vulnerawa

All posts tagged vulnerawa

Vulnerawa  is a vulnerable web application designed by me to simulate realtime websites. It has been designed to help beginners understand website hacking clearly. It can be downloaded from here.  Today I am going to show how to setup vulnerawa in EasyPHP. EasyPHP is a portable  WAMP server for PHP web development and web hosting on Windows. Go here and download the EasyPHP DevServer 14.1.  Install the Devserver. The installation is quite simple.  However when it asks where to install EasyPHP server, set it in a folder where there will be no clash of user rights. I set it in the C:/ folder as shown below.

vephp1

Once installation is finished, start the server. As the server starts, there should be a icon in the taskbar showing the status of the EasyPHP Dev server as shown below.

vephp2

See there and make sure your server has started. If it did’nt start, start  the server as administrator. Now open your browser and type “localhost” in the urlbar. If the result is as shown below, Your EasyPHP server installation is successful.

vephp3

Now go to the folder where vulnerawa1.0.2.zip file you downloaded is located and extract the contents of the zip archive to the folder shown below. This is the root folder of the server.

vephp4

Now in the url bar type “localhost/vulnerawa1.0.2” and hit Enter. If you get the result as below, you are all ready to play with vulnerawa.

vephp5

Before you start practicing, create the database by clicking on button “Create Database”.

vephp6

Hope this was helpful. Happy hacking practice.

Good Evening friends. Today we will see a step by step guide  on how to create a web application pentest lab .

For creating this lab, I am using a host machine with Windows 7 installed on it.  We also need the following softwares.

1. Wamp server ( Download here)

2. Vulnerawa ( Download here )

3. Vmware Workstation   or Oracle Virtualbox ( Download here )

4. Kali Linux ( Download here )

Download the above softwares to your system. Install Wamp server.  For this WAPT lab,  we will use vulnerawa as a vulnerable website or target website. Extract the contents of the vulnerawa.zip folder to the root folder of the wamp server. Now open a browser and and type localhost in the urlbar to see if you can see the victim webapp as shown below.

wapt1

Click on “Create Database” to create some data which we will use in our future howto’s.

wapt2

Now let’s change the permissions of the wamp server to access it from our attacker machine. Go to Apache>httpd.conf as shown below.

wapt3

You should see the httpd.conf as shown below.  Type CTRL+F and search for word “stuff”. After you find it, make changes  as shown below in the red box. Save the file by typing CTRL+S  and restart the wamp server.

wapt4

Now install Kali Linux in Vmware Workstation or Oracle Virtualbox (see how ). Set the network adapter to NAT. Now open command line in your host machine and check the IP address assigned to your host machine as shown below by typing command “ipconfig”. Since I am using Vmware Workstation my network adapter is Vmware network adapter vmnet8. The IP address assigned to my host machine is 192.168.64.1.

wapt5

Now start your attacker machine( Kali Linux ), open browser and type the address 192.168.64.1 in the url bar and see if you can access the victim web application as shown below.

wapt6

 

wapt7

Your web application pentest lab is ready. Happy hacking.

Good Evening friends.  Today we will see how to setup Vulnerawa in Wamp Server. For those newbies who don’t know what is vulnerawa, it is a vulnerable webapp coded by me to simulate a real website for practice. Read more about it here. First, download Wamp Server from here   as appropriate to your system requirements. We will use “WAMPSERVER (64 BITS & PHP 5.3.10) 2.2d″ for this howto. Install the Wamp Server. Open browser and type “localhost” in the urlbar to see if wamp server is working as shown below.

vwamp1

 

 

 

 

 

We can see that there are no projects available. Now download Vulnerawa from here. You will find a zip file as shown below. Now we will extract the contents of this file into the root folder of Wamp server. Right click on the zip file, go to 7-zip as shown below ( or any other unzipping software )  and select “Extract files” option. Extract the files to the folder “C:\\wamp\www” which is the root folder for Wamp server.

vwamp2

Now lets check the root folder to see if the files are extracted. Go to wamp server’s root directory and you should see the folder named “vulnerawa1.0.2” as shown below.

vwamp3

 

Now open your browser and type “localhost” once again. Now we can see our projectVulnerawa1.0.2 listed in the Projects section as shown below.

vwamp4

Click on the project. If you see the below webpage, then you have successfully setup Vulnerawa. If it gives you some error go to the url and type “http://localhost/vulnerawa1.0.2” directly. Happy hacking practice.

vwamp5

Here’s a video version of this howto.

Vulnerawa stands for “Vulnerable Web Application”. This vulnerable web application developed by me is still in its nascent stages. I have started developing “Vulnerawa” to simulate a real website, i.e practice website hacking on this application and you are ready for hacking real websites. It is available for download here, it has only SQL Injection vulnerabilities. (Go here to see how to setup Vulnerawa). Here’s a picture of Vulnerawa below.

vulne1

This vulnerable web app  has two SQL injection vulnerabilities, url based and Login Bypass. As an example, let’s see login bypass using SQL injection. Click on link “Login”. You will be greeted with a login form. Enter single quote character(‘) as shown below in the picture below and click on “Submit”.

vulne2

You will get an error as shown below,i.e the web app is vulnerable to SQL injection. This trick also works on realtime websites if they are vulnerable to SQL injection.

vulne3

As the webapp is vulnerable to SQL injection, try to bypass the login form as shown here. If you successfully bypass the login form, you will be taken to page shown below.

vulne4

In the above page, apart from congrats message, you can see some google search queries. Copy these queries and enter it in a Google search box. This will give you a list of websites with login forms. You can check if they are vulnerable using the same method(the single quote)  as shown above. Let’s say you found one vulnerable website as shown below. Let’s try to bypass it.

vulne5

We have successfully bypassed the website as shown below.

vulne6