Thursday 7 July 2011

Installing w3af on Amazon Linux AMI

Having a host to scan your network from the Internet is useful and cloud providers allow us to spin up virtual servers to scratch this itch. I've been using Amazon EC2 for this and one challenge can be installing tools, particularly if you opt for one of the pre-built OS images on offer.

I've been installing w3af on just such a VM.
$ cat /etc/system-release
Amazon Linux AMI release 2011.02.1.1 (beta)

Install RPM packages
There are several RPM packages that satisfy the dependencies for w3af but you are going to be left with a fair few that require manual installation. Start by installing what you can from the yum repository.
$ sudo yum install python26 python26-devel python26-tools pyOpenSSL SOAPpy \
PyYAML libxml2-devel libxslt-devel gcc make subversion-devel gcc-c++ \
libcom_err-devel openssl-devel

Install pybloomfilter
$ wget http://pypi.python.org/packages/source/p/pybloomfiltermmap/pybloomfiltermmap-0.2.0.tar.gz#md5=7e77edec5b442bc29bb4ec5f09cb2ad5
$ tar xzvf pybloomfiltermmap-0.2.0.tar.gz
$ cd pybloomfiltermmap-0.2.0
$ sudo python setup.py install

Install nltk
$ wget http://nltk.googlecode.com/files/nltk-2.0.1rc1.tar.gz
$ tar xzvf nltk-2.0.1rc1.tar.gz
$ cd nltk-2.0.1rc1
$ sudo python setup.py install

Install lxml
$ wget http://pypi.python.org/packages/source/l/lxml/lxml-2.3.tar.gz#md5=a245a015fd59b63e220005f263e1682a
$ tar xzvf lxml-2.3.tar.gz
$ cd lxml-2.3
$ sudo python setup.py install

Install pysvn
$ wget http://pysvn.barrys-emacs.org/source_kits/pysvn-1.7.5.tar.gz
$ tar xzvf pysvn-1.7.5.tar.gz
$ cd pysvn-1.7.5
$ sudo python setup.py install

Install scapy
$ wget http://www.secdev.org/projects/scapy/files/scapy-latest.tar.gz
$ tar xzvf scapy-latest.tar.gz
$ cd scapy-2.1.0
$ sudo python setup.py install

Install w3af
All being well you should have all of the dependencies installed. Check out the latest code from svn and away you go.

$ svn co https://w3af.svn.sourceforge.net/svnroot/w3af/trunk w3af
$ cd w3af
$ ./w3af_console
Posted by at No comments:

Wednesday 15 June 2011

PDF reports in Greenbone Security Assistant

I've seen a few forum posts on PDF report generation failing on Greenbone Security Assistant, particularly when installing for pre-compiled packages. If you check in the /tmp directory you will find the remains of the working directory used to create the report and a useful log file.
! LaTeX Error: File `utf8x.def' not found.
There's a quick workaround that deals with this missing dependency since no CentOS package actually contains utf8x.def.
[root@server ~]# cd /usr/share/texmf/tex/latex/base/
[root@server base]# ln -s utf8.def utf8x.def
[root@server base]# texhash
PDF reporting should now work.
Posted by at 1 comment:
Subscribe to: Posts (Atom)