NOWASP (Mutillidae)
 Do not follow instructions here until this notice is removed. |
NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application. It's similar to DVWA.
Contents
Install lighttpd, PHP, and MySql
For installing the additional packages first activate community packages:
vi /etc/apk/repositories
Uncomment the following:
http://pkg.example.com/alpine/v3.11/community
Update the packagelist:
apk update
Install the additional packages:
apk add lighttpd php7-common php7-iconv php7-json php7-gd php7-curl php7-xml php7-mysqli php7-imap php7-cgi fcgi php7-pdo php7-pdo_mysql php7-soap php7-xmlrpc php7-posix php7-mcrypt php7-gettext php7-ldap php7-ctype php7-dom
Configure Lighttpd
Edit lighttpd.conf
vi /etc/lighttpd/lighttpd.conf
Uncomment line:
include "mod_fastcgi.conf"
Edit mod_fastcgi.conf
vi /etc/lighttpd/mod_fastcgi.conf
Edit the section:
/usr/bin/php-cgi
To:
/usr/bin/php-cgi7
Start lighttpd service and add to needed runlevel
rc-service lighttpd start && rc-update add lighttpd default
Install extra packages:
apk add php-mysql mysql mysql-client
Installing and configuring Mutillidae
Create the a folder named webapps
mkdir -p /usr/share/webapps/
Download the source archive and unpack it
cd /usr/share/webapps/ wget http://sourceforge.net/projects/mutillidae/files/mutillidae-project/LATEST-mutillidae-2.3.14.zip
Unpack the archive and remove it
unzip LATEST-mutillidae-2.3.14.zip rm LATEST-mutillidae-2.3.14.zip
Change the folder permissions
chmod -R 777 /usr/share/webapps/
Create a symlinks to the folder mutillidae
ln -s /usr/share/webapps/mutillidae/ /var/www/localhost/htdocs/mutillidae
