Skip to content
Snippets Groups Projects
Commit 0a6be898 authored by Zitnik, Anze's avatar Zitnik, Anze
Browse files

Updated w3af and ZAP. v1.4.5

parent 96d0b134
No related branches found
No related tags found
No related merge requests found
VERSION=v1.4.4
VERSION=v1.4.5
SERVICE=vat-genscan
......@@ -3,10 +3,21 @@
set -e
apt update
apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim
apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim build-essential
cd /tmp
mkdir -p /service
#newer version of pip2 than through apt
wget -nv https://bootstrap.pypa.io/pip/2.7/get-pip.py
python2.7 get-pip.py
# openssl 1.1.1
cd /tmp
wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/openssl/1.1.1-1ubuntu1/openssl_1.1.1.orig.tar.gz
tar xf openssl_1.1.1.orig.tar.gz
cd openssl-1.1.1
./config
make
make install
# make wget use proper root CA certs
printf "\nca_directory=/etc/ssl/certs" | tee -a /etc/wgetrc
......@@ -4,7 +4,7 @@ set -e
cd /tmp
apt install -y libpq-dev
apt install -y libpq-dev libjpeg-dev zlib1g-dev
#rust (needed for cryptography)
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
......@@ -22,4 +22,3 @@ patch /service/cscan/plugin/w3af.py /tmp/w3af-plugin.patch
patch /service/cscan/cscan.py /tmp/cscan.patch
echo "" > /service/cscan/ips.txt
echo "" > /service/cscan/websites.txt
......@@ -5,7 +5,7 @@ backports-abc==0.5
biplist==1.0.3
blinker==1.4
bravado==9.2.2
bravado-core==5.12.1
bravado-core==5.15.0
certifi==2018.11.29
cffi==1.12.2
chardet==3.0.4
......@@ -24,7 +24,7 @@ future==0.17.1
futures==3.2.0
gitdb==0.6.4
gitdb2==2.0.5
GitPython==2.1.3
GitPython==2.1.15
guess-language==0.2
halberd==0.2.4
hpack==3.0.0
......@@ -91,6 +91,7 @@ tblib==0.2.0
termcolor==1.1.0
tldextract==1.7.2
tornado==5.1.1
typing==3.10.0.0
urllib3==1.24.1
urwid==2.0.1
vulndb==0.1.1
......
......@@ -3,7 +3,7 @@
set -e
#requirements for w3af
apt install -y build-essential libxml2-dev libxslt1-dev zlib1g-dev libssl-dev
apt install -y libxml2-dev libxslt1-dev zlib1g-dev
#w3af_api_client for python3
wget -nv https://github.com/andresriancho/w3af-api-client/archive/master.zip
unzip master.zip
......@@ -17,16 +17,17 @@ cd /tmp
#pip (again) only because strict w3af dependency checks
apt install -y python-pip
pip2 install -r /tmp/requirements.txt
pip2 install git+git://github.com/hay/xml2json.git@3a674efad91e0f1e978babc41a72f297d5e5144b
pip2 install https://github.com/hay/xml2json/zipball/master
#node and retire
apt install -y npm
npm install -g retire
npm install -g retire@2.0.3
npm update -g retire
#W3AF
apt install -y libffi-dev libsqlite3-dev libyaml-dev
cd /tmp
wget -nv https://github.com/andresriancho/w3af/archive/1910600684c22c767a1105fbfcb051db73ad1280.zip
unzip -q 1910600684c22c767a1105fbfcb051db73ad1280.zip
mv w3af-1910600684c22c767a1105fbfcb051db73ad1280 /service/w3af
wget -nv https://github.com/andresriancho/w3af/archive/cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip
unzip -q cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip
mv w3af-cd22e5252243a87aaa6d0ddea47cf58dacfe00a9 /service/w3af
## for authenticated scans
#cp ~/extended_generic.py w3af/plugins/auth/
......
......@@ -2,9 +2,8 @@
set -e
apt install -y openjdk-8-jre
apt install -y openjdk-11-jre
cd /tmp
wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.9.0/ZAP_2.9.0_Linux.tar.gz
tar xzf ZAP_2.9.0_Linux.tar.gz
mv ZAP_2.9.0 /service/ZAP
wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz
tar xzf ZAP_2.12.0_Linux.tar.gz
mv ZAP_2.12.0 /service/ZAP
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment