在 Kali 上安裝 w3af,我該怎麼做?
我現在被困在安裝“python-pip”上,就像錯誤程式碼說的那樣,只是說它找不到那個包。所以我在下載後通過“sudo python get-pip.py”根據python文件安裝它,但沒有。它仍然說它未安裝(已檢查它是否在 PATH 中,並且確實如此)。
不滿足 w3af 的要求,需要安裝一個或多個第三方庫。
在 Kali 系統上,請在執行 pip 安裝程序之前安裝以下作業系統包: sudo apt-get -y install python-pip
您的 python 安裝需要以下模組來執行 w3af: pyclamd github git.util pybloomfilter phply nltk tblib pdfminer concurrent.futures OpenSSL ndg pyasn1 lxml scapy.config guess_language cluster msgpack ntlm Halberd darts.lib.utils jinja2 vulndb markdown psutil ds_store termcolor mitmproxy ruamel。 ordereddict Flask yaml tldextract pebble acora esmre diff_match_patch bravado_core lz4 vulners ipaddresses subprocess32
安裝完任何缺失的作業系統包後,使用 pip 安裝剩餘的模組: sudo pip install pyClamd==0.4.0 PyGithub==1.21.0 GitPython==2.1.3 pybloomfiltermmap==0.3.14 phply==0.9.1 nltk ==3.0.1 tblib==0.2.0 pdfminer==20140328 futures==3.2.0 pyOpenSSL==18.0.0 ndg-httpsclient==0.4.0 pyasn1==0.4.2 lxml==3.4.4 scapy== 2.4.0guess-language==0.2 cluster==1.1.1b3 msgpack==0.5.6 python-ntlm==1.0.1 halberd==0.2.4 darts.util.lru==0.5 Jinja2==2.10 vulndb== 0.1.1 markdown==2.6.1 psutil==5.4.8 ds-store==1.1.2 termcolor==1.1.0 mitmproxy==0.13 ruamel.ordereddict==0.4.8 Flask==0.10.1 PyYAML== 3.12 tldextract==1.7.2 pebble==4.3.8 acora==2.1 esmre==0.3.1 diff-match-patch==20121119 bravado-core==5.12.1 lz4==1.1.0 漏洞==1.3。 0 ipaddresses==0.0.2 子程序32==3.5.4
w3af 使用的外部程序未安裝或未找到。執行以下命令將它們安裝到您的系統上:
npm install -g retire@2.0.3 npm update -g retire根據 Kali 的文件
$$ 0 $$為了避免破壞打包的 w3af 版本,您應該執行以下命令: cd ~ apt-get install -y python-pip pip install –upgrade pip git clone https/github.com/andresriancho/w3af.git cd w3af ./w3af_console 。/tmp/w3af_dependency_install.sh
$$ 0 $$ http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/ 已在 /tmp/w3af_dependency_install.sh 為您創建了包含這些命令的腳本
在kali文件中閱讀他們說你不應該修改sources.list那麼我到底應該怎麼做呢?花了我一整天的時間。我參加了一門網路安全課程,可以在 w3af 和 arachni 掃描器之間進行選擇,以找到更難的 XSS 漏洞。我已經放棄了 Arachni,因為它想要安裝 msgpack,並且我已經將它安裝在“bundle install”之外,因為在使用“bundle install”時它會失敗,如下圖所示。
ali@kali:~/Downloads/arachni$ bundle install Fetching gem metadata from https://rubygems.org/.......... Fetching gem metadata from https://rubygems.org/. Resolving dependencies... Using rake 11.3.0 Following files may not be writable, so sudo is needed: /usr/local/bin /var/lib/gems/2.7.0 /var/lib/gems/2.7.0/build_info /var/lib/gems/2.7.0/cache /var/lib/gems/2.7.0/doc /var/lib/gems/2.7.0/extensions /var/lib/gems/2.7.0/gems /var/lib/gems/2.7.0/specifications Using addressable 2.3.6 Using arachni-reactor 0.1.2 Using arachni-rpc 0.2.1.4 Using awesome_print 1.6.1 Using bundler 2.1.4 Using ffi 1.12.2 Using childprocess 0.5.3 Using coderay 1.1.0 Using concurrent-ruby 1.0.2 Using concurrent-ruby-ext 1.0.2 Using http_parser.rb 0.6.0 Using kramdown 1.4.1 Using mini_portile2 2.1.0 Using nokogiri 1.6.8.1 Using loofah 2.0.3 Fetching msgpack 0.7.0 Your user account isn't allowed to install to the system RubyGems. You can cancel this installation and run: bundle install --path vendor/bundle to install the gems into ./vendor/bundle/, or you can enter your password and install the bundled gems to RubyGems using sudo. Password: Your user account isn't allowed to install to the system RubyGems. You can cancel this installation and run: bundle install --path vendor/bundle to install the gems into ./vendor/bundle/, or you can enter your password and install the bundled gems to RubyGems using sudo. Password: Installing msgpack 0.7.0 with native extensions Gem::Ext::BuildError: ERROR: Failed to build gem native extension. current directory: /tmp/bundler20200428-6044-btnsn7msgpack-0.7.0/gems/msgpack-0.7.0/ext/msgpack /usr/bin/ruby2.7 -I /usr/lib/ruby/2.7.0 -r ./siteconf20200428-6044-1by26ez.rb extconf.rb checking for ruby/st.h... yes checking for st.h... yes checking for rb_str_replace() in ruby.h... yes checking for rb_intern_str() in ruby.h... yes checking for rb_sym2str() in ruby.h... yes checking for rb_str_intern() in ruby.h... yes checking for rb_block_lambda() in ruby.h... yes checking for rb_hash_dup() in ruby.h... yes checking for rb_hash_clear() in ruby.h... yes creating Makefile current directory: /tmp/bundler20200428-6044-btnsn7msgpack-0.7.0/gems/msgpack-0.7.0/ext/msgpack make "DESTDIR=" clean current directory: /tmp/bundler20200428-6044-btnsn7msgpack-0.7.0/gems/msgpack-0.7.0/ext/msgpack make "DESTDIR=" compiling buffer.c compiling buffer_class.c buffer_class.c: In function ‘read_until_eof’: buffer_class.c:261:17: warning: passing argument 3 of ‘rb_rescue2’ from incompatible pointer type [-Wincompatible-pointer-types] 261 | read_until_eof_error, (VALUE)(void*) args, | ^~~~~~~~~~~~~~~~~~~~ | | | VALUE (*)(VALUE) {aka long unsigned int (*)(long unsigned int)} In file included from /usr/include/ruby-2.7.0/ruby.h:33, from compat.h:22, from buffer_class.c:19: /usr/include/ruby-2.7.0/ruby/ruby.h:1988:40: note: expected ‘VALUE (*)(VALUE, VALUE)’ {aka ‘long unsigned int (*)(long unsigned int, long unsigned int)’} but argument is of type ‘VALUE (*)(VALUE)’ {aka ‘long unsigned int (*)(long unsigned int)’} 1988 | VALUE rb_rescue2(VALUE(*)(VALUE),VALUE,VALUE(*)(VALUE,VALUE),VALUE,...); | ^~~~~~~~~~~~~~~~~~~~~ compiling core_ext.c In file included from /usr/include/ruby-2.7.0/ruby.h:33, from compat.h:22, from core_ext.h:21, from core_ext.c:19: core_ext.c: In function ‘MessagePack_core_ext_module_init’: core_ext.c:135:22: error: ‘rb_cFixnum’ undeclared (first use in this function) 135 | rb_define_method(rb_cFixnum, "to_msgpack", Fixnum_to_msgpack, -1); | ^~~~~~~~~~ /usr/include/ruby-2.7.0/ruby/ruby.h:2799:104: note: in definition of macro ‘rb_define_method’ 2799 | #define rb_define_method(klass, mid, func, arity) rb_define_method_choose_prototypem3((arity),(func))((klass),(mid),(func),(arity)); | ^~~~~ core_ext.c:135:22: note: each undeclared identifier is reported only once for each function it appears in 135 | rb_define_method(rb_cFixnum, "to_msgpack", Fixnum_to_msgpack, -1); | ^~~~~~~~~~ /usr/include/ruby-2.7.0/ruby/ruby.h:2799:104: note: in definition of macro ‘rb_define_method’ 2799 | #define rb_define_method(klass, mid, func, arity) rb_define_method_choose_prototypem3((arity),(func))((klass),(mid),(func),(arity)); | ^~~~~ core_ext.c:136:22: error: ‘rb_cBignum’ undeclared (first use in this function) 136 | rb_define_method(rb_cBignum, "to_msgpack", Bignum_to_msgpack, -1); | ^~~~~~~~~~ /usr/include/ruby-2.7.0/ruby/ruby.h:2799:104: note: in definition of macro ‘rb_define_method’ 2799 | #define rb_define_method(klass, mid, func, arity) rb_define_method_choose_prototypem3((arity),(func))((klass),(mid),(func),(arity)); | ^~~~~ make: *** [Makefile:245: core_ext.o] Error 1 make failed, exit code 2 Gem files will remain installed in /tmp/bundler20200428-6044-btnsn7msgpack-0.7.0/gems/msgpack-0.7.0 for inspection. Results logged to /tmp/bundler20200428-6044-btnsn7msgpack-0.7.0/extensions/x86_64-linux/2.7.0/msgpack-0.7.0/gem_make.out An error occurred while installing msgpack (0.7.0), and Bundler cannot continue. Make sure that `gem install msgpack -v '0.7.0' --source 'https://rubygems.org/'` succeeds before bundling. In Gemfile: arachni was resolved to 1.5.1, which depends on msgpack有人可以幫幫我嗎?我有 Kali Linux 的最新“安裝”媒體
w3af並arachni已從 kali-linux 中刪除(不再維護 Arachni)。但是您可以將它們安裝在 Debian Jessie (debian 8) 上。w3af
w3af 在debian jessie上可用,它可以通過以下方式安裝
apt:apt install w3af編輯
/usr/bin/w3af_console文件,更改2.5為2.7:#!/bin/sh if [ -r /usr/share/w3af/w3af_console ] ; then /usr/bin/python2.5 /usr/share/w3af/w3af_console $@ fi到
#!/bin/sh if [ -r /usr/share/w3af/w3af_console ] ; then /usr/bin/python2.7 /usr/share/w3af/w3af_console $@ fi蜘蛛
遵循安裝指南:基於源
Arachni 將在任何滿足以下依賴關係的 *nix 環境中執行:
- Ruby 2.2.0 到 2.3.3。
+ 帶有 OpenSSL 支持的 libcurl。 + C/C++ 編譯器和 GNU make 以建構必要的擴展。
安裝依賴項:
apt-get install build-essential curl libcurl3 libcurl4-openssl-dev ruby ruby-dev apt-get install zlib1g-dev liblzma-dev
rvm按照官方指南安裝gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB \curl -sSL https://get.rvm.io | bash -s stable --ruby然後安裝一個 ruby 版本2.2.0 到 2.3.3。(在 debian jessie 上,預設版本是 2.1)
source /usr/local/rvm/scripts/rvm rvm install ruby 2.3.0 rvm use 2.3.0 --default gem update --system --no-document gem install bundler nokogiri --no-document安裝
arachni:gem install arachni