NOWASP (Mutillidae)
This material is work-in-progress ... Do not follow instructions here until this notice is removed. |
NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application. It's similar to DVWA.
Install lighttpd, PHP, and MySql
Basic Installation
For installing the additional packages first activate community packages and update the package index
Install the required packages:
# apk add lighttpd php82 fcgi php82-cgi
Configure Lighttpd
Edit lighttpd.conf (/etc/lighttpd/lighttpd.conf) and uncomment the line:
Contents of /etc/lighttpd/lighttpd.conf
Edit mod_fastcgi.conf (/etc/lighttpd/mod_fastcgi.conf), find and change /usr/bin/php-cgi to /usr/bin/php-cgi82.
Contents of /etc/lighttpd/mod_fastcgi.conf
Start lighttpd
service and add it to default runlevel
# rc-service lighttpd start # rc-update add lighttpd default
Install extra packages:
apk add php-mysql mysql mysql-client
Installing and configuring Mutillidae
Create the a folder named webapps
mkdir -p /usr/share/webapps/
Download the source archive and unpack it
cd /usr/share/webapps/ wget https://sourceforge.net/projects/mutillidae/files/mutillidae-project/LATEST-mutillidae-2.3.14.zip[Dead Link]
Unpack the archive and remove it
unzip LATEST-mutillidae-2.3.14.zip rm LATEST-mutillidae-2.3.14.zip
Change the folder permissions
chmod -R 777 /usr/share/webapps/
Create a symlinks to the folder mutillidae
ln -s /usr/share/webapps/mutillidae/ /var/www/localhost/htdocs/mutillidae