Hands-On Bug Hunting for Penetration Testers
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Technical Requirements

For this chapter, in addition to our existing Burp and Burp Proxy integration with Chrome (66.0.3359.139), we'll also be using sqlmap, a CLI tool for detecting SQL- and NoSQL-based injections. sqlmap can be installed using Homebrew with brew install sqlmap and is also available as a Python module installable via pip. sqlmap is a popular tool, so there should be an installation path for you whatever your system.

We'll also be using Arachni as our go-to scanner. Though noisy, scanners can be indispensable for the appropriate situation, and are great at flushing out otherwise hard-to-detect bugs. Arachni is an excellent choice because it's open source, multi-threaded, extensible via plugins, and has a great CLI that allows it to be worked into other automated workflows. Arachni is easy to install; you can install it as a gem (gem install arachni) or you can simply download the official packages straight from the installation site.

Please install Arachni from the site's Download page at  http://www.arachni-scanner.com/download/#Mac-OSX.

After you've installed it, if you've downloaded the packages for the appropriate system, you'll want to move them to wherever is appropriate within your system.

Then you can create a symlink (symbolic link) so that all the arachni CLI packages will be available within your path (fill in the correct path to your arachni installation):

sudo ln -s /Path/to/arachni-1.5.1-0.5.12/bin/arachni* /usr/local/bin

You might find that, after you symlink your arachni executables to your path, you receive the following error:

/usr/local/bin/arachni: line 3: /usr/local/bin/readlink_f.sh: No such file or directory
/usr/local/bin/arachni: line 4: readlink_f: command not found
/usr/local/bin/arachni: line 4: ./../system/setenv: No such file or directory

If you receive this error, simply symlink, copy, or move the readlink_f.sh script from your arachni installation's bin directory to your own path. In this case, we'll symlink it:

sudo ln -s /Path/to/arachni-1.5.1-0.5.12/bin/readlink_f.sh /usr/local/bin/readline_f.sh

Now when we use arachni later in the chapter, we can invoke it directly, as opposed to having to type the full path each time.

上一章目录下一章