How to Install BWAP on WSL 2 Ubuntu with Docker

Programmer TeloProgrammer Telo
3 min read

If you're interested in practicing web application security testing, bWAPP (Buggy Web Application) is a fantastic tool. In this guide, I’ll walk you through setting up bWAPP on WSL 2 Ubuntu using Docker, assuming you've already installed WSL 2 and Ubuntu.

Follow this step-by-step guide to get bWAPP running on your system.

Prerequisites

  • Windows 11 with WSL 2 and Ubuntu installed.

  • Docker installed on your WSL 2 environment. If you haven't installed Docker yet, follow this Docker Installation Guide.

Step 1: Verify Docker Installation

Before proceeding, let's ensure Docker is properly installed and running:

docker --version

If Docker is installed correctly, you’ll see the version number. Next, check if the Docker service is running:

sudo service docker status

If it's not running, you can start it with:

sudo service docker start

Step 2: Pull the bWAPP Docker Image

Now that Docker is up and running, we will use the raesene/bwapp Docker image from Docker Hub. This image simplifies the process of setting up bWAPP. Run the following command to pull the image:

docker pull raesene/bwapp

Docker will download the necessary files for bWAPP. This may take a few minutes depending on your internet speed.

Step 3: Run the bWAPP Container

Once the image is pulled, it’s time to run the container. We will map the necessary ports so that you can access the application through your browser:

docker run -d -p 8080:80 raesene/bwapp

Here, -d runs the container in the background, and -p 8080:80 maps port 80 of the container to port 8080 on your local machine.

Step 4: Access bWAPP in Your Browser

After the container is up and running, you can access bWAPP by opening your web browser and navigating to:

http://localhost:8080/install.php

You’ll be greeted by the bWAPP installation screen. Follow the prompts to complete the setup. Most of the configuration can be left as default, but ensure that the database credentials are:

  • Server: localhost

  • Username: root

  • Password: bug

  • Database: bwapp

Click the Install button to finalize the installation.

Step 5: Log in to bWAPP

After completing the installation, you can log in to bWAPP using the default credentials:

  • Username: bee

  • Password: bug

You’ll now have access to the vulnerable web application where you can practice your security testing skills.

Step 6: Managing the Container

To view running Docker containers, use:

docker ps

To stop the container, run:

docker stop [container-id]

To remove the container entirely:

docker rm [container-id]

You can always restart the container by re-running the docker run command from Step 3.

Conclusion

With bWAPP running on WSL 2 Ubuntu using Docker, you now have a convenient environment for web security practice. This setup allows for easy container management and isolation, making it perfect for experimenting with security vulnerabilities.

By following this guide, you'll be able to quickly set up and start using bWAPP on your WSL 2 Ubuntu environment!

0
Subscribe to my newsletter

Read articles from Programmer Telo directly inside your inbox. Subscribe to the newsletter, and don't miss out.

owaspbWAPP#cybersecurityDockerwsl2

Written by

Programmer Telo
Programmer Telo