Easily Install bWAPP in Linux For Web Hacking!

One cannot directly attack live sites or live web applications to practice web hacking without proper permissions. So to practice web hacking skills/web penetration skills we need something where we can practice web hacking skills without harming someone’s web app or site so for that we can install bWAPP in Linux for Web Hacking.

install bwapp in linux

What is bWAPP?

bWAPP i.e Buggy Web Application is an intentionally insecure web application for practicing web hacking skills and it is free and open source. It has more than 100+ web vulnerabilities.

So now let’s see how to install bWAPP in Linux to start web hacking.

Install bWAPP in Linux

First, we need to download bWAPP. So for that click here to start downloading bWAPP from Sourceforge.

After it is downloaded open Terminal and then change your working directory to Downloads since our bWAPP is downloaded in the Downloads directory.

cd Downloads

Now it’s time to unzip the downloaded bWAPP zip file and then we need to move it to the apache web folder. But we can directly unzip the bWAPP zip file in the apache web folder using the command given below. If asked for a password then enter your sudo password.

sudo unzip -d /var/www/html bWAPP_latest.zip

Now that we’ve extracted our zip file in the apache web folder let’s change our working directory to the apache web folder using the command given below.

cd /var/www/html

Make sure that there is a folder named bWAPP in this directory. For that list all the files and folders in this directory using the ls command. If in case the folder is not available then you need to extract the zip file again in the apache web folder.

bwapp directory in linux

Since the folder named bWAPP is available change the permission of that folder using the command given below.

sudo chmod -R 777 bWAPP

Now start the apache service using the command given below.

sudo service apache2 start

Start the Mysql service using the command given below.

sudo service mysql start

Now we need to set up MySQL for our bWAPP in Linux. For that get inside the bWAPP admin directory using the command given below.

cd bWAPP/admin

Now we need to make some changes in the settings.php file, so open that file in any text editor that you want for example nano text editor.

sudo nano settings.php

In this file change db_username to user and db_password to pass and then save changes using Ctrl + S after that close the settings.php file using Ctrl + X.

bwapp settings.php file

Now it’s time to connect to the MySQL server, so for that type the following command.

sudo mysql

We need to create a user in our MySQL server for bWAPP so to create a user with a username user and password pass type the command given below. Make sure to use the same username and password that you specified in the settings.php file in the bWAPP/admin directory.

create user 'user'@'localhost' identified by 'pass';
local user in mysql

Now we need to give our newly created user all the privileges on the bWAPP database. So for that type the following command.

grant all privileges on bWAPP.* to 'user'@'localhost' identified by 'pass';
grant access to bwapp database

Since the query is OK as shown in the image above, now it’s time to open your web browser and visit localhost/bWAPP/install.php

bwapp installation

Here click on here in click here to install message to install bWAPP in Linux and if you’ve followed the above steps correctly then bWAPP will be successfully installed.

bwapp installed

Now to login into bWAPP by clicking on the login button that is in the menu bar and then enter bee as username and bug as password.

bwapp in linux installed

And we’ve successfully logged in to our bWAPP in linux on our localhost. bWAPP has over 100 vulnerabilities for you including all vulnerabilties from OWASP Top 10 project. So simply select what you want to hack and then start hacking !!!!

bwapp vulnerabilities

John The Ripper | Crack Passwords With John The Ripper

Re-Opening bWAPP in Linux

To reopen bWAPP first you need to run apache2 and mysql service and then visit http://localhost/bWAPP/ to start hacking 🙂

sudo service apache2 start #starts apache2
sudo service mysql start #starts mysql


So this is how you can easily install bWAPP in Linux with just a few simple commands but don’t forget to run apache2 and MySQL service before using bWAPP or else it will throw out an error.

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x