inc.php
Browse to http://WEBSERVER_IP_ADDRESS/install.php for the installation.