bee-box is a custom Linux VMware virtual machine pre-installed with bWAPP, our extremely buggy web application.
bee-box gives you several ways to hack and deface the bWAPP website. It's even possible to hack the bee-box to get full root access...
With bee-box you have the opportunity to explore all bWAPP vulnerabilities! Hacking, defacing and exploiting without going to jail... how cool is that? :)
You can download bee-box from here. Have fun!
These are the requirements for installing bee-box:
An overview of the installation steps:
Some additional notes:
We also offer a 2-day comprehensive web security course 'Attacking and Defending Web Applications with bWAPP'. This course can be scheduled on demand, at your location!
Source :
http://itsecgames.blogspot.fr/
bee-box gives you several ways to hack and deface the bWAPP website. It's even possible to hack the bee-box to get full root access...
With bee-box you have the opportunity to explore all bWAPP vulnerabilities! Hacking, defacing and exploiting without going to jail... how cool is that? :)
You can download bee-box from here. Have fun!
These are the requirements for installing bee-box:
- Windows, Linux or Mac OS
- VMware Player, Workstation or Fusion
An overview of the installation steps:
- Extract the 'rar' file.
- Double click on the VM configuration file (bee-box.vmx), or import the VM into the VMware software.
- Start the VM. It will login automatically.
- Check the IP address of the VM.
- Go to the bWAPP login page. If you browse the bWAPP root directory you will be redirected. example: http://[IP]/bWAPP/example: http://[IP]/bWAPP/login.php
- Login with the default bWAPP credentials, or make a new user.
default credentials: bee/bug
- You are ready to explore and exploit the bee!
Some additional notes:
- Linux credentials:
bee/bug - root/bug
- MySQL credentials:
root/bug
- Modify the Postfix settings (relayhost,...) to your environment.
config file: /etc/postfix/main.cf
- Take a snapshot of the VM before hacking the bee-box.
There is also a backup of the bWAPP website (/var/www/bWAPP_BAK). - To reinstall the bWAPP database, delete the database with phpmyadmin
(http://[IP]/phpmyadmin/).
Afterwards, browse to the following page: https://[IP]/bWAPP/install.php - Don't upgrade the Linux operating system, you will lose all fun :)
- Check the SecurityTube (www.securitytube.net) for some amazing hacking videos.
Thanks Vivek!
We also offer a 2-day comprehensive web security course 'Attacking and Defending Web Applications with bWAPP'. This course can be scheduled on demand, at your location!
Source :
http://itsecgames.blogspot.fr/
No comments:
Post a Comment