kali-linux 202202 安装w3af命令行版的详细过程

来自:网络
时间:2022-06-21
阅读:
免费资源网,https://freexyz.cn/
目录

更换国内源

vi /etc/apt/sources.list
deb https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb-src https://mirrors.aliyun.com/kali kali-rolling main non-free contrib

从github上面下载w3af

https://github.com/andresriancho/w3af

下载完成后放到kali里面去解压就可以,我放在了/usr/w3af目录下面。

查看kali上的python版本

python --version

如果是3.10的版本,再用下面这条命令看kali上面装了几个python版本,一般是3个

ll /usr/bin | grep python
-rwxr-xr-x 1 root root           967 11月 17  2020 apython
-rwxr-xr-x 1 root root          2336  7月 25  2018 dh_python3-ply
-rwxr-xr-x 1 root root           963  1月 24 15:22 ipython3
lrwxrwxrwx 1 root root            23  3月 28 16:47 pdb2.7 -> ../lib/python2.7/pdb.py
lrwxrwxrwx 1 root root            24  3月 24 09:07 pdb3.10 -> ../lib/python3.10/pdb.py
lrwxrwxrwx 1 root root            23  3月 24 09:02 pdb3.9 -> ../lib/python3.9/pdb.py
lrwxrwxrwx 1 root root            31  5月  1 18:33 py3versions -> ../share/python3/py3versions.py
-rwxr-xr-x 1 root root           953  5月  1  2021 pybabel-python3
lrwxrwxrwx 1 root root            24  6月 19 05:41 python -> /etc/alternatives/python
lrwxrwxrwx 1 root root             9  7月 28  2021 python2 -> python2.7
-rwxr-xr-x 1 root root       3533496  3月 28 16:47 python2.7
lrwxrwxrwx 1 root root            33  3月 28 16:47 python2.7-config -> x86_64-linux-gnu-python2.7-config
lrwxrwxrwx 1 root root            10  5月  1 18:33 python3 -> python3.10
-rwxr-xr-x 1 root root       5540696  3月 24 09:07 python3.10
lrwxrwxrwx 1 root root            34  3月 24 09:07 python3.10-config -> x86_64-linux-gnu-python3.10-config
-rwxr-xr-x 1 root root       5447080  3月 24 09:02 python3.9
-rwxr-xr-x 1 root root           963  4月 23 15:15 python3-commonmark
lrwxrwxrwx 1 root root            17  5月  1 18:33 python3-config -> python3.10-config
-rwxr-xr-x 1 root root           960 12月 23  2020 python3-futurize
-rwxr-xr-x 1 root root           964 12月 23  2020 python3-pasteurize
-rwxr-xr-x 1 root root           945 10月 21  2021 python3-qr
-rwxr-xr-x 1 root root           977  3月 27 16:47 python-dotenv
lrwxrwxrwx 1 root root             7  4月 13 11:26 python-faraday -> faraday
lrwxrwxrwx 1 root root            29  7月 28  2021 pyversions -> ../share/python/pyversions.py
-rwxr-xr-x 1 root root          2970  3月 28 16:47 x86_64-linux-gnu-python2.7-config
-rwxr-xr-x 1 root root          3154  3月 24 09:07 x86_64-linux-gnu-python3.10-config
lrwxrwxrwx 1 root root            34  5月  1 18:33 x86_64-linux-gnu-python3-config -> x86_64-linux-gnu-python3.10-config

我的python有2.7,3.9和3.10三个版本。

接下来设置切换python版本:

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
update-alternatives: 使用 /usr/bin/python2.7 来在自动模式中提供 /usr/bin/python (python)
                                                                             
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python3.9 2
update-alternatives: 使用 /usr/bin/python3.9 来在自动模式中提供 /usr/bin/python (python)
                                                                             
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python3.10 3
update-alternatives: 使用 /usr/bin/python3.10 来在自动模式中提供 /usr/bin/python (python)
                                                                             
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --config python
有 3 个候选项可用于替换 python (提供 /usr/bin/python)。

  选择       路径               优先级  状态
------------------------------------------------------------
* 0            /usr/bin/python3.10   3         自动模式
  1            /usr/bin/python2.7    1         手动模式
  2            /usr/bin/python3.10   3         手动模式
  3            /usr/bin/python3.9    2         手动模式

要维持当前值[*]请按<回车键>,或者键入选择的编号:1
update-alternatives: 使用 /usr/bin/python2.7 来在手动模式中提供 /usr/bin/python (python)
                                                                             
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# python --version
Python 2.7.18

设置完成后切换到python2.7版本

下载所需要的依赖包

第一个是pip包

┌──(root㉿kali)-[/usr/w3af/w3af-master/w3af]
└─# wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
--2022-06-19 05:48:07--  https://bootstrap.pypa.io/pip/2.7/get-pip.py
正在解析主机 bootstrap.pypa.io (bootstrap.pypa.io)... 146.75.112.175, 2a04:4e42:8c::175
正在连接 bootstrap.pypa.io (bootstrap.pypa.io)|146.75.112.175|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:1908226 (1.8M) [text/x-python]
正在保存至: “get-pip.py”

get-pip.py              100%[==============================>]   1.82M  31.0KB/s  用时 96s     

2022-06-19 05:49:49 (19.5 KB/s) - 已保存 “get-pip.py” [1908226/1908226])

接下来安装pip.py

┌──(root㉿kali)-[/usr/w3af/w3af-master/w3af]
└─# python get-pip.py 
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.                                                                                         
Collecting pip<21.0
  Downloading pip-20.3.4-py2.py3-none-any.whl (1.5 MB)
     |████████████████████████████████| 1.5 MB 4.0 kB/s 
Collecting wheel
  Downloading wheel-0.37.1-py2.py3-none-any.whl (35 kB)
Installing collected packages: pip, wheel
Successfully installed pip-20.3.4 wheel-0.37.1

尝试启动

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console 
w3af's requirements are not met, one or more third-party libraries need to be installed.

On Kali systems please install the following operating system packages before running the pip installer:
    sudo apt-get -y install npm python-setuptools python-pip libssl-dev python2.7-dev libsqlite3-dev libxslt1-dev libyaml-dev

Your python installation needs the following modules to run w3af:
    pyclamd github git.util pybloomfilter phply nltk chardet tblib pdfminer concurrent.futures OpenSSL ndg pyasn1 lxml scapy.config guess_language cluster msgpack ntlm Halberd darts.lib.utils jinja2 vulndb markdown psutil ds_store termcolor mitmproxy ruamel.ordereddict Flask yaml tldextract pebble acora esmre diff_match_patch bravado_core lz4 vulners ipaddresses subprocess32

After installing any missing operating system packages, use pip to install the remaining modules:
    sudo pip install pyClamd==0.4.0 PyGithub==1.21.0 GitPython==2.1.15 pybloomfiltermmap==0.3.14 phply==0.9.1 nltk==3.0.1 chardet==3.0.4 tblib==0.2.0 pdfminer==20140328 futures==3.2.0 pyOpenSSL==18.0.0 ndg-httpsclient==0.4.0 pyasn1==0.4.2 lxml==3.4.4 scapy==2.4.0 guess-language==0.2 cluster==1.1.1b3 msgpack==0.5.6 python-ntlm==1.0.1 halberd==0.2.4 darts.util.lru==0.5 Jinja2==2.10 vulndb==0.1.1 markdown==2.6.1 psutil==5.4.8 ds-store==1.1.2 termcolor==1.1.0 mitmproxy==0.13 ruamel.ordereddict==0.4.8 Flask==0.10.1 PyYAML==3.12 tldextract==1.7.2 pebble==4.3.8 acora==2.1 esmre==0.3.1 diff-match-patch==20121119 bravado-core==5.15.0 lz4==1.1.0 vulners==1.3.0 ipaddresses==0.0.2 subprocess32==3.5.4

External programs used by w3af are not installed or were not found.Run these commands to install them on your system:

    npm install -g retire@2.0.3
    npm update -g retire


According to Kali's documentation [0] in order to avoid breaking the packaged w3af version you should run the following commands:

cd ~
apt-get install -y python-pip
pip install --upgrade pip
git clone https/github.com/andresriancho/w3af.git
cd w3af
./w3af_console
. /tmp/w3af_dependency_install.sh

[0] http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/

A script with these commands has been created for you at /tmp/w3af_dependency_install.sh

可以看到w3af为我们保存了一个安装脚本,在 /tmp/w3af_dependency_install.sh

执行w3af_dependency_install.sh

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# bash /tmp/w3af_dependency_install.sh

接下来会出现很多次time out报错:

Collecting pdfminer==20140328
  Downloading pdfminer-20140328.tar.gz (4.1 MB)
     |█████████████▌                  | 1.7 MB 6.0 kB/s eta 0:06:32ERROR: Exception:
Traceback (most recent call last):                                                             
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/base_command.py", line 223, in _main                                                                                         
    status = self.run(options, args)                                                           
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/req_command.py", line 180, in wrapper                                                                                        
    return func(self, options, args)                                                           
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/commands/install.py", line 321, in run                                                                                           
    reqs, check_supported_wheels=not options.target_dir                                        
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 180, in resolve                                                                             
    discovered_reqs.extend(self._resolve_one(requirement_set, req))                            
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 385, in _resolve_one                                                                        
    dist = self._get_dist_for(req_to_install)                                                  
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 337, in _get_dist_for                                                                       
    dist = self.preparer.prepare_linked_requirement(req)                                       
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 480, in prepare_linked_requirement                                                                  
    return self._prepare_linked_requirement(req, parallel_builds)                              
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 505, in _prepare_linked_requirement                                                                 
    self.download_dir, hashes,                                                                 
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 257, in unpack_url                                                                                  
    hashes=hashes,                                                                             
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 130, in get_http_url                                                                                
    from_path, content_type = download(link, temp_dir.path)                                    
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/network/download.py", line 163, in __call__                                                                                      
    for chunk in chunks:                                                                       
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/progress_bars.py", line 168, in iter                                                                                         
    for x in it:                                                                               
  File "/usr/local/lib/python2.7/dist-packages/pip/_internal/network/utils.py", line 88, in response_chunks                                                                                   
    decode_content=False,                                                                      
  File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 576, in stream                                                                                          
    data = self.read(amt=amt, decode_content=decode_content)                                   
  File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 541, in read                                                                                            
    raise IncompleteRead(self._fp_bytes_read, self.length_remaining)                           
  File "/usr/lib/python2.7/contextlib.py", line 35, in __exit__                                
    self.gen.throw(type, value, traceback)                                                     
  File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 451, in _error_catcher                                                                                  
    raise ReadTimeoutError(self._pool, None, "Read timed out.")                                
ReadTimeoutError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Read timed out.

主要原因就是网不好,需要多次尝试,我大概下了20几次把他都下载完了。

最后都下载完成再运行的时候会出现这个:

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console                      
External programs used by w3af are not installed or were not found.Run these commands to install them on your system:

    npm install -g retire@2.0.3
    npm update -g retire


According to Kali's documentation [0] in order to avoid breaking the packaged w3af version you should run the following commands:

cd ~
apt-get install -y python-pip
pip install --upgrade pip
git clone https/github.com/andresriancho/w3af.git
cd w3af
./w3af_console
. /tmp/w3af_dependency_install.sh

[0] http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/

A script with these commands has been created for you at /tmp/w3af_dependency_install.sh

这是需要你下载retire@2.0.3和升级它

首先安装npm

┌──(root㉿kali)-[/tmp]
└─# apt-get install npm
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成                 
npm 已经是最新版 (8.12.1~ds1-1)。
下列软件包是自动安装的并且现在不需要了:
  python3-distlib python3-filelock python3-pip-whl python3-platformdirs python3-setuptools-whl
  python3-wheel python3-wheel-whl
使用'apt autoremove'来卸载它(它们)。
升级了 0 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 475 个软件包未被升级。

然后再执行:

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# npm install -g retire@2.0.3

启动w3af命令行

在上述安装完毕后,就可以启动w3af命令行版了

┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console             
/usr/share/offsec-awae-wheels/pyOpenSSL-19.1.0-py2.py3-none-any.whl/OpenSSL/crypto.py:12: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
Usage of w3af for sending any traffic to a target without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Do you accept the terms and conditions? [N|y] y
免费资源网,https://freexyz.cn/
返回顶部
顶部