Installing Mutillidae on Backtrack

Okay, now we will try to install mutillidae. What is mutillidae? Mutillidae is a free and open source web application for website penetration testing and hacking which was developed by Adrian “Irongeek” Crenshaw and Jeremy “webpwnized” Druin. It is designed to be exploitable and vulnerable and ideal for practicing your Web Fu skills like SQL injection, cross site scripting, HTML injection, Javascript injection, clickjacking, local file inclusion, authentication bypass methods, remote code execution and many more based on OWASP (Open Web Application Security) Top 10 Web Vulnerabiltie

1. The first step is to make sure you've installed apache and mysql. Backtrack is usually already installed in the beginning. You just run it from the application menu.

2.  And then, open the folder /var/www mutillidae and download files with a command like below.

cd /var/www

wget http://sourceforge.net/projects/mutillidae/files/mutillidae-project/LATEST-mutillidae-2.3.5.zip/download

3. After the download is complete, unzip the file we downloaded earlier.

unzip download

4. In this step we need to configure the config.inc which contains the dbhost, dbuser, dppass, and dbname configurations. Adjust the configuration of your computer

cd mutillidae

gedit config.inc

5. Tun apache and mysql, you can use the applications services in backtrack, or use the command from the terminal.

service mysql start

service apache2 start 

6. Then open your web browser again and point it to 127.0.0.1/mutillidae/ or localhost/mutillidae/