Getting WordPress in a virtual machine
Here, I will talk about how to quickly get WordPress running in a virtual machine. I will use VirtualBox. Note that this is valid for other CMS. You can download a virtual machine with WordPress fully integrated here, on the bitnami website, that provides a lot of material and solutions to make your life easier. After downloading it, check the checksum value of the file you just dowloaded, and compare it to that given on the website. You can then open the file with VirtualBox. Follow the instruction and import the new appliance. And that’s it, you have your web server with Worpress on it ready.
If you are a web pentester enthusiast, you probably already know some plateforms where you can test your skills (OverTheWire, vulnhub, hackthisite, etc.). However, sometimes, you might be targeting a specific web application. This application might have a captcha (or not) or have non standard settings. In such case, you would probably need a dummy app, that you can set as you wish, and on which you can test your tools or fine tune your scripts. One solution would be to install a web server, and then replicate the app you want to attack. Starting from scratch can be a hassle, especially if you want to test different web frameworks or different content management systems (CMS), such as Worpress, Joomla, etc. One of the solutions is to get a virtual machine with everything already implemented, for you, in it. Luckily, such solutions already exist. (more…)