Websecurify is a web application testing tool developed by Petko Petkov that automatically identifies web application vulnerabilities by using advanced discovery and fuzzing technologies. To know more about Websecurify, click on the link here.
For Ubuntu 8.10 (or older) users (others can skip to the Websecurify Installation section below)
Before installing Websecurify on your Ubuntu system, you will need to have xulrunner v1.9.1 (or higher) installed. Since your installation of Ubuntu has an older version of xulrunner, you will need to update your system to meet this pre-requisite. The easiest way to do this is by installing Firefox 3.5 which come with the required version xulrunner.
The easiest/safest way to do this is to go to the "ubuntu-mozilla-daily" PPA archive at URL:
https://launchpad.net/~ubuntu-mozilla-daily/+archive/ppa
Follow the instruction there to get your version of Ubuntu installed with the correct repository that holds the version on firefox 3.5 compatible with your Ubuntu installation. Remember to also install the public key to you don't get prompted with security warnings when trying to use the repository.
Then, we update the machine's repository database with:
sudo apt-get update
sudo apt-get upgrade
To install Firefox 3.5 (warning, this will replace older versions of firefox in your Ubuntu machine):
sudo apt-get install firefox-3.5
Websecurify Installation
Download the Linux version at URL http://websecurify.googlecode.com/files/Websecurify%200.4.tgz (download the file to your Desktop)
Create a folder to store the websecurify application:
mkdir ~/websecurify-0.4
Go into the folder you just created:
cd ~/websecurify-0.4
Extract the archive:
tar -zxvvf ~/Desktop/Websecurify\ 0.4.tgz
To install the application, type:
xulrunner --install-app application.ini
To launch Websecurify, type:
xulrunner --app application.ini
Note: For Ubuntu 8.10 (or older) users, you must type in xulrunner-1.9.1 instead of xulrunner to install and to launch Websecurify.
Monday, November 23, 2009
Wednesday, November 18, 2009
Installing OpenVAS 2.0.x on Ubuntu Linux...
This is a follow-up to my earlier article on Installing OpenVAS 1.0.x
OpenVAS has started releasing betas of v3.0.x, so I thought I'd write a tutorial on how to install the latest stable version of OpenVAS (v2.0.x).
Before we begin, it is best that we update our Ubuntu libraries and applications to the latest versions by typing the following in a terminal:
sudo apt-get update
sudo apt-get upgrade
Once you have updated your machine, we will need to install the following libraries and applications to compile and install OpenVAS. Again, in the terminal:
sudo apt-get install build-essential libgnutls-dev libpcap0.8-dev bison
sudo apt-get install libgtk2.0-dev libglib2.0-dev libgpgme11-dev libssl-dev htmldoc
Now that the machine is ready to work with the OpenVAS sources, you then need to download the following source codes from the OpenVAS website. You can find the sources at URL http://wald.intevation.org/frs/?group_id=29
Download the latest version of the following:
openvas-libraries (latest v2.0.x)
openvas-libnasl (latest v2.0.x)
openvas-server (latest v2.0.x)
openvas-plugins (latest v1.0.x)
openvas-client (latest v2.0.x)
You will need to install OpenVAS in the above listed order. To install each component, you will need to do the following:
tar zxvf [filename of .tar.gz file]
cd [sub-folder of same name as .tar.gz file]
./configure
make
sudo make install
cd ..
Once all five components are compiled and installed, you will then need to let Ubuntu know about the new libraries you have just compiled before the can be used by typing in:
sudo ldconfig -v
For the first time use of OpenVAS, you will need to create a new cert and add in the first user that can login into the OpenVAS server by running both:
sudo openvas-mkcert
sudo openvas-adduser
Periodically (I usually run it once every day, or just before I am about to use OpenVAS), you will need to update the plugins that OpenVAS uses to detect newer vulnerabilities which are found everyday. You can do that by typing:
sudo openvas-nvt-sync
To start the OpenVAS server, activate the server by typing in:
sudo openvasd -D
And running the OpenVAS client by typing:
sudo OpenVAS-Client
If you want to learn or know more about OpenVAS, visit them at http://www.openvas.org/
Note: Tested on Ubuntu 9.10, and I assume you are doing all this with user access (that is why, some root only commands have the "sudo" command in front of them) and am running the kernel in i386 (32-bit) mode.
OpenVAS has started releasing betas of v3.0.x, so I thought I'd write a tutorial on how to install the latest stable version of OpenVAS (v2.0.x).
Before we begin, it is best that we update our Ubuntu libraries and applications to the latest versions by typing the following in a terminal:
sudo apt-get update
sudo apt-get upgrade
Once you have updated your machine, we will need to install the following libraries and applications to compile and install OpenVAS. Again, in the terminal:
sudo apt-get install build-essential libgnutls-dev libpcap0.8-dev bison
sudo apt-get install libgtk2.0-dev libglib2.0-dev libgpgme11-dev libssl-dev htmldoc
Now that the machine is ready to work with the OpenVAS sources, you then need to download the following source codes from the OpenVAS website. You can find the sources at URL http://wald.intevation.org/frs/?group_id=29
Download the latest version of the following:
openvas-libraries (latest v2.0.x)
openvas-libnasl (latest v2.0.x)
openvas-server (latest v2.0.x)
openvas-plugins (latest v1.0.x)
openvas-client (latest v2.0.x)
You will need to install OpenVAS in the above listed order. To install each component, you will need to do the following:
tar zxvf [filename of .tar.gz file]
cd [sub-folder of same name as .tar.gz file]
./configure
make
sudo make install
cd ..
Once all five components are compiled and installed, you will then need to let Ubuntu know about the new libraries you have just compiled before the can be used by typing in:
sudo ldconfig -v
For the first time use of OpenVAS, you will need to create a new cert and add in the first user that can login into the OpenVAS server by running both:
sudo openvas-mkcert
sudo openvas-adduser
Periodically (I usually run it once every day, or just before I am about to use OpenVAS), you will need to update the plugins that OpenVAS uses to detect newer vulnerabilities which are found everyday. You can do that by typing:
sudo openvas-nvt-sync
To start the OpenVAS server, activate the server by typing in:
sudo openvasd -D
And running the OpenVAS client by typing:
sudo OpenVAS-Client
If you want to learn or know more about OpenVAS, visit them at http://www.openvas.org/
Note: Tested on Ubuntu 9.10, and I assume you are doing all this with user access (that is why, some root only commands have the "sudo" command in front of them) and am running the kernel in i386 (32-bit) mode.
Metasploit 3.3 is now available!
The guys at Metasploit have release Metasploit Framework 3.3. To install this in Ubuntu, please follow the instructions from their wiki page.
Thursday, November 12, 2009
eee-control for Ubuntu 9.10 (Karmic Koala)
I have been waiting patiently for Grigori Goronzy, the developer of eee-control to release a version of the utility for Karmic Koala (URL http://greg.geekmind.org/eee-control/). However, three weeks since Karmic was released, Grigori has yet to release an update.
Dan Amlund has downloaded the latest version Grigori released for Jaunty Jackalope (0.9.4) and fixed it so that it will install on Karmic Koala. I have installed iton my EeePC 701 and everything seems to be working (your mileage may vary).
To get Dan's version of eee-control which works on Karmic Koala,visit Ubuntu Geek's article at URL http://www.ubuntugeek.com/howto-install-eee-control-in-ubuntu-9-10-karmic.html
Dan Amlund has downloaded the latest version Grigori released for Jaunty Jackalope (0.9.4) and fixed it so that it will install on Karmic Koala. I have installed iton my EeePC 701 and everything seems to be working (your mileage may vary).
To get Dan's version of eee-control which works on Karmic Koala,visit Ubuntu Geek's article at URL http://www.ubuntugeek.com/howto-install-eee-control-in-ubuntu-9-10-karmic.html
Saturday, September 12, 2009
The ever important /tmp folder...
I was busy trying to see if I could speed up Adobe's flash which crawls on Linux systems, yet on the same computer running Windows XP, the same flash application runs much faster. I Googled the net and tried the recommendations other users had posted. I tried one of those recommendations and noticed that the application started quick enough but over time, slowed down to a crawl. Even if I reload that web page, the application still crawled.
What did I do? I said to myself, maybe if I deleted the /tmp folder, the flash application would reload and work like normal. I then started the command shell and typed:
sudo rm -r /tmp
Thinking that if anything goes wrong, just restart Ubuntu and it should recreate the /tmp folder since I've came to an understanding that Linux will delete all files in the /tmp folder at startup anyway. Once I deleted the folder, I didn't get the results I was expecting and said to myself that I best restart my computer.
Computer restarts and loads up in about 30 seconds (Jaunty does that on my Pentium M 1.73GHz computer). I then give my login credentials but get an error message saying "mkdtemp: private socket dir: Permission denied".
I Googled the error message (from another computer) and it turns out that if you delete the /tmp folder, Ubuntu will recreate the /tmp folder but with the wrong permission settings!
How did I solved this? I restarted Ubuntu in recovery mode, then issued the command:
sudo chmod a+w /tmp
Restarted Ubuntu and problem solved. Now you know how to DoS your own machine and fix it. :)
What did I do? I said to myself, maybe if I deleted the /tmp folder, the flash application would reload and work like normal. I then started the command shell and typed:
sudo rm -r /tmp
Thinking that if anything goes wrong, just restart Ubuntu and it should recreate the /tmp folder since I've came to an understanding that Linux will delete all files in the /tmp folder at startup anyway. Once I deleted the folder, I didn't get the results I was expecting and said to myself that I best restart my computer.
Computer restarts and loads up in about 30 seconds (Jaunty does that on my Pentium M 1.73GHz computer). I then give my login credentials but get an error message saying "mkdtemp: private socket dir: Permission denied".
I Googled the error message (from another computer) and it turns out that if you delete the /tmp folder, Ubuntu will recreate the /tmp folder but with the wrong permission settings!
How did I solved this? I restarted Ubuntu in recovery mode, then issued the command:
sudo chmod a+w /tmp
Restarted Ubuntu and problem solved. Now you know how to DoS your own machine and fix it. :)
Tuesday, August 25, 2009
Create a .deb package from source files
If you are like me, you will find that you need to install a lot of application software from the source code and compile the build for your specific platform. The most common way of installing the program is to download the source (usually it's a file with .tgz or .tar.gz extension to it), unpack the file, go into the directory where the source files are extracted, run the configure tool, followed by the make and finally the make install commands.
wget http://site.com/source/program-1.0.tgz
tar -zxvf program-1.0.tgz
cd program-1.0
./configure
make
sudo make install
This will download, extract, compile and install the program in your Ubuntu eco-system.
If you have to do this to a few machines or need to reinstall your computer ever so often, it would simply be easier if you could create a .deb file and simply install the program when you need to which is faster, and you do not need the installation of compiler, make utility, header and dev libraries.
There is a tool called checkinstall which you can install from the Ubuntu repository. To do that, simply run the command:
sudo apt-get install checkinstall
Once that is installed, when you want to create a .deb file, you do pretty much everything like normal but instead of installing the program with "sudo make install", you create a .deb at this point with the command "sudo checkinstall" which will create the .deb file for you.
You can then copy the .deb file into a safe place, and when you need to install in the future, copy the .deb file to your local directory and issue the command "sudo dpkg -i package.deb" which will install the applictaion for you without the need for the source download, dev libraries, compiler, etc.
Note: These are basic instructions that may not always work. Some packages require additional dependencies and optional parameters to be specified in order to build them successfully.
wget http://site.com/source/program-1.0.tgz
tar -zxvf program-1.0.tgz
cd program-1.0
./configure
make
sudo make install
This will download, extract, compile and install the program in your Ubuntu eco-system.
If you have to do this to a few machines or need to reinstall your computer ever so often, it would simply be easier if you could create a .deb file and simply install the program when you need to which is faster, and you do not need the installation of compiler, make utility, header and dev libraries.
There is a tool called checkinstall which you can install from the Ubuntu repository. To do that, simply run the command:
sudo apt-get install checkinstall
Once that is installed, when you want to create a .deb file, you do pretty much everything like normal but instead of installing the program with "sudo make install", you create a .deb at this point with the command "sudo checkinstall" which will create the .deb file for you.
You can then copy the .deb file into a safe place, and when you need to install in the future, copy the .deb file to your local directory and issue the command "sudo dpkg -i package.deb" which will install the applictaion for you without the need for the source download, dev libraries, compiler, etc.
Note: These are basic instructions that may not always work. Some packages require additional dependencies and optional parameters to be specified in order to build them successfully.
Wednesday, July 8, 2009
Using BackTrack 4 applications on a Ubuntu (8.10 Intrepid) build...
There is a security tools distro called BackTrack which in it's own words:
BackTrack is the most top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
To know more about BackTrack, click here.
The latest version of BackTrack (BackTrack 4) does away with a simple build that is only good for the next six months (you could never really update the build completely). It now uses Ubuntu (8.10 Intrepid) as a base so that application and updates are easily available and updated.
As much as I like BackTrack which uses KDE, I am a GNOME person. Instead of using the BackTrack build, I wanted to use Ubuntu, yet leveraging on the vast amount of tools that BackTrack offers. To do that, you must add the following into your /etc/apt/sources.list file:
Before you can start using the BackTrack repository, you will need to install the GPG key so that the APT tool does not give you an error message saying the repository has no public key. To do that:
wget http://apt.pearsoncomputing.net/public.gpg
sudo apt-key add public.gpg
You can then issue the apt-get update command and download the list of application that the repository hosts and use the Synaptic Package Manager to view what is available and install the applications that you want.
Note, you should only do this on Ubuntu 8.10 Intrepid as all the work the BackTrack team does is using this version of Ubuntu. I am assuming you are well versed in the ways of Ubuntu and know when you need to use root access to do some of the actions stated in this article.
BackTrack is the most top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
To know more about BackTrack, click here.
The latest version of BackTrack (BackTrack 4) does away with a simple build that is only good for the next six months (you could never really update the build completely). It now uses Ubuntu (8.10 Intrepid) as a base so that application and updates are easily available and updated.
As much as I like BackTrack which uses KDE, I am a GNOME person. Instead of using the BackTrack build, I wanted to use Ubuntu, yet leveraging on the vast amount of tools that BackTrack offers. To do that, you must add the following into your /etc/apt/sources.list file:
Before you can start using the BackTrack repository, you will need to install the GPG key so that the APT tool does not give you an error message saying the repository has no public key. To do that:
wget http://apt.pearsoncomputing.net/public.gpg
sudo apt-key add public.gpg
You can then issue the apt-get update command and download the list of application that the repository hosts and use the Synaptic Package Manager to view what is available and install the applications that you want.
Note, you should only do this on Ubuntu 8.10 Intrepid as all the work the BackTrack team does is using this version of Ubuntu. I am assuming you are well versed in the ways of Ubuntu and know when you need to use root access to do some of the actions stated in this article.
Subscribe to:
Posts (Atom)
