HACKING LAB for Web Application


HACKING LAB TO TEST AND LEARN SQL INJECTION,XSS, CSRF VULNERABILITY


The BodgeIt Store

Like DVWA, This is also a Vulnerable web Application that will help you to develop your skills in Pen testing.

With this Vulnerable Application , you can practice the Following attacks:
  • Cross Site Scripting (XSS)
  • SQL injection (SQLi)
  • Hidden (but unprotected) content
  • Cross Site Request Forgery
  • Debug code
  • Insecure Object References
  • Application logic vulnerabilities
There is also a 'scoring' page (linked from the 'About Us' page) where you can see various hacking challenges and whether you have completed them or not.

How to setup the Pen Testing Lab? 


Requirements:
Download the bodgeit.1.3.0.zip file and extract the zip file . Now you will get a WAR file(bodgeit.WAR).

step 1:Install the Tomcat
Install the Tomcat in your system.  If you don't know how to do install the tomcat , do google search.

Step 2: Start the server
Start the tomcat server.

In Ubuntu, type the following command in Terminal:
 sudo /etc/init.d/tomcat6 start
For windows users, just click the tomcat server in all programs.

Step 3:
Open the browser and type "localhost:8080". It will show a page "It works !".   There you can access the manager webapp(http://localhost:8080/manager/html) page.  Clicking the link will ask to enter the username and password.  enter your computer username and password.

Step 4:
Now you are in "Tomcat Web Application Manager" page.  Scroll down and there you can see theWAR file to deploy form.

Step 5: Deploying the WAR
click the Browse button and select the bodgeit.WAR file .  Now click the Deploy button.




Yes,  Now the Application successfully installed..


Access the BodgeIt in this location: http://localhost:8080/bodgeit/

0 comments: