Lesson 1: Environment Setup

In this lesson series, I will be using the following virtual environment configured within VMware Workstation (Product: VMware® Workstation 17 Pro) for practicing ethical hacking, penetration testing, and web application security.

1. kali-linux-2022.3

2. win10

3. ubuntu-18.04

4. win2016x64

5. metasploitable-linux-2.0.0

I have created a LAN Segment in VMware named INFO-6076 to allow all VMs to communicate with each other within an isolated network environment. Only the Kali Linux and Ubuntu 18.04 LTS VMs are connected to the internet via NAT.

In Kali Linux VM, I have added the following host entries

127.0.0.1 gliyanage187787
127.0.0.1 gliyanage187787-kali

10.0.0.200 gliyanage187787-uws
10.0.0.201 gliyanage187787-iis
10.0.0.202 gliyanage187787-ms2

LAMP Stack and Mutillidae Installation on the Ubuntu 18.04 LTS Web Server

▪ Install Apache Server:

sudo apt-get install apache2 apache2-utils

▪ Install the MYSQL server:

sudo apt-get install mysql-server

▪ Configure the MYSQL installation to work with Mutillidae:

sudo mysql –u root
use mysql;
update user set authentication_string=PASSWORD('') where user='root';
update user set plugin='mysql_native_password' where user='root';
flush privileges;
quit;

▪ Restart MySQL:

sudo service mysql restart

▪ Install unzip:

apt-get install unzip

▪ Download a Mutillidae installation script to your /var/www/ directory by using the following:

cd /var/www
sudo wget http://transpirenetworks.com/mutillidae_setup.sh

▪ Execute the Mutillidae installation script:

sudo bash mutillidae_setup.sh

▪ Unzip the LATEST-C-2.6.62.zip file

sudo unzip LATEST-mutillidae-2.6.62.zip

Finally open a web browser in Kali Linux VM and navigate to the Mutillidae index.php page by entering the following URL in the address bar

http://gliyanage187787-uws/mutillidae/index.php

If you have done everything correctly, your results should look like the example below: (You may need to click on setup/reset database)

Accessing Mutillidae from Kali Linux VM