Easily Install bWAPP in Linux For Web Hacking!

    One cannot directly attack live sites or live web applications to practice web hacking without proper permissions. So to practice web hacking skills/web penetration skills we need something where we can practice web hacking skills without harming someone’s web app or site so for that we can install bWAPP in Linux for Web Hacking.

    install bwapp in linux

    What is bWAPP?

    bWAPP i.e Buggy Web Application is an intentionally insecure web application for practicing web hacking skills and it is free and open source. It has more than 100+ web vulnerabilities.

    So now let’s see how to install bWAPP in Linux to start web hacking.

    Install bWAPP in Linux

    First, we need to download bWAPP. So for that click here to start downloading bWAPP from Sourceforge.

    After it is downloaded open Terminal and then change your working directory to Downloads since our bWAPP is downloaded in the Downloads directory.

    cd Downloads

    Now it’s time to unzip the downloaded bWAPP zip file and then we need to move it to the apache web folder. But we can directly unzip the bWAPP zip file in the apache web folder using the command given below. If asked for a password then enter your sudo password.

    sudo unzip -d /var/www/html

    Now that we’ve extracted our zip file in the apache web folder let’s change our working directory to the apache web folder using the command given below.

    cd /var/www/html

    Make sure that there is a folder named bWAPP in this directory. For that list all the files and folders in this directory using the ls command. If in case the folder is not available then you need to extract the zip file again in the apache web folder.

    bwapp directory in linux

    Since the folder named bWAPP is available. Change the permission of that folder using the command given below.

    sudo chmod -R 777 bWAPP

    Now start the apache service using the command given below.

    - Advertisement -
    sudo service apache2 start

    Start the Mysql service using the command given below.

    sudo service mysql start

    Now we need to set up MySQL for our bWAPP in Linux. For that get inside the bWAPP admin directory using the command given below.

    cd bWAPP/admin

    Now we need to make some changes in the settings.php file, so open that file in any text editor that you want for example nano text editor.

    sudo nano settings.php

    In this file change db_username to user and db_password to pass and then save changes using Ctrl + S after that close the settings.php file using Ctrl + X.

    bwapp settings.php file

    Now it’s time to connect to the MySQL server, so for that type the following command.

    sudo mysql

    We need to create a user in our MySQL server for bWAPP so to create a user with a username user and password pass type the command given below. Make sure to use the same username and password that you specified in the settings.php file in the bWAPP/admin directory.

    create user 'user'@'localhost' identified by 'pass';
    local user in mysql

    Now we need to give our newly created user all the privileges on the bWAPP database. So for that type the following command.

    grant all privileges on bWAPP.* to 'user'@'localhost' identified by 'pass';
    grant access to bwapp database

    Since the query is OK as shown in the image above, now it’s time to open your web browser and visit localhost/bWAPP/install.php

    bwapp installation

    Here click on here in click here to install message to install bWAPP in Linux and if you’ve followed the above steps correctly then bWAPP will be successfully installed.

    bwapp installed

    Now to login into bWAPP by clicking on the login button that is in the menu bar and then enter bee as username and bug as password.

    bwapp in linux installed

    And we’ve successfully logged in to our bWAPP in linux on our localhost. bWAPP has over 100 vulnerabilities for you including all vulnerabilties from OWASP Top 10 project. So simply select what you want to hack and then start hacking !!!!

    bwapp vulnerabilities

    John The Ripper | Crack Passwords With John The Ripper

    Re-Opening bWAPP in Linux

    To reopen bWAPP first you need to run apache2 and mysql service and then visit http://localhost/bWAPP/ to start hacking 🙂

    sudo service apache2 start #starts apache2
    sudo service mysql start #starts mysql


    So this is how you can easily install bWAPP in Linux with just a few simple commands but don’t forget to run apache2 and MySQL service before using bWAPP or else it will throw out an error.

    Recent Articles


    Leave A Reply

    Please enter your comment!
    Please enter your name here