API tools faq
paste
Guest User

settings.php

a guest
Jul 19th, 2017
31
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.17 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*
  4.  
  5. bWAPP, or a buggy web application, is a free and open source deliberately insecure web application.
  6. It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities.
  7. bWAPP covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project!
  8. It is for security-testing and educational purposes only.
  9.  
  10. Enjoy!
  11.  
  12. Malik Mesellem
  13. Twitter: @MME_IT
  14.  
  15. bWAPP is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License (http://creativecommons.org/licenses/by-nc-nd/4.0/). Copyright © 2014 MME BVBA. All rights reserved.
  16.  
  17. */
  18.  
  19. // Database connection settings
  20. $db_server = "localhost";
  21. $db_username = "root";
  22. $db_password = "";
  23. $db_name = "bWAPP";
  24.  
  25. // SQLite database name
  26. $db_sqlite = "db/bwapp.sqlite";
  27.  
  28. // SMTP settings
  29. $smtp_sender = "bwapp@mailinator.com";
  30. $smtp_recipient = "bwapp@mailinator.com";
  31. $smtp_server = "";
  32.  
  33. // A.I.M.
  34. // A.I.M., or Authentication Is Missing, is a no-authentication mode
  35. // It can be used for testing web scanners and crawlers
  36. // Steps to crawl all pages, and to detect all vulnerabilities without authentication:
  37. // 1. Change the IP address(es) in this file to the IP address(es) of your tool(s)
  38. // 2. Point your web scanners, crawlers or attack tools to this URL: http://[bWAPP-IP]/bWAPP/aim.php
  39. // 3. Push the button: all hell breaks loose...
  40. $AIM_IPs = array("6.6.6.6", "6.6.6.7", "6.6.6.8", "10.0.1.66");
  41. $AIM_subnet = "6.6.6.0/30";
  42. //
  43. // Add here the files that could break bWAPP or your web server in the A.I.M. mode
  44. $AIM_exclusions = array("aim.php", "ba_logout.php", "cs_validation.php", "csrf_1.php", "http_verb_tampering.php", "ldap_connect.php", "ldapi.php", "portal.php", "sm_dos_2.php", "sm_obu_files.php");
  45.  
  46. // Evil bee mode
  47. // All bWAPP security levels are bypassed in this mode by using a fixed cookie (security_level: 666)
  48. // It can be combined with the A.I.M. mode, your web scanner will ONLY detect the vulnerabilities
  49. // Evil bees are HUNGRY :)
  50. // Possible values: 0 (off) or 1 (on)
  51. $evil_bee = 0;
  52.  
  53. // Static credentials
  54. // These credentials are used on some PHP pages
  55. $login = "bee";
  56. $password = "bug";
  57.  
  58. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!