겉바속촉
[보안] Kali Linux에 bWAPP 설치 본문
728x90
반응형
1. MySQL 서비스 실행 여부 확인 및 실행
┌──(kali㉿kali)-[~]
└─$ sudo service mysql status
[sudo] password for kali:
● mysql.service - LSB: Start and stop the mysql database server daemon
Loaded: loaded (/etc/init.d/mysql; generated)
Active: inactive (dead)
Docs: man:systemd-sysv-generator(8)
┌──(kali㉿kali)-[~]
└─$ sudo service mysql start 3 ⨯
┌──(kali㉿kali)-[~]
└─$ sudo service mysql status
● mysql.service - LSB: Start and stop the mysql database server daemon
Loaded: loaded (/etc/init.d/mysql; generated)
Active: active (running) since Thu 2021-01-21 01:10:39 EST; 17s ago
Docs: man:systemd-sysv-generator(8)
Process: 10586 ExecStart=/etc/init.d/mysql start (code=exited, status=0/SUCCESS)
Tasks: 33 (limit: 2300)
Memory: 104.6M
CGroup: /system.slice/mysql.service
├─10613 /bin/sh /usr/bin/mysqld_safe
├─10730 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mariad>
└─10731 logger -t mysqld -p daemon error
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: information_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: mysql
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: performance_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Phase 6/7: Checking and upgrading tables
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Processing databases
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: information_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: performance_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Phase 7/7: Running 'FLUSH PRIVILEGES'
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: OK
Jan 21 01:10:39 kali mysql[10828]: WARNING: tempfile is deprecated; consider using mktemp instead.
...skipping...
● mysql.service - LSB: Start and stop the mysql database server daemon
Loaded: loaded (/etc/init.d/mysql; generated)
Active: active (running) since Thu 2021-01-21 01:10:39 EST; 17s ago
Docs: man:systemd-sysv-generator(8)
Process: 10586 ExecStart=/etc/init.d/mysql start (code=exited, status=0/SUCCESS)
Tasks: 33 (limit: 2300)
Memory: 104.6M
CGroup: /system.slice/mysql.service
├─10613 /bin/sh /usr/bin/mysqld_safe
├─10730 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mariad>
└─10731 logger -t mysqld -p daemon error
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: information_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: mysql
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: performance_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Phase 6/7: Checking and upgrading tables
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Processing databases
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: information_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: performance_schema
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: Phase 7/7: Running 'FLUSH PRIVILEGES'
Jan 21 01:10:39 kali /etc/mysql/debian-start[10788]: OK
Jan 21 01:10:39 kali mysql[10828]: WARNING: tempfile is deprecated; consider using mktemp instead.
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
lines 1-22/22 (END)
2. MySQL root 패스워드 설정 및 확인
┌──(kali㉿kali)-[~]
└─$ sudo mysql -uroot -p 130 ⨯
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 51
Server version: 10.3.24-MariaDB-2 Debian buildd-unstable
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> alter user 'root'@'localhost' identified by 'tkvkfkffk12~';
Query OK, 0 rows affected (0.015 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.009 sec)
MariaDB [(none)]> exit
Bye
┌──(kali㉿kali)-[~]
└─$ sudo mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 55
Server version: 10.3.24-MariaDB-2 Debian buildd-unstable
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.010 sec)
MariaDB [(none)]> exit
Bye
3. 아파치 서비스 실행 여부 확인 및 실행
┌──(kali㉿kali)-[~]
└─$ sudo service apache2 start 130 ⨯
┌──(kali㉿kali)-[~]
└─$ sudo service apache2 status
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2021-01-19 01:29:03 EST; 1 day 23h ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 10174 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Main PID: 1200 (apache2)
Tasks: 6 (limit: 2300)
Memory: 21.7M
CGroup: /system.slice/apache2.service
├─ 1200 /usr/sbin/apache2 -k start
├─10188 /usr/sbin/apache2 -k start
├─10189 /usr/sbin/apache2 -k start
├─10190 /usr/sbin/apache2 -k start
├─10191 /usr/sbin/apache2 -k start
└─10192 /usr/sbin/apache2 -k start
Jan 19 01:29:03 kali systemd[1]: Starting The Apache HTTP Server...
Jan 19 01:29:03 kali apachectl[1199]: AH00558: apache2: Could not reliably determine the server's fully qualified domain na>
Jan 19 01:29:03 kali systemd[1]: Started The Apache HTTP Server.
Jan 20 00:00:41 kali systemd[1]: Reloading The Apache HTTP Server.
Jan 20 00:00:42 kali apachectl[6027]: AH00558: apache2: Could not reliably determine the server's fully qualified domain na>
Jan 20 00:00:42 kali systemd[1]: Reloaded The Apache HTTP Server.
Jan 21 00:00:12 kali systemd[1]: Reloading The Apache HTTP Server.
Jan 21 00:00:12 kali apachectl[10177]: AH00558: apache2: Could not reliably determine the server's fully qualified domain n>
Jan 21 00:00:12 kali systemd[1]: Reloaded The Apache HTTP Server.
4. /var/www/html/phpinfo.php 페이지 추가 및 실행 확인
┌──(kali㉿kali)-[~]
└─$ sudo vi /var/www/html/phpinfo.php
5. bWAPP 소스코드 다운로드 및 압축해제
wget 명령으로 bWAPP_lates.zip 파일 다운로드
┌──(kali㉿kali)-[~]
└─$ wget https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip 4 ⨯
--2021-01-21 01:51:50-- https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip
Resolving sourceforge.net (sourceforge.net)... 216.105.38.13
Connecting to sourceforge.net (sourceforge.net)|216.105.38.13|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip/ [following]
--2021-01-21 01:51:51-- https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip/
Reusing existing connection to sourceforge.net:443.
HTTP request sent, awaiting response... 302 Found
Location: https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip/download [following]
--2021-01-21 01:51:51-- https://sourceforge.net/projects/bwapp/files/bWAPP/bWAPP_latest.zip/download
Reusing existing connection to sourceforge.net:443.
HTTP request sent, awaiting response... 302 Found
Location: https://downloads.sourceforge.net/project/bwapp/bWAPP/bWAPP_latest.zip?r=&ts=1611211911&use_mirror=jaist [following]
--2021-01-21 01:51:51-- https://downloads.sourceforge.net/project/bwapp/bWAPP/bWAPP_latest.zip?r=&ts=1611211911&use_mirror=jaist
Resolving downloads.sourceforge.net (downloads.sourceforge.net)... 216.105.38.13
Connecting to downloads.sourceforge.net (downloads.sourceforge.net)|216.105.38.13|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://jaist.dl.sourceforge.net/project/bwapp/bWAPP/bWAPP_latest.zip [following]
--2021-01-21 01:51:52-- https://jaist.dl.sourceforge.net/project/bwapp/bWAPP/bWAPP_latest.zip
Resolving jaist.dl.sourceforge.net (jaist.dl.sourceforge.net)... 150.65.7.130, 2001:df0:2ed:feed::feed
Connecting to jaist.dl.sourceforge.net (jaist.dl.sourceforge.net)|150.65.7.130|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15058349 (14M) [application/octet-stream]
Saving to: ‘bWAPP_latest.zip’
bWAPP_latest.zip 100%[====================================================>] 14.36M 1.73MB/s in 8.1s
2021-01-21 01:52:00 (1.78 MB/s) - ‘bWAPP_latest.zip’ saved [15058349/15058349]
다운로드 받은 파일을 웹 루트 디렉터리로 이동 --> /var/www/html
┌──(kali㉿kali)-[~]
└─$ sudo mv ./bWAPP_latest.zip /var/www/html
[sudo] password for kali:
웹 루트 디렉터리로 이동
┌──(kali㉿kali)-[~]
└─$ cd /var/www/html
┌──(kali㉿kali)-[/var/www/html]
└─$
unzip 명령으로 bWAPP_lates.zip 파일 압축해제
┌──(kali㉿kali)-[/var/www/html]
└─$ sudo unzip ./bWAPP_latest.zip
Archive: ./bWAPP_latest.zip
inflating: apache2/default
inflating: apache2/httpd.conf
inflating: bWAPP/666
creating: bWAPP/admin/
inflating: bWAPP/admin/index.php
inflating: bWAPP/admin/phpinfo.php
inflating: bWAPP/admin/settings.php
inflating: bWAPP/aim.php
creating: bWAPP/apps/
inflating: bWAPP/apps/movie_search
:
:
inflating: INSTALL.txt
inflating: README.txt
inflating: release_notes.txt
압축 해제 결과 확인 후 불필요한 파일 삭제
┌──(kali㉿kali)-[/var/www/html]
└─$ ll
total 19672
drwxr-xr-x 2 root root 4096 Jan 21 01:53 apache2
drwxr-xr-x 13 root root 12288 Jan 21 01:53 bWAPP
-rw-r--r-- 1 root root 5010042 Nov 2 2014 bWAPP_intro.pdf
-rw-r--r-- 1 kali kali 15058349 Nov 2 2014 bWAPP_latest.zip
-rw-r--r-- 1 root root 325 Mar 8 2014 ClientAccessPolicy.xml
-rw-r--r-- 1 root root 200 Mar 11 2014 crossdomain.xml
drwxr-xr-x 2 root root 4096 Jan 21 01:53 evil
-rw-r--r-- 1 root root 10701 Nov 17 07:27 index.html
-rw-r--r-- 1 root root 612 Nov 17 07:24 index.nginx-debian.html
-rw-r--r-- 1 root root 2589 May 12 2014 INSTALL.txt
-rw-r--r-- 1 root root 20 Jan 21 01:22 phpinfo.php
-rw-r--r-- 1 root root 2491 Nov 2 2014 README.txt
-rw-r--r-- 1 root root 8271 Nov 2 2014 release_notes.txt
┌──(kali㉿kali)-[/var/www/html]
└─$ sudo rm -rf apache2 bWAPP_*
6. bWAPP 설치에 필요한 정보 입력 및 설치
documents, imamges, logs, passwords 디렉터리에 불필요한 권한 부여
┌──(kali㉿kali)-[/var/www/html]
└─$ cd /var/www/html/bWAPP
┌──(kali㉿kali)-[/var/www/html/bWAPP]
└─$ ll . | grep "^d"
drwxr-xr-x 2 root root 4096 Mar 17 2014 admin
drwxr-xr-x 2 root root 4096 May 11 2014 apps
drwxr-xr-x 2 root root 4096 May 12 2014 db
drwxr-xr-x 2 root root 4096 May 12 2014 documents
drwxr-xr-x 2 root root 4096 May 1 2014 fonts
drwxr-xr-x 2 root root 4096 Sep 27 2014 images
drwxr-xr-x 2 root root 4096 Mar 17 2014 js
drwxr-xr-x 2 root root 4096 May 18 2014 logs
drwxr-xr-x 2 root root 4096 Mar 17 2014 passwords
drwxr-xr-x 2 root root 4096 Mar 17 2014 soap
drwxr-xr-x 2 root root 4096 May 17 2014 stylesheets
┌──(kali㉿kali)-[/var/www/html/bWAPP]
└─$ sudo chmod 777 ./passwords ./images ./documents ./logs
┌──(kali㉿kali)-[/var/www/html/bWAPP]
└─$ ll . | grep "^d"
drwxr-xr-x 2 root root 4096 Mar 17 2014 admin
drwxr-xr-x 2 root root 4096 May 11 2014 apps
drwxr-xr-x 2 root root 4096 May 12 2014 db
drwxrwxrwx 2 root root 4096 May 12 2014 documents
drwxr-xr-x 2 root root 4096 May 1 2014 fonts
drwxrwxrwx 2 root root 4096 Sep 27 2014 images
drwxr-xr-x 2 root root 4096 Mar 17 2014 js
drwxrwxrwx 2 root root 4096 May 18 2014 logs
drwxrwxrwx 2 root root 4096 Mar 17 2014 passwords
drwxr-xr-x 2 root root 4096 Mar 17 2014 soap
drwxr-xr-x 2 root root 4096 May 17 2014 stylesheets
/var/www/html/bWAPP/admin/settings.php 파일에 MySQL 접속 정보 입력
┌──(kali㉿kali)-[/var/www/html/bWAPP]
└─$ sudo vi ./admin/settings.php
7. 웹 브라우저로 설치 진행
8. 웹 브라우저로 실행 확인
localhost/bWAPP/login.php 접속
bee, bug 계정으로 로그인 확인까지!!!!!
728x90
반응형
'IT 일기 (상반기) > 네트워크 및 시스템 보안' 카테고리의 다른 글
| [보안] Blind String SQL Injection (0) | 2021.01.21 |
|---|---|
| [보안] Blind Numeric SQL Injection (0) | 2021.01.21 |
| [보안] WebGoat_String SQL Injection, Numeric SQL Injection (0) | 2021.01.21 |
| [보안] OWASP, SQL Injection (0) | 2021.01.21 |
| [보안] ARP Spoofing 실습 (0) | 2021.01.21 |
'IT 일기 (상반기)/네트워크 및 시스템 보안' Related Articles
more
