Setup Page

Sw4mp_fox edited this page Dec 22, 2016 · 16 revisions

At the Setup page, you can:

  • Add addresses, address ranges, and hostnames to scan
  • Import Nmap XMLs
  • Add specific URL paths to screenshot
  • Take screenshots of the added hosts and URL paths
  • Test default credentials on all hosts with Cred Test Modules
  • Clear all hosts and interfaces from Kraken
  • Delete screenshots

Step 1

There are three ways to add host data to Kraken:

  • Add addresses, address ranges, or Hostnames to scan.

    This functionality allows you to specify addresses to perform Nmap scans on. For 'Add Address', enter a line or space delimited list of addresses or CIDR address ranges. Individual addresses will have a /32 appended. 'Add Hostname' requires a line delimited list of hostnames. At this point, you must select what you want to scan and click 'Start Scan. This performs the following scan on each selected entry:

       nmap -sV -oX /opt/Kraken/tmp/nmap.xml -p80,280,443,591,593,981,1311,2031,2480,3181,4444,4445,4567,4711,4712,5104,5280,7000,7001,7002,8000,8008,8011,8012,8013,8014,8042,8069,8080,8081,8243,8280,8281,8443,8531,8887,8888,9080,9443,11371,12443,16080,18091,18092
    

    Live hosts are added to the database. After sequential scans, new hosts and stale hosts that were not found during the most recent scan will be indicated in the Inventory Page.

  • Import an Nmap XML.

    Browse to and select an Nmap XML file. Live hosts with one or more of the ports listed above open will be parsed into the Kraken SQLite database.

  • Add specific URL Paths.

    This is useful when you need to screenshot a specific URL path.

Step 2

Step two is simple, take screenshots using the information in the database. By default, this will not overwrite screenshots that have been taken previously. There is a checkbox if you wish to do so. Progress will be tracked as a percentage on the Setup page, and can monitored in the Celery log at /var/log/celery/krakenworker.log.

Optional Actions

  • Test Credentials

    Run default credential checking modules on all hosts identified as having a module by Kraken.

  • Clear Database

    Delete all records in the Hosts and Interfaces tables. Addresses entered in Step 1 will not be deleted with this option, nor will screenshots taken by Kraken.

  • Delete Screenshots

    Delete all of the screenshots taken by Kraken. Screenshots are stored in /opt/Kraken/static/Web_Scout/.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.