WebGoat Installation

From OWASP
Revision as of 21:36, 23 December 2006 by Koussa (Talk | contribs)

Jump to: navigation, search

WebGoat User Guide Table of Contents

Contents


WebGoat is a platform independent environment. It utilizes Apache Tomcat and the JAVA development environment. Installers are provided for Microsoft Windows and UN*X environments, together with notes for installation on other platforms.

Installing Java and Tomcat

Installing Java

  1. Install and deploy the approprite version from http://java.sun.com/downloads/ (1.4.1 or later)

Installing Tomcat

  1. Install and deploy core Tomcat from http://tomcat.apache.org/download-55.cgi

Installing to Windows

  1. Unzip the Windows_WebGoat-x.x.zip to your working environment
  2. To start Tomcat, browse to the WebGoat directory unzipped above and double click "webgoat.bat"
  3. Start your browser and browse to: http://localhost/WebGoat/attack This link is case-sensitive. Make sure to use a large ‘W’ and ‘G’.

Installing to Linux

  1. Unzip the Unix_WebGoat-x.x.zip to your working directory
  2. Edit the following line in webgoat.sh, set JAVA_HOME to your JDK1.5 path.
 JAVA_HOME="SET ME TO YOUR JAVA 1.5 JDK PATH"
  1. Since the latest version runs on a privileged port, you will need to start/stop WebGoat as root.
sudo sh webgoat.sh start
sudo sh webgoat.sh stop

Installing to OS X (Tiger 10.4+)

  1. Unzip the Unix_WebGoat-x.x.zip to your working directory
  2. Since the latest version runs on a privileged port, you will need to start/stop WebGoat as root.

sudo sh webgoat.sh start sudo sh webgoat.sh stop

Running

  1. Start your browser and browse to: http://localhost/WebGoat/attack. Notice the capital 'W' and 'G'
  2. Login in as: user = guest, password = guest

Building

Skip these steps if you just want to run WebGoat <this section is incomplete>


WebGoat User Guide Table of Contents

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.