kali-linux 202202 安装w3af命令行版的详细过程
作者:L-DiCaprio 时间:2023-07-14 01:34:01
更换国内源
vi /etc/apt/sources.list
deb https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb-src https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
从github上面下载w3af
https://github.com/andresriancho/w3af
下载完成后放到kali里面去解压就可以,我放在了/usr/w3af目录下面。
查看kali上的python版本
python --version
如果是3.10的版本,再用下面这条命令看kali上面装了几个python版本,一般是3个
ll /usr/bin | grep python
-rwxr-xr-x 1 root root 967 11月 17 2020 apython
-rwxr-xr-x 1 root root 2336 7月 25 2018 dh_python3-ply
-rwxr-xr-x 1 root root 963 1月 24 15:22 ipython3
lrwxrwxrwx 1 root root 23 3月 28 16:47 pdb2.7 -> ../lib/python2.7/pdb.py
lrwxrwxrwx 1 root root 24 3月 24 09:07 pdb3.10 -> ../lib/python3.10/pdb.py
lrwxrwxrwx 1 root root 23 3月 24 09:02 pdb3.9 -> ../lib/python3.9/pdb.py
lrwxrwxrwx 1 root root 31 5月 1 18:33 py3versions -> ../share/python3/py3versions.py
-rwxr-xr-x 1 root root 953 5月 1 2021 pybabel-python3
lrwxrwxrwx 1 root root 24 6月 19 05:41 python -> /etc/alternatives/python
lrwxrwxrwx 1 root root 9 7月 28 2021 python2 -> python2.7
-rwxr-xr-x 1 root root 3533496 3月 28 16:47 python2.7
lrwxrwxrwx 1 root root 33 3月 28 16:47 python2.7-config -> x86_64-linux-gnu-python2.7-config
lrwxrwxrwx 1 root root 10 5月 1 18:33 python3 -> python3.10
-rwxr-xr-x 1 root root 5540696 3月 24 09:07 python3.10
lrwxrwxrwx 1 root root 34 3月 24 09:07 python3.10-config -> x86_64-linux-gnu-python3.10-config
-rwxr-xr-x 1 root root 5447080 3月 24 09:02 python3.9
-rwxr-xr-x 1 root root 963 4月 23 15:15 python3-commonmark
lrwxrwxrwx 1 root root 17 5月 1 18:33 python3-config -> python3.10-config
-rwxr-xr-x 1 root root 960 12月 23 2020 python3-futurize
-rwxr-xr-x 1 root root 964 12月 23 2020 python3-pasteurize
-rwxr-xr-x 1 root root 945 10月 21 2021 python3-qr
-rwxr-xr-x 1 root root 977 3月 27 16:47 python-dotenv
lrwxrwxrwx 1 root root 7 4月 13 11:26 python-faraday -> faraday
lrwxrwxrwx 1 root root 29 7月 28 2021 pyversions -> ../share/python/pyversions.py
-rwxr-xr-x 1 root root 2970 3月 28 16:47 x86_64-linux-gnu-python2.7-config
-rwxr-xr-x 1 root root 3154 3月 24 09:07 x86_64-linux-gnu-python3.10-config
lrwxrwxrwx 1 root root 34 5月 1 18:33 x86_64-linux-gnu-python3-config -> x86_64-linux-gnu-python3.10-config
我的python有2.7,3.9和3.10三个版本。
接下来设置切换python版本:
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
update-alternatives: 使用 /usr/bin/python2.7 来在自动模式中提供 /usr/bin/python (python)
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python3.9 2
update-alternatives: 使用 /usr/bin/python3.9 来在自动模式中提供 /usr/bin/python (python)
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --install /usr/bin/python python /usr/bin/python3.10 3
update-alternatives: 使用 /usr/bin/python3.10 来在自动模式中提供 /usr/bin/python (python)
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# update-alternatives --config python
有 3 个候选项可用于替换 python (提供 /usr/bin/python)。
选择 路径 优先级 状态
------------------------------------------------------------
* 0 /usr/bin/python3.10 3 自动模式
1 /usr/bin/python2.7 1 手动模式
2 /usr/bin/python3.10 3 手动模式
3 /usr/bin/python3.9 2 手动模式
要维持当前值[*]请按<回车键>,或者键入选择的编号:1
update-alternatives: 使用 /usr/bin/python2.7 来在手动模式中提供 /usr/bin/python (python)
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# python --version
Python 2.7.18
设置完成后切换到python2.7版本
下载所需要的依赖包
第一个是pip包
┌──(root㉿kali)-[/usr/w3af/w3af-master/w3af]
└─# wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
--2022-06-19 05:48:07-- https://bootstrap.pypa.io/pip/2.7/get-pip.py
正在解析主机 bootstrap.pypa.io (bootstrap.pypa.io)... 146.75.112.175, 2a04:4e42:8c::175
正在连接 bootstrap.pypa.io (bootstrap.pypa.io)|146.75.112.175|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:1908226 (1.8M) [text/x-python]
正在保存至: “get-pip.py”
get-pip.py 100%[==============================>] 1.82M 31.0KB/s 用时 96s
2022-06-19 05:49:49 (19.5 KB/s) - 已保存 “get-pip.py” [1908226/1908226])
接下来安装pip.py
┌──(root㉿kali)-[/usr/w3af/w3af-master/w3af]
└─# python get-pip.py
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Collecting pip<21.0
Downloading pip-20.3.4-py2.py3-none-any.whl (1.5 MB)
|████████████████████████████████| 1.5 MB 4.0 kB/s
Collecting wheel
Downloading wheel-0.37.1-py2.py3-none-any.whl (35 kB)
Installing collected packages: pip, wheel
Successfully installed pip-20.3.4 wheel-0.37.1
尝试启动
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console
w3af's requirements are not met, one or more third-party libraries need to be installed.
On Kali systems please install the following operating system packages before running the pip installer:
sudo apt-get -y install npm python-setuptools python-pip libssl-dev python2.7-dev libsqlite3-dev libxslt1-dev libyaml-dev
Your python installation needs the following modules to run w3af:
pyclamd github git.util pybloomfilter phply nltk chardet tblib pdfminer concurrent.futures OpenSSL ndg pyasn1 lxml scapy.config guess_language cluster msgpack ntlm Halberd darts.lib.utils jinja2 vulndb markdown psutil ds_store termcolor mitmproxy ruamel.ordereddict Flask yaml tldextract pebble acora esmre diff_match_patch bravado_core lz4 vulners ipaddresses subprocess32
After installing any missing operating system packages, use pip to install the remaining modules:
sudo pip install pyClamd==0.4.0 PyGithub==1.21.0 GitPython==2.1.15 pybloomfiltermmap==0.3.14 phply==0.9.1 nltk==3.0.1 chardet==3.0.4 tblib==0.2.0 pdfminer==20140328 futures==3.2.0 pyOpenSSL==18.0.0 ndg-httpsclient==0.4.0 pyasn1==0.4.2 lxml==3.4.4 scapy==2.4.0 guess-language==0.2 cluster==1.1.1b3 msgpack==0.5.6 python-ntlm==1.0.1 halberd==0.2.4 darts.util.lru==0.5 Jinja2==2.10 vulndb==0.1.1 markdown==2.6.1 psutil==5.4.8 ds-store==1.1.2 termcolor==1.1.0 mitmproxy==0.13 ruamel.ordereddict==0.4.8 Flask==0.10.1 PyYAML==3.12 tldextract==1.7.2 pebble==4.3.8 acora==2.1 esmre==0.3.1 diff-match-patch==20121119 bravado-core==5.15.0 lz4==1.1.0 vulners==1.3.0 ipaddresses==0.0.2 subprocess32==3.5.4
External programs used by w3af are not installed or were not found.Run these commands to install them on your system:
npm install -g retire@2.0.3
npm update -g retire
According to Kali's documentation [0] in order to avoid breaking the packaged w3af version you should run the following commands:
cd ~
apt-get install -y python-pip
pip install --upgrade pip
git clone https/github.com/andresriancho/w3af.git
cd w3af
./w3af_console
. /tmp/w3af_dependency_install.sh
[0] http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/
A script with these commands has been created for you at /tmp/w3af_dependency_install.sh
可以看到w3af为我们保存了一个安装脚本,在 /tmp/w3af_dependency_install.sh。
执行w3af_dependency_install.sh
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# bash /tmp/w3af_dependency_install.sh
接下来会出现很多次time out报错:
Collecting pdfminer==20140328
Downloading pdfminer-20140328.tar.gz (4.1 MB)
|█████████████▌ | 1.7 MB 6.0 kB/s eta 0:06:32ERROR: Exception:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/base_command.py", line 223, in _main
status = self.run(options, args)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/req_command.py", line 180, in wrapper
return func(self, options, args)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/commands/install.py", line 321, in run
reqs, check_supported_wheels=not options.target_dir
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 180, in resolve
discovered_reqs.extend(self._resolve_one(requirement_set, req))
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 385, in _resolve_one
dist = self._get_dist_for(req_to_install)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/resolution/legacy/resolver.py", line 337, in _get_dist_for
dist = self.preparer.prepare_linked_requirement(req)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 480, in prepare_linked_requirement
return self._prepare_linked_requirement(req, parallel_builds)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 505, in _prepare_linked_requirement
self.download_dir, hashes,
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 257, in unpack_url
hashes=hashes,
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/operations/prepare.py", line 130, in get_http_url
from_path, content_type = download(link, temp_dir.path)
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/network/download.py", line 163, in __call__
for chunk in chunks:
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/cli/progress_bars.py", line 168, in iter
for x in it:
File "/usr/local/lib/python2.7/dist-packages/pip/_internal/network/utils.py", line 88, in response_chunks
decode_content=False,
File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 576, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 541, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "/usr/lib/python2.7/contextlib.py", line 35, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python2.7/dist-packages/pip/_vendor/urllib3/response.py", line 451, in _error_catcher
raise ReadTimeoutError(self._pool, None, "Read timed out.")
ReadTimeoutError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Read timed out.
主要原因就是网不好,需要多次尝试,我大概下了20几次把他都下载完了。
最后都下载完成再运行的时候会出现这个:
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console
External programs used by w3af are not installed or were not found.Run these commands to install them on your system:
npm install -g retire@2.0.3
npm update -g retire
According to Kali's documentation [0] in order to avoid breaking the packaged w3af version you should run the following commands:
cd ~
apt-get install -y python-pip
pip install --upgrade pip
git clone https/github.com/andresriancho/w3af.git
cd w3af
./w3af_console
. /tmp/w3af_dependency_install.sh
[0] http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/
A script with these commands has been created for you at /tmp/w3af_dependency_install.sh
这是需要你下载retire@2.0.3和升级它
首先安装npm
┌──(root㉿kali)-[/tmp]
└─# apt-get install npm
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成
npm 已经是最新版 (8.12.1~ds1-1)。
下列软件包是自动安装的并且现在不需要了:
python3-distlib python3-filelock python3-pip-whl python3-platformdirs python3-setuptools-whl
python3-wheel python3-wheel-whl
使用'apt autoremove'来卸载它(它们)。
升级了 0 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 475 个软件包未被升级。
然后再执行:
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# npm install -g retire@2.0.3
启动w3af命令行
在上述安装完毕后,就可以启动w3af命令行版了
┌──(root㉿kali)-[/usr/w3af/w3af-master]
└─# ./w3af_console
/usr/share/offsec-awae-wheels/pyOpenSSL-19.1.0-py2.py3-none-any.whl/OpenSSL/crypto.py:12: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
Usage of w3af for sending any traffic to a target without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
Do you accept the terms and conditions? [N|y] y
来源:https://blog.csdn.net/shroudiwnl/article/details/125381047
标签:kali,安装,w3af
0
投稿猜你喜欢
使用python BeautifulSoup库抓取58手机维修信息
2022-08-10 01:55:20
python实现批量图片格式转换
2021-07-15 16:07:42
JavaScript调试之console.log调试的一个小技巧分享
2023-06-28 17:23:49
用python画个敬业福字代码
2022-04-04 18:36:59
架构师说比起404我们更怕200错误
2022-11-02 20:40:43
Python实现多属性排序的方法
2021-03-11 02:13:57
Python urllib库的使用指南详解
2021-07-08 20:50:57
详解MySQL中的缓冲池(buffer pool)
2024-01-26 01:05:53
Python的Flask框架中SQLAlchemy使用时的乱码问题解决
2023-01-23 01:59:51
PyCharm取消波浪线、下划线和中划线的实现
2021-11-27 02:17:27
pytorch使用tensorboardX进行loss可视化实例
2021-04-07 20:17:36
Matlab常用的输出命令disp与fprintf解读
2022-03-18 17:13:58
如何利用Java正则表达式校验密码规则
2022-07-22 02:05:13
Rel与CSS的联合使用
2010-02-20 13:03:00
一文教你如何优雅处理Golang中的异常
2024-02-13 21:32:33
微信小程序嵌入腾讯视频源过程详解
2024-04-18 10:10:25
PyTorch加载模型model.load_state_dict()问题及解决
2022-11-08 07:03:53
python3 删除所有自定义变量的操作
2023-09-26 03:26:08
如何利用FFmpeg合并音频和视频(多种方式)
2022-03-09 10:58:58
python中添加模块导入路径的方法
2021-12-17 14:35:30