- Mutillidae in the Metasploitable 2 Virtual Machine.
- We will install the latest Version of Mutillidae on our Windows 7 virtual Machine.
The attack commands and its effects will be different on both operating systems and also the Metasploitable 2 Mutillidae is more responsive in a virtual environment.
There are some database connection related issue in the Mutillidae running in Metasploitable 2 so we will fix that first and after that will move on to installing Mutillidae on Windows 7.
Mutillidae Database Configuration Changes :-
As written in the above para graph that Metasploitable version of Mutillidae have some database configuration error so here is how we can change them. The default database name in the config file is “Metasploit” and we will change it to “owasp10” to get Mutillidae to run without errors.- Start your Metasploitable VM
- Login to the system (default username and password is “msfadmin“)
- Change directory to /var/www/mutilliade
- Then type : sudo nano config.inc
- And now change the database name from “metasploit” to “owasp10“
- After that press “Cntrl+x” and “Y” to exit and save the changes.
Php.ini Config Changes :-
Lastly we will change some setting in php.ini file to perform Remote Inclusion Attacks which will be covered in future chapters of Web Application Testing.The php.ini file is stored in /etc/php5/cgi/ . We need to edit this file use sudo nano php.ini , Find “Fopen wrappers” section and change “allow_url_include” to “on“. Now just save and exit. Restart Apache and reset the database.
- Restart Apache by typing : “sudo /etc/init.d/apache2 restart“
- Now finally form you Host of other VM open Mutillidae in a browser “Metasploitable2 IP address/mutillidae“
- Click, “Reset DB“
- And this is all things we need to do and Metasploitable VM is all set !!
Popular
Tags
Videos
Posts
0 comments:
Post a Comment