OWTF 0.40 'Summer Storm III': Added New Installation procedure

README

@@ -36,9 +36,9 @@ Requirements
 
 Installation
 ------------
-- Kali: if you uncompress owtf on /root/owtf/ (i.e. so that you can run it like this /root/owtf/owtf.py you're done :))
-- Other Linux systems: uncompress wherever and then modify config.cfg and perhaps resources.cfg to suit, you can install missing tools for further testing coverage
-- You may also want to run /root/owtf/install/kali_install.sh to install a couple of dependencies needed by 2 plugins
+- Clone owtf repo using git => git clone https://github.com/7a/owtf
+- You may also want to run install/install.py
+- Check out Wiki for more help
 
 FAQ
 ---

framework/config/framework_config.cfg

@@ -1,7 +1,7 @@
 VERSION: 0.40 
 RELEASE: Summer Storm III
 
-INSTALL_SCRIPT: @@@FRAMEWORK_DIR@@@/install.sh
+INSTALL_SCRIPT: @@@FRAMEWORK_DIR@@@/install/install.py
 WEB_TEST_GROUPS: @@@FRAMEWORK_DIR@@@/framework/config/web_testgroups.cfg
 NET_TEST_GROUPS: @@@FRAMEWORK_DIR@@@/framework/config/net_testgroups.cfg
 PLUGINS_DIR: @@@FRAMEWORK_DIR@@@/plugins/

install/install.py

@@ -0,0 +1,94 @@
+#!/usr/bin/env python
+#
+# owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+# Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+# All rights reserved.
+# 
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright 
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the <organization> nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+# 
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+import os
+import ConfigParser
+
+class Installer(object):
+    """
+    This class takes care of installation of various restricted stuff across various linux distros
+    """
+    def __init__(self, RootDir):
+        self.RootDir = RootDir
+        self.owtf_pip = os.path.join(RootDir, "install", "owtf.pip") # OWTF python libraries
+        self.restricted_cfg = os.path.join(RootDir, "install", "restricted.cfg") # Restricted tools and dictionaries which are distro independent
+        self.distros_cfg = os.path.join(RootDir, "install", "linux-distributions.cfg") # Various distros and install scripts
+
+    def create_directory(self, directory):
+        # Create parent directories as necessary
+        try:
+            os.makedirs(directory)
+            return True
+        except OSError:
+            return False
+
+    def run_command(self, command):
+        print("[*] Running following command")
+        print("%s"%(command))
+        os.system(command)
+
+    def install_in_directory(self, directory, command):
+        if self.create_directory(directory):
+            print("[*] Switching to %s"%(directory))
+            os.chdir(directory)
+            self.run_command(command)
+        else:
+            print("[!] Directory %s already exists, so skipping installation for this"%(directory))
+
+    def install_using_pip(self, requirements_file):
+        # Instead of using file directly with pip which can crash because of single library
+        for line in open(requirements_file, 'r').readlines():
+            self.run_command("sudo -E pip install --upgrade %s"%(line))
+
+    def install_restricted_from_cfg(self, config_file):
+        cp = ConfigParser.ConfigParser({"RootDir":self.RootDir})
+        cp.read(config_file)
+        for section in cp.sections():
+            print("[*] Installing %s"%(section))
+            self.install_in_directory(os.path.expanduser(cp.get(section, "directory")), cp.get(section, "command"))
+
+    def install(self):
+        # First all distro independent stuff is installed
+        self.install_restricted_from_cfg(self.restricted_cfg)
+        # User asked to select distro and distro related stuff is installed
+        cp = ConfigParser.ConfigParser({"RootDir":self.RootDir})
+        cp.read(self.distros_cfg)
+        for i in range(0, len(cp.sections())):
+            print("(%d) %s"%(i+1, cp.sections()[i]))
+        distro_num = raw_input("Select a number based on your distribution : ")
+        self.run_command(cp.get(cp.sections()[int(distro_num)-1], "install"))
+        # Finally owtf python libraries installed using pip
+        self.install_using_pip(self.owtf_pip)
+
+if __name__ == "__main__":
+    print("[*] Great that your are installing OWTF :D")
+    print("[!] There will be lot of output, please be patient")
+    RootDir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
+    installer = Installer(RootDir)
+    installer.install()
+    print("[*] Hope everything went fine :)")

tools/bt5_patch_nikto.sh → install/kali/install.sh

@@ -1,10 +1,4 @@
-#!/usr/bin/env bash
-#
-# Description:
-#       Script to fix the nikto config to use a normal-looking User Agent so that we can hopefully bypass simple WAF blacklists
-#
-# Date:    2012-09-24
-#
+#!/usr/bin/env sh
 # owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
 # Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
 # All rights reserved.
@@ -31,18 +25,44 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
-
-NIKTO_CONF_FILE="/pentest/web/nikto/nikto.conf"
-NIKTO_CONF_BACKUP="$NIKTO_CONF_FILE.backup"
-if [ $(grep 'USERAGENT=Mozilla/5.00 (Nikto' $NIKTO_CONF_FILE|wc -l) -gt 0 ]; then
-	echo "Nikto is currently set to display a NIKTO USER AGENT, do you want to replace this with a normal looking one? [y/n]"
-	read a
-	if [ "$a" == "y" ]; then
-		echo "Backing up previous $NIKTO_CONF_FILE to $NIKTO_CONF_BACKUP.."
-		cp $NIKTO_CONF_FILE $NIKTO_CONF_BACKUP
-		echo "Updating nikto configuration to use a normal-looking user agent.."
-		cat $NIKTO_CONF_BACKUP | sed 's|^USERAGENT=Mozilla/5\.00 (Nikto.*$|USERAGENT=Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/15.0|' > $NIKTO_CONF_FILE
+IsInstalled() {
+	directory=$1
+	if [ -d $directory ]; then
+		return 1
+	else
+		return 0
 	fi
+}
+
+RootDir=$1
+
+########### Pip is the foremost thing that must be installed
+sudo -E apt-get install python-pip xvfb xserver-xephyr
+
+############ Tools missing in Kali
+mkdir -p $RootDir/tools/restricted
+cd $RootDir/tools/restricted
+IsInstalled "w3af"
+if [ $? -eq 0 ]; then # Not installed
+    git clone https://github.com/andresriancho/w3af.git
+fi
+"$RootDir/install/kali/kali_patch_w3af.sh"
+
+"$RootDir/install/kali/kali_patch_nikto.sh"
+"$RootDir/install/kali/kali_patch_tlssled.sh"
+
+echo "[*] Installing LBD, arachni and gnutls-bin from Kali Repos"
+sudo -E apt-get install lbd gnutls-bin arachni
+
+###### Dictionaries missing in Kali
+cd $RootDir/dictionaries/restricted
+IsInstalled "dirbuster"
+if [ $? -eq 0 ]; then # Not installed    
+    # Copying dirbuster dicts
+    echo "\n[*] Copying Dirbuster dictionaries"
+    mkdir -p dirbuster
+    cp -r /usr/share/dirbuster/wordlists/. dirbuster/.
+    echo "[*] Done"
 else
-	echo "Nikto configuration is already set to use a normal-looking user agent"
+    echo "WARNING: Dirbuster dictionaries are already installed, skipping"
 fi

tools/kali_patch_w3af.sh → install/kali/kali_patch_w3af.sh

@@ -31,6 +31,13 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
+
+# Install missing stuff needed for w3af in kali
+sudo apt-get install python2.7-dev libsqlite3-dev
+sudo pip install clamd PyGithub GitPython pybloomfiltermmap esmre nltk pdfminer futures guess-language cluster msgpack-python python-ntlm
+sudo pip install git+git://github.com/ramen/phply.git\#egg=phply
+sudo pip install xdot
+
 if [ -f ~/.w3af/startup.conf ]
 then
     if ! grep -i "^accepted-disclaimer = true$" ~/.w3af/startup.conf

install/linux-distributions.cfg

@@ -0,0 +1,2 @@
+[Kali Linux]
+install = sh %(RootDir)s/install/kali/install.sh %(RootDir)s

install/owtf.pip

@@ -0,0 +1,8 @@
+tornado
+pycurl
+jinja2
+lxml
+argparse
+selenium
+rdflib
+pyvirtualdisplay

install/install_git.sh → install/proxy_CA.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env sh
 #
 # owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
-# Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+# Copyright (c) 2014, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
 # All rights reserved.
 # 
 # Redistribution and use in source and binary forms, with or without
@@ -26,18 +26,29 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
+RootDir=$1
 
-echo "[*] This will install the git client for github, you only need this if you are a project contributor!. Continue? [y/N]"
-read choice
+get_config_value(){
+
+    parameter=$1
+    file=$2
+
+    echo "$(grep -i $parameter $file | sed  "s|$parameter: ||g;s|~|$HOME|g")"
+}
 
-if [ "$choice" == "y" ]; then
-	# install git-core, git-gui, and git-doc
-        for cmd in $(echo apt-get#install#git-core#git-gui#git-doc); do
-                cmd=$(echo "$cmd"|tr '#' ' ')
-                echo "[*] Running: $cmd"
-                $cmd
-        done
-fi
+config_file="$RootDir/profiles/general/default.cfg"
+certs_folder=$(get_config_value CERTS_FOLDER $config_file)
+ca_cert=$(get_config_value CA_CERT $config_file)
+ca_key=$(get_config_value CA_KEY $config_file)
 
-echo "Please have a look at this URL for SSH Key setup instructions: http://help.github.com/linux-set-up-git/"
-echo "NOTE: Not brave enough to script that ... for now :)"
+if [ ! -d $certs_folder ]; then
+    mkdir -p $certs_folder
+fi
+if [ ! -f $ca_cert ]; then
+    echo "-----------------------------------------------"
+    echo "[*] Please use \"owtf\" as password for the key"
+    echo "-----------------------------------------------"
+    openssl genrsa -des3 -out "$ca_key" 1024
+    openssl req -new -x509 -days 3650 -key "$ca_key" -out "$ca_cert"
+    echo "\n[*] Donot forget to add the $ca_cert as a trusted CA in your browser"
+fi

install/restricted.cfg

@@ -0,0 +1,42 @@
+[Httprint]
+directory = %(RootDir)s/tools/restricted/httprint
+command = wget "http://www.net-square.com/zip folders/httprint_linux_301.zip"; unzip *.zip; rm -f *.zip
+            cp -rf %(RootDir)s/tools/httprint-signatures.txt %(RootDir)s/tools/restricted/httprint/httprint_301/linux
+
+[Websecurify]
+directory = %(RootDir)s/tools/restricted/websecurify
+command = wget "http://websecurify.googlecode.com/files/Websecurify%20Scanner 0.9.tgz"; tar xvfz *; rm -f *.tgz 2> /dev/null; rm -f *.tar.gz 2> /dev/null
+
+[BIG-IP Decoder]
+directory = %(RootDir)s/tools/restricted/decoding/cookies
+command = wget http://www.taddong.com/tools/BIG-IP_cookie_decoder.zip; unzip *.zip; rm -f *.zip
+
+[Hoppy]
+directory = %(RootDir)s/tools/restricted/hoppy-1.8.1
+command = wget http://labs.portcullis.co.uk/download/hoppy-1.8.1.tar.bz2; bunzip2 *; tar xvf *; rm -f *.tar 2> /dev/null
+
+[SSL cipher Check]
+directory = %(RootDir)s/tools/restricted/ssl/ssl-cipher-check
+command = wget http://unspecific.com/ssl/ssl-cipher-check.pl; chmod 700 *
+
+[CMS Explorer]
+directory = %(RootDir)s/tools/restricted/cms-explorer
+command = sh %(RootDir)s/install/update_convert_cms_explorer_dicts.sh %(RootDir)s
+
+[SVN Digger Dictionaries]
+directory = %(RootDir)s/dictionaries/restricted/svndigger
+command = wget http://www.mavitunasecurity.com/s/research/SVNDigger.zip; unzip *.zip; rm -f *.zip
+
+[Raft Dictionaries]
+directory = %(RootDir)s/dictionaries/restricted/raft
+command = for file in $(ls %(RootDir)s/dictionaries/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/ | grep raft); do
+            ln -s %(RootDir)s/dictionaries/fuzzdb/fuzzdb-1.09/Discovery/PredictableRes/$file %(RootDir)s/dictionaries/restricted/raft/$file
+            done
+
+[Combined Dictionaries]
+directory = %(RootDir)s/dictionaries/restricted/combined
+command = python2 %(RootDir)s/dictionaries/dict_merger_svndigger_raft.py
+
+[Local CA for Inbound Proxy]
+directory = ~/.owtf/proxy
+command = %(RootDir)s/install/proxy_CA.sh %(RootDir)s

dictionaries/update_convert_cms_explorer_dicts.sh → install/update_convert_cms_explorer_dicts.sh

@@ -27,9 +27,13 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
+RootDir=$1
 
-CMS_EXPLORER_DIR="$(dirname $0)/cms-explorer/cms-explorer-1.0"
-CMS_DICTIONARIES_DIR="$(dirname $0)/restricted/cms" 
+wget http://cms-explorer.googlecode.com/files/cms-explorer-1.0.tar.bz2; bunzip2 *; tar xvf *; rm -f *.tar 2> /dev/null
+
+CMS_EXPLORER_DIR="$RootDir/tools/restricted/cms-explorer/cms-explorer-1.0"
+CMS_DICTIONARIES_DIR="$RootDir/dictionaries/restricted/cms" 
+mkdir -p $CMS_DICTIONARIES_DIR
 
 DICTIONARIES="$CMS_EXPLORER_DIR/drupal_plugins.txt
 $CMS_EXPLORER_DIR/joomla_themes.txt