Yes! Now one can also practice web hacking in android with the help of just the Termux application using the bWAPP web app. So in this article, we’ll see how to install bWAPP in Termux application. So that one can use bWAPP to practice hacking in termux.
What is bWAPP?
bWAPP, i.e., Buggy Web Application, is an intentionally insecure web application for practicing web hacking skills, and it is free and open source. It has more than 100+ web vulnerabilities.
So now let’s see how to install bWAPP in termux to start web hacking.
Installing required packages to install Bwapp in Termux
Follow the commands below to install all the required packages to install bwapp in termux for web hacking!
Update and upgrade packages in your termux application.
apt update && apt upgrade -y
Install Apache, MySQL, and PHP.
apt install apache2 mariadb php php-apache -y
Install php7-apache and get.
apt install php7-apache wget -y
We’ll need these apps to install the bWAPP in Termux application.
Configuring Apache and PHP to install bWAPP in Termux
Now we’ll be configuring some things so that our apache supports PHP files. Just follow the commands given below.
We’ll make some changes to a file named httpd.conf that is available in the etc/apache2 directory. Make sure to make these changes carefully.
Open httpd.conf file in the nano text editor.
On top of this file, add “ServerName localhost” as shown in the image below.
Now, scroll down to the LoadModule section and uncomment the line given below by removing the # in that line. If you can’t find that line, then simply copy-paste the line given below at the top in the LoadModule section of the httpd.conf file.
LoadModule mpm_prefork_module libexec/apache2/mod_mpm_prefork.so
Find the code below in the LoadModule section and then comment it using the # in front of the code.
LoadModule mpm_worker_module libexec/apache2/mod_mpm_worker.so
Scroll down to the end of the LoadModule section and then copy-paste the code given below.
LoadModule php7_module libexec/apache2/libphp7.so
AddHandler php7-script .php
After this, scroll to the end of the file and copy-paste the code given below in the include section.
The changes we wanted to make on this file are done. Now simply save this file with Ctrl + O and then close the file with Ctrl + X.
Now create a new file named php7_module.conf in etc/apache2/extra directory.
touch php7_module.conf $PREFIX/etc/apache2/extra
Downloading bWAPP in Termux.
It’s time to download and install bWAPP in termux. Follow the commands given below:
Download bWAPP latest version using the wget.
Unzip the latest version of bWAPP to the htdocs folder.
unzip -d $PREFIX/share/apache2/default-site/htdocs bWAPP_latest.zip
Give all permissions to the newly created bWAPP folder.
chmod -R 777 $PREFIX/share/apache2/default-site/htdocs/bWAPP
Configure the MYSQL server for bWAPP
Now it’s time to configure our MYSQL sever with bWAPP. Follow the commands given below:
Make sure the folder named my.cnf.d is available in the user/etc directory. If unavailable, create a folder named my.cnf.d in the user/etc directory using the command given below.
mkdir my.cnf.d $PREFIX/etc
Now it’s time to make changes to the settings.php file of the bWAPP application. Open settings.php and then find db_server, db_username, and db_password. Change db_server to 127.0.0.1 and then username and password to anything you like but not let username be “root” I’ve changed username to “root1” and password to “bug” as shown in the image below.
Make sure to remember the username and password you are going to need in the next step.
After making the changes, save the file with Ctrl + O and exit with Ctrl + X.
Now run the MySQL server with the command given below:
mysqld_safe -u root &
Hit enter and then type the command given below to start MySQL shell
Create one user in the MySQL server with the username and password you entered in the settings.php file of bWAPP. My username was root1, and my password was bug, so my command to create a user will look like the command below.
create user 'your_username'@'localhost' identified by 'your_password'; #mycommand create user 'root1'@'localhost' identified by 'bug';
After this, give all the privileges to this user on the bWAPP database using the command below. Make sure to use your username and password.
grant all privileges on bWAPP.* to 'your_username'@'localhost' identified by 'your_password'; #mycommand grant all privileges on bWAPP.* to 'root1'@'localhost' identified by 'bug';
If you get an Ok query message and you’ve entered your username and password correctly, you’ve successfully installed bWAPP in termux application.
Launching bWAPP in Termux
Now open any browser and visit localhost/bWAPP/install.php
You’ll see the installation page. Click on here in click here to install message to install bWAPP in termux, and if you’ve followed the above steps correctly, then bWAPP will be successfully installed.
Now to login into bWAPP by clicking on the login button in the menu bar and then enter bee as username and bug as password.
And we’ve successfully logged in to our bWAPP in termux on our localhost. bWAPP has over 100 vulnerabilities for you, including all vulnerabilities from OWASP’s Top 10 project. So simply select what you want to hack and then start hacking !!!!
You can learn and perform cross-site scripting attacks using the phone with the help of bwapp in termux; check it out here: Cross-Site Scripting Explained. HACK Websites with XSS attack!
Restart the bWAPP in Termux
After bWAPP is closed and you want to start it again, then just start apache2 and MySQL service and then visit http://localhost/bWAPP/ to start hacking 🙂
apachectl #runs apache server mysqld_safe -u root & #runs mysql server
So this is how you can install bWAPP in termux and start hacking! If you run into some errors, watch the video below, where I’ve demonstrated every step.