diff --git a/MANIFEST b/MANIFEST index 78ea03f4e30115acb4d4e9753b4a6042a2391e41..2ca13de70dfa8347c12426ba7f5dbd2f7acb9568 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1,3 +1,3 @@ -VERSION=v1.4.4 +VERSION=v1.4.5 SERVICE=vat-genscan diff --git a/install/base.sh b/install/base.sh index ff0a28aad3fb372d37cb8a04f6eda6c80939f1b3..11087b14c29b8a6575435584b2a92d269053bd3a 100644 --- a/install/base.sh +++ b/install/base.sh @@ -3,10 +3,21 @@ set -e apt update -apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim +apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim build-essential cd /tmp mkdir -p /service #newer version of pip2 than through apt wget -nv https://bootstrap.pypa.io/pip/2.7/get-pip.py python2.7 get-pip.py +# openssl 1.1.1 +cd /tmp +wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/openssl/1.1.1-1ubuntu1/openssl_1.1.1.orig.tar.gz +tar xf openssl_1.1.1.orig.tar.gz +cd openssl-1.1.1 +./config +make +make install + +# make wget use proper root CA certs +printf "\nca_directory=/etc/ssl/certs" | tee -a /etc/wgetrc diff --git a/install/cscan.sh b/install/cscan.sh index 89f6733ab684a94553a94fb87b43de26d059497b..c8af58fec1f7cb3d1baad6a8cc9aa6b5c921efcc 100644 --- a/install/cscan.sh +++ b/install/cscan.sh @@ -4,7 +4,7 @@ set -e cd /tmp -apt install -y libpq-dev +apt install -y libpq-dev libjpeg-dev zlib1g-dev #rust (needed for cryptography) curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y @@ -22,4 +22,3 @@ patch /service/cscan/plugin/w3af.py /tmp/w3af-plugin.patch patch /service/cscan/cscan.py /tmp/cscan.patch echo "" > /service/cscan/ips.txt echo "" > /service/cscan/websites.txt - diff --git a/install/requirements.txt b/install/requirements.txt index 3cd110fbcff3db4dcba3e9d66db599e7c41e803b..4716d87a318d32dceb339a076ed46cedf7f8bc4e 100644 --- a/install/requirements.txt +++ b/install/requirements.txt @@ -5,7 +5,7 @@ backports-abc==0.5 biplist==1.0.3 blinker==1.4 bravado==9.2.2 -bravado-core==5.12.1 +bravado-core==5.15.0 certifi==2018.11.29 cffi==1.12.2 chardet==3.0.4 @@ -24,7 +24,7 @@ future==0.17.1 futures==3.2.0 gitdb==0.6.4 gitdb2==2.0.5 -GitPython==2.1.3 +GitPython==2.1.15 guess-language==0.2 halberd==0.2.4 hpack==3.0.0 @@ -91,6 +91,7 @@ tblib==0.2.0 termcolor==1.1.0 tldextract==1.7.2 tornado==5.1.1 +typing==3.10.0.0 urllib3==1.24.1 urwid==2.0.1 vulndb==0.1.1 diff --git a/install/w3af.sh b/install/w3af.sh index dddc421db16f4340e74ebaff1d12569b4708bd94..cf0fbcc5ae12a7215e3c08bc8f94399c66392bfc 100644 --- a/install/w3af.sh +++ b/install/w3af.sh @@ -3,7 +3,7 @@ set -e #requirements for w3af -apt install -y build-essential libxml2-dev libxslt1-dev zlib1g-dev libssl-dev +apt install -y libxml2-dev libxslt1-dev zlib1g-dev #w3af_api_client for python3 wget -nv https://github.com/andresriancho/w3af-api-client/archive/master.zip unzip master.zip @@ -17,16 +17,17 @@ cd /tmp #pip (again) only because strict w3af dependency checks apt install -y python-pip pip2 install -r /tmp/requirements.txt -pip2 install git+git://github.com/hay/xml2json.git@3a674efad91e0f1e978babc41a72f297d5e5144b +pip2 install https://github.com/hay/xml2json/zipball/master #node and retire apt install -y npm -npm install -g retire +npm install -g retire@2.0.3 +npm update -g retire #W3AF apt install -y libffi-dev libsqlite3-dev libyaml-dev cd /tmp -wget -nv https://github.com/andresriancho/w3af/archive/1910600684c22c767a1105fbfcb051db73ad1280.zip -unzip -q 1910600684c22c767a1105fbfcb051db73ad1280.zip -mv w3af-1910600684c22c767a1105fbfcb051db73ad1280 /service/w3af +wget -nv https://github.com/andresriancho/w3af/archive/cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip +unzip -q cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip +mv w3af-cd22e5252243a87aaa6d0ddea47cf58dacfe00a9 /service/w3af ## for authenticated scans #cp ~/extended_generic.py w3af/plugins/auth/ diff --git a/install/zap.sh b/install/zap.sh index 13aad098ef72c3e2230358962db5f14c5100a8a2..f8f48324653e5a1423721570f6914bc88a552bf2 100644 --- a/install/zap.sh +++ b/install/zap.sh @@ -2,9 +2,8 @@ set -e -apt install -y openjdk-8-jre +apt install -y openjdk-11-jre cd /tmp -wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.9.0/ZAP_2.9.0_Linux.tar.gz -tar xzf ZAP_2.9.0_Linux.tar.gz -mv ZAP_2.9.0 /service/ZAP - +wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz +tar xzf ZAP_2.12.0_Linux.tar.gz +mv ZAP_2.12.0 /service/ZAP