Hello dear THT readers.
I greet everyone with love and respect. I wish a good day to the THT family and our visitors from outside.
Today I'm going to go into the topic by talking about what the bWAPP portal is, then explaining its setup, and finally showing an example analysis to reinforce its use.
First of all, I would like to clarify what bWAPP is to this part.
What is bWAPP?
We can say that bWAPP is a hacking test environment where almost all the vulnerabilities that can be found on any web page are presented to us.
By installing this environment with Wamp or Xampp servers, we can prepare a test environment for specific requirements for the vulnerabilities we want.
bWAPP's Open Capabilities
I think I briefly mentioned bWAPP and its possibilities in a very illustrative way.
After this part, the place we need is the bWAPP installation, and I will talk about this installation.
We have a lot of alternatives for installation
For example, installing with Apache Web Server, Linux distribution installs, etc.
bWAPP Linux/Debian BASED INSTALLATION
I chose the Linux-based alternative from the alternatives I mentioned above, and I will continue the installation like this.
We'll continue to use it the same way, as will the example analysis.
Now go to the address you see in the image below and proceed to "Download" as I advanced.
(You can continue with the download here section.)
Then we will continue with the installation of the final version from the tab that led us to, this part should not be confusing due to the abundance of tabs, our job is again with the top side in the image.
Let's continue with the Latest part you see in this image, I leave it down visually.
Then we will go to the archive and do the extraction.
I will ask you to enter the command unzip bWAPP_lastes.zip -d bWAPP.
Then I leave the screen you will encounter, the process continues.
After removing it from the archive, we will again encounter a screen like the one I gave below.
Now we need to migrate to the bWAPP tab that is already available for download.
First, let's enter the code I gave with the image in the terminal.
Now the authorization process is next, and I immediately show it with the visual.
Then we need to adjust some values according to ourselves, I will not write line by line, you will be able to see what I am doing in the visual.
Here I will authorize the name of the database that comes with bWAPP. (database=our user)
The name will be bWAPP manual.
Again, we will continue from the terminal as I gave the visual.
Now that we've given the mandate, let's do a little trial to make a check.
Proceed through the terminal as I will give visually.
It can work out this way in case anyone wants to experiment or be sure like me.
Yes, as seen above, I have successfully done the authorization process.
I will finish the installation part here, but I will start the part of how to run bWAPP just below.
Run bWAPP
First of all, let's go to the https://localhost/html/bWAPP/install.php address which web browser we are using.
When we go to the address, we will encounter the image I will give below.
In order to finish the installation completely, let's click on the section that says "Here" that I have circled.
Then we will log in with the "Login" section at the top of the web page we are on.
As you can see in the image, there is a login and pass section.
Don't be confused, we have already been given log and pass information in the credentials section.
After entering this information, we are logged in.
If the request comes, I will also make a lecture in order to solve SQL Injection or different vulnerabilities with bWAPP.
I end the narrative here, thanks to everyone who reads it.
Translator: @ByFelez
Subject Author: @NerdyPravyn
Subject: https://www.turkhackteam.org/konular/bwapp-nedir-bwapp-kurulumu-ve-arayuzune-ilk-bakis.2017346/
I greet everyone with love and respect. I wish a good day to the THT family and our visitors from outside.
Today I'm going to go into the topic by talking about what the bWAPP portal is, then explaining its setup, and finally showing an example analysis to reinforce its use.
First of all, I would like to clarify what bWAPP is to this part.
What is bWAPP?
We can say that bWAPP is a hacking test environment where almost all the vulnerabilities that can be found on any web page are presented to us.
By installing this environment with Wamp or Xampp servers, we can prepare a test environment for specific requirements for the vulnerabilities we want.
bWAPP's Open Capabilities
I think I briefly mentioned bWAPP and its possibilities in a very illustrative way.
After this part, the place we need is the bWAPP installation, and I will talk about this installation.
We have a lot of alternatives for installation
For example, installing with Apache Web Server, Linux distribution installs, etc.
bWAPP Linux/Debian BASED INSTALLATION
I chose the Linux-based alternative from the alternatives I mentioned above, and I will continue the installation like this.
We'll continue to use it the same way, as will the example analysis.
Now go to the address you see in the image below and proceed to "Download" as I advanced.
(You can continue with the download here section.)
Then we will continue with the installation of the final version from the tab that led us to, this part should not be confusing due to the abundance of tabs, our job is again with the top side in the image.
Let's continue with the Latest part you see in this image, I leave it down visually.
Then we will go to the archive and do the extraction.
I will ask you to enter the command unzip bWAPP_lastes.zip -d bWAPP.
Then I leave the screen you will encounter, the process continues.
After removing it from the archive, we will again encounter a screen like the one I gave below.
Now we need to migrate to the bWAPP tab that is already available for download.
First, let's enter the code I gave with the image in the terminal.
Now the authorization process is next, and I immediately show it with the visual.
Then we need to adjust some values according to ourselves, I will not write line by line, you will be able to see what I am doing in the visual.
Here I will authorize the name of the database that comes with bWAPP. (database=our user)
The name will be bWAPP manual.
Again, we will continue from the terminal as I gave the visual.
Now that we've given the mandate, let's do a little trial to make a check.
Proceed through the terminal as I will give visually.
It can work out this way in case anyone wants to experiment or be sure like me.
Yes, as seen above, I have successfully done the authorization process.
I will finish the installation part here, but I will start the part of how to run bWAPP just below.
Run bWAPP
First of all, let's go to the https://localhost/html/bWAPP/install.php address which web browser we are using.
When we go to the address, we will encounter the image I will give below.
In order to finish the installation completely, let's click on the section that says "Here" that I have circled.
Then we will log in with the "Login" section at the top of the web page we are on.
As you can see in the image, there is a login and pass section.
Don't be confused, we have already been given log and pass information in the credentials section.
After entering this information, we are logged in.
If the request comes, I will also make a lecture in order to solve SQL Injection or different vulnerabilities with bWAPP.
I end the narrative here, thanks to everyone who reads it.
Translator: @ByFelez
Subject Author: @NerdyPravyn
Subject: https://www.turkhackteam.org/konular/bwapp-nedir-bwapp-kurulumu-ve-arayuzune-ilk-bakis.2017346/