> Cyber Security Strategy - From Idea to Mobile App RealityVinova Our team will brainstorm with you on where to begin, where to go, and how to get you there. Whether you have a spark of an idea or an existing app – we can help. Getting your mobile strategy right is what our unique services are all about. We’ll wrestle with business challenges, discover new opportunities that will help you define and refine your product ideas into mobile app reality.

How to Set Up a Pentesting Lab Using XAMPP to Practice Hacking Common Web Applications « Null Byte :: WonderHowTo

How to Set Up a Pentesting Lab Using XAMPP to Practice Hacking Common Web Applications « Null Byte :: WonderHowTo

Hello friends! This tutorial will teach you how to build a local pentesting lab on your Linux machine which will enable you to easily install common web applications so you can practice locating and exploiting their known vulnerabilities (or discover new ones!). In particular, this is an excellent way to learn how to hack WordPress, Joomla, and Dupral plus many more!

Basically it’s the same idea as building an intentionally vulnerable virtual machine to practice hacking against, except strictly focuses on the most common web applications.

The set up is essentially the same for Windows, although the locations of the folders might be different.

This is the only complete and accurate tutorial online that demonstrates:

  1. How to install XAMPP
  2. How to install WordPress locally on XAMPP
  3. How to fix pesky error warnings
  4. How to change themes without knowing ftp username/password

Step 1: Download XAMPP

Step 2:

After downloading, navigate to your download folder and double click the XAMPP ‘installer.run’ file. This will install XAMPP onto your system. At the end of the installation, make sure the ‘run XAMPP now’ tick box is checked and click ‘finish’.

Step 3:

On your XAMPP interface, click ‘manage servers’ then click ‘start all’.

Step 4:

Now it’s time to download and install an old version of wordpress so I can practice exploiting it’s known vulnerabilities. Click the link below and download the version of wordpress you’d like to practice exploiting. In this tutorial, I am installing wordpress 3.1.3

Step 5:

After Downloading, Extract the Zip File into /Opt/Lampp/Htdocs.

Step 6:

In your browser, navigate to ‘localhost/dashboard and click ‘phpMyAdmin’ in the menu bar in the right upper corner of the page.

Step 7:

In the upper left hand corner of the screen, under ‘phpMyAdmin’, click ‘new’ to create a new database. Set ‘wordpress’ as the name of your database, then click ‘create’.

In the pic, ignore the wp3.1.3 stuff. At the bottom you’ll see my database named ‘wordpress” just like I told you to create

Step 8:

Turn to your folders and navigate to /opt/lampp/htdocs/wordpress and double click the ‘wp-config-sample.php file. We will need to edit it appropriately.

Step 9:

Replace ‘databasenamehere’ with the name of your database, which in my case is ‘wordpress’. Replace ‘usernamehere’ with ‘root’ and leave ‘passwordhere’ blank.

Click ‘save as’ and rename the file ‘wp-config.php’.

Step 10:

Now we can get on with actually installing WordPress. Open your browser and go to http://localhost/wordpress/

You should see the translation screen that comes before the famous five minute WordPress installation process. Select your language and click ‘continue’.

Step 11:

Enter the title for your site (you can change this later), chose a unique username and password, enter your email address and click ‘finish’.

Viola! Your wordpress installation is now complete!

Step 12: Fix Pesky Warnings

Now it’s time to fix those pesky ‘warning’ messages showing up on your posts and pages. Navigate to and open your wp-config.php file and add the following line just above the ‘define DB_Name’ line.

ini_set( ‘display_errors’, 0 );

Step 13: Change Your Theme

Fix the issue that will prevent you from changing themes. If you go and try and change your theme, you will notice that it asks for your ftp user name and password. To disable this, add the following line below the line you added in the last step in your wp-config.php file

define(‘FS_METHOD’,’direct’);

Step 14: ENJOY!

Pat yourself on the back you’ve completed something a decent amount of people find difficult.

Other worthwhile deals to check out:

This content was originally published here.

Malcare WordPress Security

app development singapore,web design services singapore,design agency singapore,web designer singapore,website development singapore,android developer singapore,singapore web design services,singapore website design,web development singapore,graphic designer in singapore,singapore web design,mobile application development singapore,mobile app developer singapore,developers in singapore,website designer singapore,app developer singapore,website design singapore,web design singapore,design firms in singapore,ios developer singapore,ruby on rails developer singapore,singapore web development,mobile app development singapore,singapore app developer,singapore mobile application developer,web application singapore,mobile apps singapore,website developer singapore,ios app development singapore,web development company singapore,web design company singapore,mobile apps development singapore,mobile developer singapore,developer in singapore,singapore mobile app developer,mobile application developer singapore,mobile game developer singapore