Tutorial 2: Installing Mutillidae on Backtrack 5

The next tutorial series is learning to pentes website. There are many ways we can do this, but in this series I will focus on attacking mutillidae. I found that mutillidae has comprehensive leaning curve of XSS and SQL attack with few level of difficulty.

My computer do not have much memory hence I decided to install mutillidae on Backtrack 5. So the first step into the journey is to setup our environment.

How do I setup my mutillidae on Backtrack 5 ?


Step 1: Download and extract Latest Mutillidae

On backtrack 5, download the latest Mutillidae to Desktop, unzip it to /var/www/ folder

root@bt:~/Desktop# ls
hacking  LATEST-mutillidae-2.4.10.zip
root@bt:~/Desktop# unzip LATEST-mutillidae-2.4.10.zip -d /var/www/

Step 2: Change MySQL password by editing the following file

root@bt:~/Desktop# gedit /var/www/mutillidae/classes/MySQLHandler.php

find the following line:

static public $mMySQLDatabasePassword = "";

replace the blank password with "toor"

static public $mMySQLDatabasePassword = "toor";

Step 3: Start the apache and MySQL services

root@bt:~/Desktop# service apache2 start
 * Starting web server apache2                                           [ OK ]
root@bt:~/Desktop# service mysql start
mysql start/running, process 4401
root@bt:~/Desktop#

Step 4: Open the website using browser, You should be up and running

 So stay tune for the next tutorial because we gonna start our web hacking lesson.