|
Wapiti security tool fails to run with Openvas
I recently installed Wapiti in order to run with Openvas Greenbone Security Desktop on Ubuntu 10.04:
http://www.openvas.org/integrated-tools.html Download page: http://www.ict-romulus.eu/web/wapiti/home Although not listed there, there is a section in the Openvas "Full and Ulimate Deep" scan reports related to Wapiti and it gives this error message: "wapiti could not be found in your system path. OpenVAS was unable to execute wapiti and to perform the scan you requested. Please make sure that wapiti is installed and that wapiti is available in the PATH variable defined for your environment." Based on this I then symlinked the wapiti.py script to both /usr/bin and /usr/sbin but got the same error message. Next based on another suggestion I created a small shellscript to run in $PATH: Code: #!/bin/sh cd //usr/local/src/Wapiti/wapiti-2.2.1/src/ python wapiti.py $* and adding this line to the end of ~/.profile #run wapiti script :/user/scripts/wapiti.sh Still I get a similar error message in the report about Wapiti. "wapiti report filename is empty. that could mean that wrong version of wapiti is used or tmp dir is not accessible. Make sure to have wapiti 2.x as wapiti 1.x is not supported. In short: check installation of wapiti and OpenVAS" I changed the /tmp directory to be user accessible also. user@user:~$ ls -ld /tmp/ drwxrwxrwt 15 user user 53248 2012-03-20 14:36 /tmp/ In this guide, it explains about running wapiti.py: http://www.ict-romulus.eu/web/wapiti.../Users%20Guide ------------------------------------------------------- Examples python wapiti.py http://server.com/base/url/ -o my_report_folder -f html python wapiti.py http://server.com/base/url/ -v 2 This examples works if python executable is in the PATH environment variable and you are in the root directory of Wapiti. In other case you cannot execute the application like in the examples and you have to put all the path to Python executable. For example: Windows: C:\Python25\python C:\Wapiti\wapiti.py http://server.com/base/url/ -o my_report_folder -f html Linux: /usr/bin/python /home/user/wapiti.py http://server.com/base/url/ -o my_report_folder -f html ------------------------------------------------------------- Any help would be appreciated! |
To get around this problem I created a file /usr/bin/wapiti and entered the following:
#!/bin/sh cd /usr/local/wapiti/src/ ./wapiti.py $* chmod +x it, and ensure wapiti.py is also executable. Hope this helps |
Quote:
user@localhost:~$ ls -ld scripts/wapiti.sh -rw-r--r-- 1 user user 167 2012-03-20 15:28 scripts/wapiti.sh user@localost:~$ chmod +x scripts/wapiti.sh user@localhost:~$ ls -ld scripts/wapiti.sh -rwxr-xr-x 1 user user 167 2012-03-20 15:28 scripts/wapiti.sh Also where did you make the script executable in .bashrc or .profile or both? I will run it now to see if it works. |
It didn't work unfortunately:
"wapiti report filename is empty. that could mean that wrong version of wapiti is used or tmp dir is not accessible. Make sure to have wapiti 2.x as wapiti 1.x is not supported. In short: check installation of wapiti and OpenVAS" Do you have Wapiti working with Openvas? If so, can you be more verbose about the wapiti installation, path and directory setup? |
I can certainly try and help, I'm not the strongest person on Linux issues and maybe some of my ways to get things working are "bodged" but when I learn I improve!
Yes, I have a working OV install, well, currently Arachni isn't working but that is an RVM issue which I am working on today, I have had it working previously. With regards the error from Wapiti in the report about it being empty, I have seen this issue crop up on the IRC channel, I believe it is a time out issue, OV, hasn't given the Wapiti long enough to complete so it is empty. Does wapiti run from terminal now and are you using v2.21? If so, see how long a scan on the webserver take? This should give you an idea on setting the time out, I have seen reports of 45 minutes, the default for plugins is set to 320 seconds. |
FYI - My OV installation (v4) is on a Debian squeeze box, default install via the OBS.
|
Quote:
OpenVAS:~# cat /usr/bin/wapiti #!/bin/sh cd /usr/local/wapiti/src/ ./wapiti.py $* OpenVAS:~# chmod +x /usr/bin/wapiti I see from your other posts that we have been installing the supporting apps in the same way! (http://www.hacktoolrepository.com) |
Ok I ran a scan on local web server I set up on the same machine where wapiti is installed but it does not output anything in the index.html.
user@user:/usr/local/wapiti/src$ sudo python wapiti.py http://127.0.1.1 -o my_report_folder -f html [sudo] password for user: Wapiti-2.2.1 (wapiti.sourceforge.net) . Notice ======== This scan has been saved in the file /usr/local/wapiti/src/scans/127.0.1.1.xml You can use it to perform attacks without scanning again the web site with the "-k" parameter[*] Loading modules : mod_crlf, mod_exec, mod_file, mod_sql, mod_xss, mod_backup, mod_htaccess, mod_blindsql, mod_permanentxss, mod_nikto [+] Launching module crlf [+] Launching module exec [+] Launching module file [+] Launching module sql [+] Launching module xss [+] Launching module blindsql [+] Launching module permanentxss Report ------ A report has been generated in the file my_report_folder Open my_report_folder/index.html with a browser to see this report -------------------------------------------------------------------------------------- I use sudo as otherwise, it states there is a "Problem with local nikto database." I have apache listening on 0.0.0.0 but have tried scanning 127.0.0.1 and 127.0.1.1 user@user:/usr/local/wapiti/src$ sudo netstat -tlpn | grep apache tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2040/apache2 The scan only lasts 5 seconds so something is wrong when it is this quick and doesn't detect anything. So I cannot change the default timeout to a suitable time. I will also add the script to /usr/bin but I need to correct this first before proceeding. I have been successful with setting up the other tools with Openvas but this one is problematic. http://imageshack.us/photo/my-images...portcheck.png/ I notice also each scan is saved as index.html which automatically overwrites the previous scan index.html which is not helpful to review past scans. |
I saved the wapiti script to /usr/bin
user@user:~$ ls -ld /usr/bin/wapiti -rwxr--r-- 1 root root 53 2012-03-21 15:14 /usr/bin/wapiti Also made the wapiti.py and vulnerability.py executable: user@user:~$ ls -ld /usr/local/wapiti/src/wapiti.py -rwxr--r-- 1 root root 14632 2012-03-17 21:47 /usr/local/wapiti/src/wapiti.py user@user:~$ ls -ld /usr/local/wapiti/src/vulnerability.py -rwxr--r-- 1 root root 1053 2012-03-17 21:47 /usr/local/wapiti/src/vulnerability.py No change in the Openvas report with the same empty report name error. How did you configure your scan in Openvas (I am using Greenbone security desktop)? I created a new scan config and edited the wapiti plugin to a default timeout of 900 seconds. This did not work either. Can you provide more information on this as it is becoming less clear what the issue is? |
I have only been using GSA, not a big fan of the desktop application, TB, this is all I have done to get this working, sadly I'm not sure what issues you are running into, maybe someone on the IRC channel can help? atomicturtle and minivanmegafun are usually pretty active + very knowledgeable on OV
IRC Channel can be accessed here http://www.linux.hr/openvas/ or via a IRC client connected to OFTC #openvas |
Thanks craig!123, I will ask on the chat forum for openvas.
I was curious to see how you setup your scan config for wapiti on Greenbone security desktop esp. the timeout option for the wapiti plugin. Also the directory setup and permissions for /usr/local/wapiti and /usr/bin/wapiti. If you can assist by showing this, it should help to solve my own wapiti setup. |
Quote:
Ideally, the more information you can provide the better as you seem to be one of a very few to have gotten this working. Essentially, the directory permissions/owner and locations of wapiti package plus any changes you made on Openvas GSAD scan configs/wapiti plugin timeout. The more verbose you can be will remove any current issues I have, i.e. show your exact setup step by step. (I am sure some wapiti install/setup information is missing on my side) |
Ok, I successfully integrated Wapiti-2.2.1 into Openvas as follows:
1. Download wapiti from sourceforge: http://sourceforge.net/projects/wapi...test=nocounter 2. Extract to /usr/local/ 3. Change owner of wapiti directory to root: root@localhost:~# chown -R root:root /usr/local/wapiti-2.2.1/ 4. Make wapiti.py and vulnerability.py executable: root@localhost:~# chmod 755 /usr/local/wapiti-2.2.1/src/wapiti.py root@localhost:~# chmod 755 /usr/local/wapiti-2.2.1/src/vulnerability.py 5. Create wapiti script in /usr/bin root@localhost:~# touch /usr/bin/wapiti root@localhost:~# nano /usr/bin/wapiti 6. Add this to the script: Code:
#!/bin/shCheck permissions and owner: root@localhost:~# ls -ld /usr/bin/wapiti -rwxr-xr-x 1 root root 59 2012-04-10 10:42 /usr/bin/wapiti 8. Now when you run a relevant Openvas scan, you should see the following in the report (note my scan detected no wapiti vulnerabilities): Low NVT: wapiti (NASL wrapper) Here is the wapiti report: Vulnerabilities report -- Wapiti http://wapiti.sourceforge.net/ This report has been generated by Wapiti Web Application Scanner --- End of report --- OID of test routine: 1.3.6.1.4.1.25623.1.0.80110 My own wapiti setup issue was with the permissions and owner of the wapiti script and wapiti source directory as all the advice given to me on this setup neglected to provide this. |
| All times are GMT -5. The time now is 08:18 AM. |