-
-
Notifications
You must be signed in to change notification settings - Fork 931
Installation
cwcromwell edited this page Jul 1, 2018
·
57 revisions
Contents:
Before installing, please be sure these packages are already installed on your machine:
libcurl4-openssl-devlibssl-dev
Open your command line interface (You might call it a terminal or a console, we'll use CLI after this) and use any package manager (yaourt , apt, apt-get, brew) for the installation. For example:
apt-get install libssl-dev
OR
sudo apt-get install libssl-dev
If you've installed the packages above and still cannot run OWASP Nettacker without errors, you could install these:
python-devpython3-devpkgconfig openssl-dev libffi-dev musl-dev make gcc git curl-dev librtmp libxml2-dev libxslt-dev
You can install OWASP Nettacker by using one of the following options:
To install directly from GitHub using git, execute this command:
git clone https://github.com/zdresearch/OWASP-Nettacker.git && cd OWASP-Nettacker && pip install -r requirements.txt && python setup.py install
If you're done, proceed to verifying and running your installation.
To install from a zip file, follow these steps:
- Download the source code.
- Uncompress the file:
unzip master.zip - In your command line interface, go to the extracted directory (OWASP-Nettacker-master) and run this command:
pip install -r requirements.txt && python setup.py install
If you're done, proceed to verifying and running your installation.
To install from Docker, run this command:
docker build . -t owaspnettacker
The output should be similar to this:
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker build . -t owaspnettacker
Sending build context to Docker daemon 165.4MB
Step 1/7 : FROM python:2.7-alpine
---> 3e4f5b6dfb77
Step 2/7 : RUN apk add --no-cache python pkgconfig python-dev openssl-dev libffi-dev musl-dev make gcc git
---> Running in 846e6dec136b
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/community/x86_64/APKINDEX.tar.gz
(1/27) Upgrading libcrypto1.0 (1.0.2m-r0 -> 1.0.2n-r0)
(2/27) Upgrading libssl1.0 (1.0.2m-r0 -> 1.0.2n-r0)
(3/27) Installing binutils-libs (2.26-r1)
(4/27) Installing binutils (2.26-r1)
(5/27) Installing gmp (6.1.0-r0)
(6/27) Installing isl (0.14.1-r0)
(7/27) Installing libgomp (5.3.0-r0)
(8/27) Installing libatomic (5.3.0-r0)
(9/27) Installing libgcc (5.3.0-r0)
(10/27) Installing pkgconf (0.9.12-r0)
(11/27) Installing pkgconfig (0.25-r1)
(12/27) Installing mpfr3 (3.1.2-r0)
(13/27) Installing mpc1 (1.0.3-r0)
(14/27) Installing libstdc++ (5.3.0-r0)
(15/27) Installing gcc (5.3.0-r0)
(16/27) Installing libssh2 (1.7.0-r0)
(17/27) Installing libcurl (7.57.0-r0)
(18/27) Installing pcre (8.38-r1)
(19/27) Installing git (2.8.6-r0)
(20/27) Installing libffi (3.2.1-r2)
(21/27) Installing libffi-dev (3.2.1-r2)
(22/27) Installing make (4.1-r1)
(23/27) Installing musl-dev (1.1.14-r16)
(24/27) Installing zlib-dev (1.2.11-r0)
(25/27) Installing openssl-dev (1.0.2n-r0)
(26/27) Installing python (2.7.12-r0)
(27/27) Installing python-dev (2.7.12-r0)
Executing busybox-1.24.2-r14.trigger
OK: 182 MiB in 57 packages
---> bf25f9e1e292
Removing intermediate container 846e6dec136b
Step 3/7 : WORKDIR /usr/src/app
---> 167b8ff3d928
Removing intermediate container 7bf345637827
Step 4/7 : RUN git clone https://github.com/zdresearch/OWASP-Nettacker.git .
---> Running in 8779d17d6fcf
Cloning into '.'...
---> cd4265d42e5f
Removing intermediate container 8779d17d6fcf
Step 5/7 : RUN pip install --no-cache-dir -r requirements.txt
---> Running in 35bf9cbb36e1
Collecting argparse (from -r requirements.txt (line 1))
Downloading argparse-1.4.0-py2.py3-none-any.whl
Collecting netaddr (from -r requirements.txt (line 2))
Downloading netaddr-0.7.19-py2.py3-none-any.whl (1.6MB)
Collecting requests (from -r requirements.txt (line 3))
Downloading requests-2.18.4-py2.py3-none-any.whl (88kB)
Collecting paramiko (from -r requirements.txt (line 4))
Downloading paramiko-2.4.0-py2.py3-none-any.whl (192kB)
Collecting texttable (from -r requirements.txt (line 5))
Downloading texttable-1.2.1.tar.gz
Collecting PySocks (from -r requirements.txt (line 6))
Downloading PySocks-1.6.8.tar.gz (283kB)
Collecting win_inet_pton (from -r requirements.txt (line 7))
Downloading win_inet_pton-1.0.1.tar.gz
Collecting pyOpenSSL (from -r requirements.txt (line 8))
Downloading pyOpenSSL-17.5.0-py2.py3-none-any.whl (53kB)
Collecting flask (from -r requirements.txt (line 9))
Downloading Flask-0.12.2-py2.py3-none-any.whl (83kB)
Collecting lockfile (from -r requirements.txt (line 10))
Downloading lockfile-0.12.2-py2.py3-none-any.whl
Collecting urllib3<1.23,>=1.21.1 (from requests->-r requirements.txt (line 3))
Downloading urllib3-1.22-py2.py3-none-any.whl (132kB)
Collecting idna<2.7,>=2.5 (from requests->-r requirements.txt (line 3))
Downloading idna-2.6-py2.py3-none-any.whl (56kB)
Collecting chardet<3.1.0,>=3.0.2 (from requests->-r requirements.txt (line 3))
Downloading chardet-3.0.4-py2.py3-none-any.whl (133kB)
Collecting certifi>=2017.4.17 (from requests->-r requirements.txt (line 3))
Downloading certifi-2018.1.18-py2.py3-none-any.whl (151kB)
Collecting cryptography>=1.5 (from paramiko->-r requirements.txt (line 4))
Downloading cryptography-2.1.4.tar.gz (441kB)
Collecting pynacl>=1.0.1 (from paramiko->-r requirements.txt (line 4))
Downloading PyNaCl-1.2.1.tar.gz (3.3MB)
Collecting pyasn1>=0.1.7 (from paramiko->-r requirements.txt (line 4))
Downloading pyasn1-0.4.2-py2.py3-none-any.whl (71kB)
Collecting bcrypt>=3.1.3 (from paramiko->-r requirements.txt (line 4))
Downloading bcrypt-3.1.4.tar.gz (42kB)
Collecting six>=1.5.2 (from pyOpenSSL->-r requirements.txt (line 8))
Downloading six-1.11.0-py2.py3-none-any.whl
Collecting itsdangerous>=0.21 (from flask->-r requirements.txt (line 9))
Downloading itsdangerous-0.24.tar.gz (46kB)
Collecting click>=2.0 (from flask->-r requirements.txt (line 9))
Downloading click-6.7-py2.py3-none-any.whl (71kB)
Collecting Jinja2>=2.4 (from flask->-r requirements.txt (line 9))
Downloading Jinja2-2.10-py2.py3-none-any.whl (126kB)
Collecting Werkzeug>=0.7 (from flask->-r requirements.txt (line 9))
Downloading Werkzeug-0.14.1-py2.py3-none-any.whl (322kB)
Collecting asn1crypto>=0.21.0 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading asn1crypto-0.24.0-py2.py3-none-any.whl (101kB)
Collecting cffi>=1.7 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading cffi-1.11.4.tar.gz (436kB)
Collecting enum34 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading enum34-1.1.6-py2-none-any.whl
Collecting ipaddress (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading ipaddress-1.0.19.tar.gz
Collecting MarkupSafe>=0.23 (from Jinja2>=2.4->flask->-r requirements.txt (line 9))
Downloading MarkupSafe-1.0.tar.gz
Collecting pycparser (from cffi>=1.7->cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading pycparser-2.18.tar.gz (245kB)
Installing collected packages: argparse, netaddr, urllib3, idna, chardet, certifi, requests, asn1crypto, six, pycparser, cffi, enum34, ipaddress, cryptography, pynacl, pyasn1, bcrypt, paramiko, texttable, PySocks, win-inet-pton, pyOpenSSL, itsdangerous, click, MarkupSafe, Jinja2, Werkzeug, flask, lockfile
Running setup.py install for pycparser: started
Running setup.py install for pycparser: finished with status 'done'
Running setup.py install for cffi: started
Running setup.py install for cffi: finished with status 'done'
Running setup.py install for ipaddress: started
Running setup.py install for ipaddress: finished with status 'done'
Running setup.py install for cryptography: started
Running setup.py install for cryptography: finished with status 'done'
Running setup.py install for pynacl: started
Running setup.py install for pynacl: still running...
Running setup.py install for pynacl: finished with status 'done'
Running setup.py install for bcrypt: started
Running setup.py install for bcrypt: finished with status 'done'
Running setup.py install for texttable: started
Running setup.py install for texttable: finished with status 'done'
Running setup.py install for PySocks: started
Running setup.py install for PySocks: finished with status 'done'
Running setup.py install for win-inet-pton: started
Running setup.py install for win-inet-pton: finished with status 'done'
Running setup.py install for itsdangerous: started
Running setup.py install for itsdangerous: finished with status 'done'
Running setup.py install for MarkupSafe: started
Running setup.py install for MarkupSafe: finished with status 'done'
Successfully installed Jinja2-2.10 MarkupSafe-1.0 PySocks-1.6.8 Werkzeug-0.14.1 argparse-1.4.0 asn1crypto-0.24.0 bcrypt-3.1.4 certifi-2018.1.18 cffi-1.11.4 chardet-3.0.4 click-6.7 cryptography-2.1.4 enum34-1.1.6 flask-0.12.2 idna-2.6 ipaddress-1.0.19 itsdangerous-0.24 lockfile-0.12.2 netaddr-0.7.19 paramiko-2.4.0 pyOpenSSL-17.5.0 pyasn1-0.4.2 pycparser-2.18 pynacl-1.2.1 requests-2.18.4 six-1.11.0 texttable-1.2.1 urllib3-1.22 win-inet-pton-1.0.1
---> a5ccab6e3534
Removing intermediate container 35bf9cbb36e1
Step 6/7 : RUN apk del --purge musl-dev gcc make git
---> Running in 7b207e9c1dcf
WARNING: Ignoring APKINDEX.167438ca.tar.gz: No such file or directory
WARNING: Ignoring APKINDEX.a2e6dac0.tar.gz: No such file or directory
(1/17) Purging gcc (5.3.0-r0)
(2/17) Purging binutils (2.26-r1)
(3/17) Purging isl (0.14.1-r0)
(4/17) Purging libatomic (5.3.0-r0)
(5/17) Purging git (2.8.6-r0)
(6/17) Purging make (4.1-r1)
(7/17) Purging musl-dev (1.1.14-r16)
(8/17) Purging binutils-libs (2.26-r1)
(9/17) Purging mpc1 (1.0.3-r0)
(10/17) Purging mpfr3 (3.1.2-r0)
(11/17) Purging gmp (6.1.0-r0)
(12/17) Purging libgomp (5.3.0-r0)
(13/17) Purging libstdc++ (5.3.0-r0)
(14/17) Purging libgcc (5.3.0-r0)
(15/17) Purging libcurl (7.57.0-r0)
(16/17) Purging libssh2 (1.7.0-r0)
(17/17) Purging pcre (8.38-r1)
Executing busybox-1.24.2-r14.trigger
OK: 80 MiB in 40 packages
---> beb7a0f208b2
Removing intermediate container 7b207e9c1dcf
Step 7/7 : CMD python ./nettacker.py
---> Running in 7b8417005f02
---> 439ccf20396e
Removing intermediate container 7b8417005f02
Successfully built 439ccf20396e
Successfully tagged owaspnettacker:latest
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>
- With the command
docker imagesyou can see the created image, namedowaspnettacker.
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
owaspnettacker latest f793144987cb 2 minutes ago 273MB
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>
- Run the image like this:
docker run -it owaspnettacker /bin/sh
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker run -it owaspnettacker /bin/sh
/usr/src/owaspnettacker # ls
CODE_OF_CONDUCT.md PULL_REQUEST_TEMPLATE.md readme.md tmp
CONTRIBUTING.md api requirements.txt version
Dockerfile core results web
ISSUE_TEMPLATE.md lib scripts
LICENSE nettacker.py setup.py
/usr/src/owaspnettacker # python nettacker.py -i google.com -m tcp_connect_port_scan -t 1000
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[!] it's better to use thread number lower than 100, BTW we are continuing...
[+] Nettacker engine started ...
[+] You are using the last version of OWASP Nettacker ...
[+] 12 modules loaded ...
[+] target google.com submitted!
[+] start attacking google.com, 1 of 1
[+] host: google.com port: 80 found!
[+] host: google.com port: 443 found!
[+] removing temp files!
[+] sorting results!
[+] building graph ...
[+] finish building graph!
[+] updating the database...
[+] inserting report to the database
[+] removing old logs from db
[+] inserting logs to the database
[+] done!
/usr/src/owaspnettacker #
If you're done, proceed to verifying and running your installation.
(Not available until the first release!)
- Use PyPI by running this command:
pip install OWASP-Nettacker
Use the nettacker command to run OWASP Nettacker in your command line interface after installation. For example:
nettacker --version
The above command should result in output similar to this:
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/zdresearch | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
zdresearch.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[+] you are running OWASP Nettacker version 0.0.1 with code name SAME
To see a help directory, with a list of available commands, run this:
nettacker --help
You can run the software without fully installing, by changing to the nettacker using python nettacker.py. Remember to install the requirements first, by executing pip install -r requirements.txt
If you need help or have a question, feel free to contact us through our mailing list or create an issue.