-
-
Notifications
You must be signed in to change notification settings - Fork 802
Installation
cwcromwell edited this page Jul 1, 2018
·
57 revisions
Contents:
Before installing, please be sure these packages are already installed on your machine:
libcurl4-openssl-devlibssl-dev
Open your command line interface (You might call it a terminal or a console, we'll use CLI after this) and use any package manager (yaourt , apt, apt-get, brew) for the installation. For example:
apt-get install libssl-dev
OR
sudo apt-get install libssl-dev
If you've installed the packages above and still cannot run OWASP Nettacker without errors, you could install these:
python-devpython3-devpkgconfig openssl-dev libffi-dev musl-dev make gcc git curl-dev librtmp libxml2-dev libxslt-dev
You can install OWASP Nettacker by using one of the following options:
To install directly from GitHub using git, execute this command:
git clone https://github.com/zdresearch/OWASP-Nettacker.git && cd OWASP-Nettacker && pip install -r requirements.txt && python setup.py install
If you're done, proceed to verifying and running your installation.
To install from a zip file, follow these steps:
- Download the source code.
- Uncompress the file:
unzip master.zip - In your command line interface, go to the extracted directory (OWASP-Nettacker-master) and run this command:
pip install -r requirements.txt && python setup.py install
If you're done, proceed to verifying and running your installation.
To install from Docker, run this command:
docker build . -t owaspnettacker
The output should be similar to this:
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker build . -t owaspnettacker
Sending build context to Docker daemon 165.4MB
Step 1/7 : FROM python:2.7-alpine
---> 3e4f5b6dfb77
Step 2/7 : RUN apk add --no-cache python pkgconfig python-dev openssl-dev libffi-dev musl-dev make gcc git
---> Running in 846e6dec136b
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.4/community/x86_64/APKINDEX.tar.gz
(1/27) Upgrading libcrypto1.0 (1.0.2m-r0 -> 1.0.2n-r0)
(2/27) Upgrading libssl1.0 (1.0.2m-r0 -> 1.0.2n-r0)
(3/27) Installing binutils-libs (2.26-r1)
(4/27) Installing binutils (2.26-r1)
(5/27) Installing gmp (6.1.0-r0)
(6/27) Installing isl (0.14.1-r0)
(7/27) Installing libgomp (5.3.0-r0)
(8/27) Installing libatomic (5.3.0-r0)
(9/27) Installing libgcc (5.3.0-r0)
(10/27) Installing pkgconf (0.9.12-r0)
(11/27) Installing pkgconfig (0.25-r1)
(12/27) Installing mpfr3 (3.1.2-r0)
(13/27) Installing mpc1 (1.0.3-r0)
(14/27) Installing libstdc++ (5.3.0-r0)
(15/27) Installing gcc (5.3.0-r0)
(16/27) Installing libssh2 (1.7.0-r0)
(17/27) Installing libcurl (7.57.0-r0)
(18/27) Installing pcre (8.38-r1)
(19/27) Installing git (2.8.6-r0)
(20/27) Installing libffi (3.2.1-r2)
(21/27) Installing libffi-dev (3.2.1-r2)
(22/27) Installing make (4.1-r1)
(23/27) Installing musl-dev (1.1.14-r16)
(24/27) Installing zlib-dev (1.2.11-r0)
(25/27) Installing openssl-dev (1.0.2n-r0)
(26/27) Installing python (2.7.12-r0)
(27/27) Installing python-dev (2.7.12-r0)
Executing busybox-1.24.2-r14.trigger
OK: 182 MiB in 57 packages
---> bf25f9e1e292
Removing intermediate container 846e6dec136b
Step 3/7 : WORKDIR /usr/src/app
---> 167b8ff3d928
Removing intermediate container 7bf345637827
Step 4/7 : RUN git clone https://github.com/zdresearch/OWASP-Nettacker.git .
---> Running in 8779d17d6fcf
Cloning into '.'...
---> cd4265d42e5f
Removing intermediate container 8779d17d6fcf
Step 5/7 : RUN pip install --no-cache-dir -r requirements.txt
---> Running in 35bf9cbb36e1
Collecting argparse (from -r requirements.txt (line 1))
Downloading argparse-1.4.0-py2.py3-none-any.whl
Collecting netaddr (from -r requirements.txt (line 2))
Downloading netaddr-0.7.19-py2.py3-none-any.whl (1.6MB)
Collecting requests (from -r requirements.txt (line 3))
Downloading requests-2.18.4-py2.py3-none-any.whl (88kB)
Collecting paramiko (from -r requirements.txt (line 4))
Downloading paramiko-2.4.0-py2.py3-none-any.whl (192kB)
Collecting texttable (from -r requirements.txt (line 5))
Downloading texttable-1.2.1.tar.gz
Collecting PySocks (from -r requirements.txt (line 6))
Downloading PySocks-1.6.8.tar.gz (283kB)
Collecting win_inet_pton (from -r requirements.txt (line 7))
Downloading win_inet_pton-1.0.1.tar.gz
Collecting pyOpenSSL (from -r requirements.txt (line 8))
Downloading pyOpenSSL-17.5.0-py2.py3-none-any.whl (53kB)
Collecting flask (from -r requirements.txt (line 9))
Downloading Flask-0.12.2-py2.py3-none-any.whl (83kB)
Collecting lockfile (from -r requirements.txt (line 10))
Downloading lockfile-0.12.2-py2.py3-none-any.whl
Collecting urllib3<1.23,>=1.21.1 (from requests->-r requirements.txt (line 3))
Downloading urllib3-1.22-py2.py3-none-any.whl (132kB)
Collecting idna<2.7,>=2.5 (from requests->-r requirements.txt (line 3))
Downloading idna-2.6-py2.py3-none-any.whl (56kB)
Collecting chardet<3.1.0,>=3.0.2 (from requests->-r requirements.txt (line 3))
Downloading chardet-3.0.4-py2.py3-none-any.whl (133kB)
Collecting certifi>=2017.4.17 (from requests->-r requirements.txt (line 3))
Downloading certifi-2018.1.18-py2.py3-none-any.whl (151kB)
Collecting cryptography>=1.5 (from paramiko->-r requirements.txt (line 4))
Downloading cryptography-2.1.4.tar.gz (441kB)
Collecting pynacl>=1.0.1 (from paramiko->-r requirements.txt (line 4))
Downloading PyNaCl-1.2.1.tar.gz (3.3MB)
Collecting pyasn1>=0.1.7 (from paramiko->-r requirements.txt (line 4))
Downloading pyasn1-0.4.2-py2.py3-none-any.whl (71kB)
Collecting bcrypt>=3.1.3 (from paramiko->-r requirements.txt (line 4))
Downloading bcrypt-3.1.4.tar.gz (42kB)
Collecting six>=1.5.2 (from pyOpenSSL->-r requirements.txt (line 8))
Downloading six-1.11.0-py2.py3-none-any.whl
Collecting itsdangerous>=0.21 (from flask->-r requirements.txt (line 9))
Downloading itsdangerous-0.24.tar.gz (46kB)
Collecting click>=2.0 (from flask->-r requirements.txt (line 9))
Downloading click-6.7-py2.py3-none-any.whl (71kB)
Collecting Jinja2>=2.4 (from flask->-r requirements.txt (line 9))
Downloading Jinja2-2.10-py2.py3-none-any.whl (126kB)
Collecting Werkzeug>=0.7 (from flask->-r requirements.txt (line 9))
Downloading Werkzeug-0.14.1-py2.py3-none-any.whl (322kB)
Collecting asn1crypto>=0.21.0 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading asn1crypto-0.24.0-py2.py3-none-any.whl (101kB)
Collecting cffi>=1.7 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading cffi-1.11.4.tar.gz (436kB)
Collecting enum34 (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading enum34-1.1.6-py2-none-any.whl
Collecting ipaddress (from cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading ipaddress-1.0.19.tar.gz
Collecting MarkupSafe>=0.23 (from Jinja2>=2.4->flask->-r requirements.txt (line 9))
Downloading MarkupSafe-1.0.tar.gz
Collecting pycparser (from cffi>=1.7->cryptography>=1.5->paramiko->-r requirements.txt (line 4))
Downloading pycparser-2.18.tar.gz (245kB)
Installing collected packages: argparse, netaddr, urllib3, idna, chardet, certifi, requests, asn1crypto, six, pycparser, cffi, enum34, ipaddress, cryptography, pynacl, pyasn1, bcrypt, paramiko, texttable, PySocks, win-inet-pton, pyOpenSSL, itsdangerous, click, MarkupSafe, Jinja2, Werkzeug, flask, lockfile
Running setup.py install for pycparser: started
Running setup.py install for pycparser: finished with status 'done'
Running setup.py install for cffi: started
Running setup.py install for cffi: finished with status 'done'
Running setup.py install for ipaddress: started
Running setup.py install for ipaddress: finished with status 'done'
Running setup.py install for cryptography: started
Running setup.py install for cryptography: finished with status 'done'
Running setup.py install for pynacl: started
Running setup.py install for pynacl: still running...
Running setup.py install for pynacl: finished with status 'done'
Running setup.py install for bcrypt: started
Running setup.py install for bcrypt: finished with status 'done'
Running setup.py install for texttable: started
Running setup.py install for texttable: finished with status 'done'
Running setup.py install for PySocks: started
Running setup.py install for PySocks: finished with status 'done'
Running setup.py install for win-inet-pton: started
Running setup.py install for win-inet-pton: finished with status 'done'
Running setup.py install for itsdangerous: started
Running setup.py install for itsdangerous: finished with status 'done'
Running setup.py install for MarkupSafe: started
Running setup.py install for MarkupSafe: finished with status 'done'
Successfully installed Jinja2-2.10 MarkupSafe-1.0 PySocks-1.6.8 Werkzeug-0.14.1 argparse-1.4.0 asn1crypto-0.24.0 bcrypt-3.1.4 certifi-2018.1.18 cffi-1.11.4 chardet-3.0.4 click-6.7 cryptography-2.1.4 enum34-1.1.6 flask-0.12.2 idna-2.6 ipaddress-1.0.19 itsdangerous-0.24 lockfile-0.12.2 netaddr-0.7.19 paramiko-2.4.0 pyOpenSSL-17.5.0 pyasn1-0.4.2 pycparser-2.18 pynacl-1.2.1 requests-2.18.4 six-1.11.0 texttable-1.2.1 urllib3-1.22 win-inet-pton-1.0.1
---> a5ccab6e3534
Removing intermediate container 35bf9cbb36e1
Step 6/7 : RUN apk del --purge musl-dev gcc make git
---> Running in 7b207e9c1dcf
WARNING: Ignoring APKINDEX.167438ca.tar.gz: No such file or directory
WARNING: Ignoring APKINDEX.a2e6dac0.tar.gz: No such file or directory
(1/17) Purging gcc (5.3.0-r0)
(2/17) Purging binutils (2.26-r1)
(3/17) Purging isl (0.14.1-r0)
(4/17) Purging libatomic (5.3.0-r0)
(5/17) Purging git (2.8.6-r0)
(6/17) Purging make (4.1-r1)
(7/17) Purging musl-dev (1.1.14-r16)
(8/17) Purging binutils-libs (2.26-r1)
(9/17) Purging mpc1 (1.0.3-r0)
(10/17) Purging mpfr3 (3.1.2-r0)
(11/17) Purging gmp (6.1.0-r0)
(12/17) Purging libgomp (5.3.0-r0)
(13/17) Purging libstdc++ (5.3.0-r0)
(14/17) Purging libgcc (5.3.0-r0)
(15/17) Purging libcurl (7.57.0-r0)
(16/17) Purging libssh2 (1.7.0-r0)
(17/17) Purging pcre (8.38-r1)
Executing busybox-1.24.2-r14.trigger
OK: 80 MiB in 40 packages
---> beb7a0f208b2
Removing intermediate container 7b207e9c1dcf
Step 7/7 : CMD python ./nettacker.py
---> Running in 7b8417005f02
---> 439ccf20396e
Removing intermediate container 7b8417005f02
Successfully built 439ccf20396e
Successfully tagged owaspnettacker:latest
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>
- With the command
docker imagesyou can see the created image, namedowaspnettacker.
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
owaspnettacker latest f793144987cb 2 minutes ago 273MB
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>
- Run the image like this:
docker run -it owaspnettacker /bin/sh
C:\Users\Zombie\Documents\GitHub\OWASP-Nettacker>docker run -it owaspnettacker /bin/sh
/usr/src/owaspnettacker # ls
CODE_OF_CONDUCT.md PULL_REQUEST_TEMPLATE.md readme.md tmp
CONTRIBUTING.md api requirements.txt version
Dockerfile core results web
ISSUE_TEMPLATE.md lib scripts
LICENSE nettacker.py setup.py
/usr/src/owaspnettacker # python nettacker.py -i google.com -m tcp_connect_port_scan -t 1000
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/viraintel | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
viraintel.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[!] it's better to use thread number lower than 100, BTW we are continuing...
[+] Nettacker engine started ...
[+] You are using the last version of OWASP Nettacker ...
[+] 12 modules loaded ...
[+] target google.com submitted!
[+] start attacking google.com, 1 of 1
[+] host: google.com port: 80 found!
[+] host: google.com port: 443 found!
[+] removing temp files!
[+] sorting results!
[+] building graph ...
[+] finish building graph!
[+] updating the database...
[+] inserting report to the database
[+] removing old logs from db
[+] inserting logs to the database
[+] done!
/usr/src/owaspnettacker #
If you're done, proceed to verifying and running your installation.
(Not available until the first release!)
- Use PyPI by running this command:
pip install OWASP-Nettacker
Use the nettacker command to run OWASP Nettacker in your command line interface after installation. For example:
nettacker --version
The above command should result in output similar to this:
______ __ _____ _____
/ __ \ \ / /\ / ____| __ \
| | | \ \ /\ / / \ | (___ | |__) |
| | | |\ \/ \/ / /\ \ \___ \| ___/
| |__| | \ /\ / ____ \ ____) | | Version 0.0.1
\____/ \/ \/_/ \_\_____/|_| SAME
_ _ _ _ _
| \ | | | | | | | |
github.com/zdresearch | \| | ___| |_| |_ __ _ ___| | _____ _ __
owasp.org | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
zdresearch.com | |\ | __/ |_| || (_| | (__| < __/ |
|_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
[+] you are running OWASP Nettacker version 0.0.1 with code name SAME
To see a help directory, with a list of available commands, run this:
nettacker --help
You will see relatively long output, and it will be an up-to-date list of commands for the version you installed.
You can run the software without fully installing, by changing to the nettacker using python nettacker.py. Remember to install the requirements first, by executing pip install -r requirements.txt
If you're ready to move on with using OWASP Nettacker, continue to the Usage section in the right-hand menu at the top of this page.
If you need help or have a question, feel free to contact us through our mailing list or create an issue.