emba installation with proxy #217
Comments
|
I have currently not tried to install EMBA with a proxy. So let's try it ;) First, could you try to update/populate the cve-database manually: |
m-1-k-3
added
bug
|
I tried it but I get an error: $ sudo ./external/cve-search/sbin/db_updater.py -v -f I did the same installation without proxy on a different machine and it worked well, but I would like to use the emba in a powerful company workstation and I must use proxy to get any internet access. |
|
Is your installation corrupt? Could you do a quick check if the rest of cve-search is correctly installed. |
|
Right now it gives this: What I have done before: Opened in VMware Workstation Pro. chsh -s /bin/bashchsh -s /bin/bash kaliSet the proxy settings as described in the original message above. Insatlled docker and set the proxy as well for docker. Then: and the installer was not able to install pip requirements in this case. If I do the same without proxy on a different machine it will works fine. $ sudo xargs apt-get install -y < requirements.system I don't know how to set up proxy for pip to get the emba installer use it automatically. |
|
Now I have this: |
|
Is the python error now gone and can you update your cve-search database now? |
|
I tried it but I couldn't update the database: $ pip3 list | grep nested ┌──(kali㉿kali)-[~/emba] I repeated the whole installation process and the setup just stopped again the same point with the error above. If I do the same as root user it is working but as kali I am not able to install emba. |
|
I also tried this command: $ ./sbin/db_mgmt_cpe_dictionary.py -p but I got an error again:( |
|
pip packages are not global |
|
I see. I installed the packages as root & kali: (root💀kali)-[/home/kali/emba/cve-search] ┌──(root💀kali)-[/home/kali/emba/cve-search] ┌──(kali㉿kali)-[~/emba/external/cve-search] ┌──(kali㉿kali)-[~/emba/external/cve-search] The issue is that if I don't use PROXY the default installation process works perfectly: $ git clone emba If I set proxy settings the installer fails. I tried it many times. A few days ago I was install emba with kali user, the installer failed at the same point but I was able to execute these: $ cd ~/emba/external/cve-search/ and I started a firmware scan which looked fine, but the CVE-search part did not work at all. Would it be possible to install emba with PROXY on your side and compare the results? Thank you very much. |
|
But the error is changing :) So, there is some progress. Now we have a Redis auth error. Please check the credentials in external/cve-search/etc/configuration.ini and compare it with the /etc/redis/redis.conf credentials. They need to match. Currently I have no proxy environment but I put this on my todo list. |
|
Good morning, In the configuration.ini file I have these parameters: [Redis] [Database] [dbmgt] [FulltextIndex] [Webserver] [Logging] [Proxy] [CVE] and in the redis.conf is this: bind 127.0.0.1 ::1 In the configuration.ini file's [Proxy] section is it ok with blank parameter? |
|
Hello Michael, Hello Benedikt, I know it is long but I did yesterday night a brand new installation with emba with proxy and I would like to share with you all the steps what I did. Some of them can be unnecessary but behind proxy the default very easy installer way is not working for me. VMware Workstation Pro 16.2.2 As root: chsh -s /bin/bashchsh -s /bin/bash kalilogout / login Proxy Setup logout / login Docker Install & Proxy Setup $ sudp apt upgrade As kali user: I clone the cve-search by manually because I have to install the prerequisites, let's do it: $ cd cve-search pip3 install -r requirements.txtVerify: pip freeze | grep pymongoexit All of them work fine in this way. MongoDB installation MongoDB is running fine. and now emba installation: $ cd ~/emba but the installer fails at the CPE Downloads section:
and now I am doing manual download with these commands: $ cd ~/emba/external/cve-search/ I am doing right now this, it takes some time to get all the DB content to be ready but if I add the command one by one it is working as kali user:
I would like to use EMBArk in this proxy environment but without successful emba installation I have no chance to install EMBArk. |
|
I finished the manul CPE DB download and I could start an emba scan with -p /scan_profiles/full_scan.emba and the cve-search part is working fine!!! This is the first time when it is working with kali user and PROXY installation. In the future it would be nice to fine tune the installation process because the above way is not the best for sure but it works. |
|
During the installation I have 3 warnings: I would like to mount an external filesystem in /mnt/emba_logs/ folder to have enough space for the tests, would these environment variables be fine to ignore the warning messages? EMBA='/home/kali/emba/' |
|
Great to hear that you have managed the installation. Thank you very much for detailed explanation and the howto. Currently I work on a redesign of the installer. As soon as we are ready with this update I will check the proxy installation topic again. You do not need to set the variables. Just configure the emba startup command with the following parameters: Hope that helps. |
|
Thanks, I just wanted to skip the warnings during the install but it does not count. Have a nice day! |
|
Linked this issue from the wiki https://github.com/e-m-b-a/emba/wiki/Installation#random-installation-topics I will close this for now and come back to it later |
|
FAQ is also updated: https://github.com/e-m-b-a/emba/wiki/FAQ |
Describe the bug
I am using kali 2021.4 and I have to set up proxy to get internet access. I set the following parameters on my linux:
HTTP_PROXY=A.B.C.D:1234
HTTPS_PROXY=A.B.C.D:1234
NO_PROXY=localhost,127.0.,127.36.
echo "http_proxy=http://${HTTP_PROXY}/" >>/etc/environment &&
echo "https_proxy=http://${HTTPS_PROXY}/" >>/etc/environment &&
echo "no_proxy=${NO_PROXY}" >>/etc/environment
I set the proxy for APT:
touch /etc/apt/apt.conf.d/proxy.conf &&
echo "Acquire::http::Proxy "http://${HTTP_PROXY}";" >>/etc/apt/apt.conf.d/proxy.conf &&
echo "Acquire::https::Proxy "http://${HTTPS_PROXY}";" >>/etc/apt/apt.conf.d/proxy.conf
export:
export http_proxy=${HTTP_PROXY}
export https_proxy=${HTTPS_PROXY}
export no_proxy=${NO_PROXY}
proxy for wget as root:
cp /etc/wgetrc /root/.wgetrc
echo -e "use_proxy = on\nhttp_proxy = http://${HTTP_PROXY}\nhttps_proxy = http://${HTTPS_PROXY}\nftp_proxy = http://${HTTP_PROXY}" >>/root/.wgetrc
proxy for wget as kali:
cp /etc/wgetrc /home/kali/.wgetrc
echo -e "use_proxy = on\nhttp_proxy = http://${HTTP_PROXY}\nhttps_proxy = http://${HTTPS_PROXY}\nftp_proxy = http://${HTTP_PROXY}" >>/home/kali/.wgetrc
and I set proxy for Git:
git config --global http.proxy http://${HTTP_PROXY}
git config --global https.proxy http://${HTTPS_PROXY}
apt upgrade and reboot, and I git lone the emba, then cd ~emba, then:
sudo ./isntaller.sh -d
All the things are fine but after mongoDB installation the setup failes. This is on the screen:
Adding user
mongodb' to groupmongodb' ...Adding user mongodb to group mongodb
Done.
Setting up mongodb-org-shell (4.4.12) ...
Setting up mongodb-database-tools (100.5.2) ...
Setting up mongodb-org-mongos (4.4.12) ...
Setting up mongodb-org-database-tools-extra (4.4.12) ...
Setting up mongodb-org-tools (4.4.12) ...
Setting up mongodb-org (4.4.12) ...
Processing triggers for man-db (2.9.4-2) ...
Processing triggers for kali-menu (2021.4.2) ...
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
Created symlink /etc/systemd/system/multi-user.target.wants/mongod.service → /lib/systemd/system/mongod.service.
The cve-search database will be downloaded and updated!
Check if the cve-search database is already installed.
cve-search database not ready.
The installer is going to populate the database.
Starting redis-server (via systemctl): redis-server.service.
Traceback (most recent call last):
File "/home/kali/emba/external/cve-search/./sbin/db_mgmt_cpe_dictionary.py", line 27, in
from lib.Sources_process import CPEDownloads
File "/home/kali/emba/external/cve-search/sbin/../lib/Sources_process.py", line 13, in
from pymongo import TEXT, ASCENDING
ModuleNotFoundError: No module named 'pymongo'
Traceback (most recent call last):
File "/home/kali/emba/external/cve-search/./sbin/db_mgmt_json.py", line 22, in
from lib.Sources_process import CVEDownloads
File "/home/kali/emba/external/cve-search/sbin/../lib/Sources_process.py", line 13, in
from pymongo import TEXT, ASCENDING
ModuleNotFoundError: No module named 'pymongo'
Traceback (most recent call last):
File "/home/kali/emba/external/cve-search/./sbin/db_updater.py", line 21, in
from lib.DatabaseSchemaChecker import SchemaChecker
File "/home/kali/emba/external/cve-search/sbin/../lib/DatabaseSchemaChecker.py", line 7, in
from lib.DatabaseHandler import DatabaseHandler
File "/home/kali/emba/external/cve-search/sbin/../lib/DatabaseHandler.py", line 1, in
from lib.ApiRequests import JSONApiRequest
File "/home/kali/emba/external/cve-search/sbin/../lib/ApiRequests.py", line 5, in
from nested_lookup import nested_lookup, nested_update
ModuleNotFoundError: No module named 'nested_lookup'
The cron.daily update script for EMBA is located in config/emba_updater
For automatic updates it should be copied to /etc/cron.daily/
Installation notes:
INFO: The cron.daily update script for EMBA is located in config/emba_updater
INFO: For automatic updates it should be copied to /etc/cron.daily/
INFO: For manual updates just start it via sudo ./config/emba_updater
WARNING: If you plan using the emulator (-E switch) your host and your internal network needs to be protected.
INFO: Do not forget to checkout current development of EMBA at https://github.com/e-m-b-a.
EMBA installation finished
and I get back the prompt.
Could you help what other proxy settings required to get the installation go through the entire process?
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Please verify my proxy settings and if possible please give any advice what to do for population the CVE database by the instalation script as kali user:
$ sudo ./installer.sh -d
Screenshots
I copied the error message above.
Desktop (please complete the following information):
Additional context
Proxy must be set but I am not sure I defined all the needed parameters for the emba installer.
The text was updated successfully, but these errors were encountered: