Installing Dot Defendera11y.text Installing Dot Defender
Preparing our Web Application Environmenta11y.text Preparing our Web Application Environment
First we have to install dotDefender on Metasploitable. This can be done by opening a command prompt and using wget on the following url:
Retrieving dotDefender using WGET | Metasploit Unleashed
Then we must gunzip the downloaded file, make it executable using the chmod command and then run the .bin file to start the installation.
Decompressing dotDefender with GUNZIP | Metasploit Unleashed
Once the installation starts we should be prompted with the following screen. Select “Next”.
dotDefender Installation Screen | Metasploit Unleashed
We must agree to the License Agreement by selecting “I Agree”.
Metasploitable License Agreement | Metasploit Unleashed
We can leave the default options and continue with the installation by selecting “Next”.
Metasploitable Configuration Options | Metasploit Unleashed
Here we must insert the location of Apache in Metasploitable. Apache is located at:
Then continue by selecting “Next”.
Metasploitable Apache path | Metasploit Unleashed
This information should be auto-filled in by the installer. Continue by selecting “Next”.
Apache config path | Metasploitable
Here we must enter the password we would like to use for the dotDefender Administration GUI. Once we are finished we can select “Next”.
Choose a password for Metasploitable
Make sure all the configuration options are correct with the following picture and select “Next”.
Verify Metasploitable settings
Once we select “Go” the installation will begin.
For this demonstration we only need to use dotDefender for monitoring. Once that is selected we can hit “Next”.
If everything was successful we should have a screen like the one as follows. We will need to restart Apache before being able to use dotDefender so we can do so with:
Restarting Apache | Metasploit Unleashed
Once Apache has restarted we will need to connect to the GUI URL and insert the username “admin” and the password we created during the install and then hit “Log In”.
Metasploitable web portal login
Now we have to add the site to dotDefender. This will be the IP of Metasploitable. Then select “Add New Site”.
Once it has been added we will see the new section. Now the only thing left to do is select “Start dotDefender”
Once we see the green check mark saying “dotDefender is enabled” the install is finished.