NOWASP (Mutillidae)
![]() Do not follow instructions here until this notice is removed. |
NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application. It's similar to DVWA.
Contents
Install lighttpd, PHP, and MySql
Install the additional packages:
apk add lighttpd php5-common php5-iconv php5-json php5-gd php5-curl php5-xml php5-pgsql php5-mysql php5-imap php5-cgi fcgi
apk add php5-pdo php5-pdo_pgsql php5-pdo_mysql php5-soap php5-xmlrpc php5-posix php5-mcrypt php5-gettext php5-ldap php5-ctype php5-dom
Configure Lighttpd
Edit lighttpd.conf
vi /etc/lighttpd/lighttpd.conf
Uncomment line:
include "mod_fastcgi.conf"
Edit mod_fastcgi.conf
vi /etc/lighttpd/mod_fastcgi.conf
Edit the section:
/usr/bin/php-cgi
To:
/usr/bin/php-cgi5
Start lighttpd service and add to needed runlevel
rc-service lighttpd start && rc-update add lighttpd default
Install extra packages:
apk add php-mysql mysql mysql-client
Installing and configuring Mutillidae
Create the a folder named webapps
mkdir -p /usr/share/webapps/
Download the source archive and unpack it
cd /usr/share/webapps/ wget http://sourceforge.net/projects/mutillidae/files/mutillidae-project/LATEST-mutillidae-2.3.14.zip
Unpack the archive and remove it
unzip LATEST-mutillidae-2.3.14.zip rm LATEST-mutillidae-2.3.14.zip
Change the folder permissions
chmod -R 777 /usr/share/webapps/
Create a symlinks to the folder mutillidae
ln -s /usr/share/webapps/mutillidae/ /var/www/localhost/htdocs/mutillidae