Howdy crackers? You know hacking any system without the owner’s permission is illegal you might get caught by the law. This is the biggest problem for beginners in the ethical hacking field.
Most companies give permission to ethical hackers to hack and test their online systems to secure them but who will give permission to a beginner with no skills?
Also, many countries don’t allow them to do a simple test. Even port scanning is considered illegal in some countries. To overcome this obstacle creators created some web apps and left them vulnerable so that beginners can do test their skills on them legally.
Here we are gonna cover the setup tutorial of bWAPP in Kali Linux which is one of the popular vulnerable web apps.
Before beginning the tutorial, let’s know a little about bWAPP.
What is bWAPP?
bWAPP is an open-source project and freely available on the internet. It is a highly vulnerable web application that allows students and others to do test their skills on it legally.
bWAPP is coded using PHP and MYSQL database and it can be hosted on both Windows and Linux with the help of Apache server. It is one of the popular buggy web apps available for free on the internet that allows people to do hacking tests on them legally.
How To Install bWAPP on Kali Linux
First of all download the app from here. Now fire up your Kali Linux Machine. It will be downloaded as a zip file. Extract the file and copy the bWAPP folder and navigate to computer> var> www> html and paste the folder there.
Now right-click inside the html folder and open the terminal. Type ls to expand it. Now type chmod -R 755 bWAPP and hit enter and close the terminal.
Now go to the bWAPP folder that you have copied and inside that folder right click and open the terminal again. Now type the following commands one by one.
chmod 777 passwords/
chmod 777 images/
chmod 777 documents/
chmod 777 logs/
Now you have to modify a script a little. Go inside the bWAPP folder and there is a folder named admin. Go to that folder and open the settings.php script with a text editor.
Now locate the line $db_password= “bug”; inside the script and delete the bug word, save the script and exit. Remember don’t delete a single inverted comma. Only remove the bug word.
Now all set. We’ve configured all the things we needed and now we can start our Apache and MySQL server. Open a new terminal and start the Apache2 server by giving the command service apache2 start and start the MySQL server by giving the command service mysql start and hit enter.
The last step is, open the Mozilla browser and go to the URL localhost/bWAPP and if it shows connection failed error try localhost/bWAPP/install.php. There will be a message shown up saying click here to install bWAPP. Click here and now go to the login section and log in to the bWAPP panel. The default username is bee and the password is bug.
In the login section, you can also set the security level from low to high.
Congrats! you have successfully configured bWAPP on your Kali Linux Machine.
Fix Access Denied for User ‘root@localhost’ error:
If you get the above error, that means your bWAPP database is not listed in MYSQL.
To solve this error, Open up the terminal and run the command-
apt-get install phpmyadmin
This command will download phpmyadmin on your computer. Now you have to configure phpmyadmin. Before configuring, open a new terminal and start MySQL and apache2 servers one by one by the commands-
service mysql start
service apache2 start
In phpmyadmin configuration, many popups will appear one by one.
There somewhere it will ask you to register a phpmyadmin account. There you enter the username as ‘root‘ and the password whatever you want. But the username must be root.
Another popup will ask you to register with MySQL Database. Enter the MySQL username as ‘root@localhost‘ and the password ‘root‘.
Also, configure the server of phpmyadmin with Unix socket. This is a default server. It gives the best performance.
Now open a browser and go to localhost/phpmyadmin and login to phpmyadmin with the username root and the password you’d set before.
Now open a new tab in the browser and go to localhost/bWAPP/install.php and click on Click here to install.
And you will get a message saying ‘bWAPP has been installed successfully‘.
Now go to the phpmyadmin tab and refresh it. Here on the right side, you will see the bWAPP folder.
This means you have successfully connected the bWAPP Database with MySQL.
Now open another new tab in the browser and go to localhost/bWAPP/login.php and login to bWAPP with the username= bee and the password= bug.
This is a good thing that we can create our own lab where we can practice our hacking techniques legally.
We hope you liked the tutorial. If you did, don’t forget to let us know and if you have any problem or confusion regarding the installation of this tool or configuration, feel free to let us know in the comment box. Have a nice hacking journey and stay safe.