Making DirBuster module
From OWASP Live CD 2008
Contents |
Get the Binary for DirBuster
Go to the DirBuster website and navigate to the download section. In the downloads section, you'll see links to the releases, source and directory listing downloads for DirBuster. Grab the latest .tar.bz2 version which is DirBuster-0.11.1.tar.bz2 at the time of this writing.
Go ahead and extract the download into the working/temp directory:
$ cp /home/mtesauro/owasp-live-cd/tools-in-SoC-release/DirBuster-0.11.1.tar.bz2 temp/ $ cd temp/ $ tar -xjvf DirBuster-0.11.1.tar.bz2 $ cd ../../
Create the needed directories in fakeroot
Eventually, we'll use dir2lzm to make the module, so lets get the directories created that we need:
$ mkdir -p ./fakeroot/opt/owasp/ $ mkdir -p ./fakeroot/usr/bin $ mkdir -p ./fakeroot/usr/share/aplications $ mkdir -p ./fakeroot/usr/share/pixmaps
Create and put the module's files into the fakeroot directory
Since we are getting a pre-compiled binary, lets get the application file where it needs to go.
$ mv temp/DirBuster-0.11.1 fakeroot/opt/owasp/ $ mv fakeroot/opt/owasp/DirBuster-0.11.1 fakeroot/opt/owasp/dirbuster
Next, well need a script to start DirBuster in fakeroot/usr/bin. This one is very easy:
$ vi fakeroot/usr/bin/dirbuster [create script] $ cat fakeroot/usr/bin/dirbuster #!/bin/sh cd /opt/owasp/dirbuster/ java -jar DirBuster-0.11.1.jar
Creating DirBuster's menu file is rather simple. Use a text editor and create the file dirbuster.desktop
$ vi fakeroot/usr/share/applications/dirbuster.desktop [create the file] $ cat fakeroot/usr/share/applications/dirbuster.desktop [Desktop Entry] Encoding=UTF-8 Exec=dirbuster Icon=/usr/share/pixmaps/dirbuster-icon.png Type=Application Categories=Application;Network; Name=Directory Brute Forcer Name[cs]=Directory Brute Forcer GenericName=DirBuster GenericName[cs]=DirBuster MimeType=text/html X-KDE-StartupNotify=true
The icon was a bit interesting. I did find icon of sorts in the source download called duck.gif in the /com/sittinglittleduck/DirBuster/images/ directory. I then used Gimp to save that as a 48x48 .png file called dirbuster-icon.png in the working/temp directory. I then moved that into fakeroot.
cp ./temp/dirbuster-icon.png ./fakeroot/usr/share/pixmaps/
DirBuster requires Java. I've already created a Java module. I document how I did that in Making the Java module.
Everything is in place to create the modules, a quick final check:
find fakeroot fakeroot/ fakeroot/opt fakeroot/opt/owasp fakeroot/opt/owasp/dirbuster fakeroot/opt/owasp/dirbuster/directory-list-2.3-medium.txt ...
Generate the .lzm module
This is the easy part.
$ ./dir2lzm ./fakeroot dirbuster-0.11.1.lzm
Add the modules to the ISO build directory
Also cake
$ cp -i dirbuster-0.11.1.lzm ../contents/slax/base/ $ chmod 775 ../contents/slax/base/dirbuster-0.11.1.lzm
Test the new module
I like scp'ing the new modules into a running Live CD and using the Module Manager to Add modules to a running system. I typically have the Live CD running in a VM while I create modules so its already up and ready.
You can also gen a new ISO and run it in a VM of your choice.
$ cd ../contents/slax/ $ ./make_iso.sh /home/mtesauro/isos/new-owasp.iso
If anything doesn't work as expected, make the changes needed to ./fakeroot and try again.
Clean up and archive
Once you've got a working module, lets clean up a bit.
$ $ mkdir ./completed_modules/dirbuster $ mv dirbuster-0.11.1.lzm ./completed_modules/dirbuster/ $ mv temp/DirBuster-0.11.1.tar.bz2 ./completed_modules/dirbuster/ $ mv temp/dirbuster-icon.png ./completed_modules/dirbuster/ $ rm -rf ./temp/*
I usually delete anything under ./fakeroot also.
$ rm -rf ./fakeroot/*
