Making Fierce Domain Scanner module

From OWASP Live CD 2008

Jump to: navigation, search

Contents

Get the source for Fierce Domain Scanner

Fierce Domain Scanner is hosted here and that page has a direct link to the Perl source. Grab the .pl file from here and you're good to go.

Create the necessary files in the fakeroot directory

Perl is an interpreted language so no compiling needed. Hurray for interpreted languages. Lets start building what we need in fakeroot:

 # mkdir -p fakeroot/opt/owasp/fierce-domain-scanner
 # mv fierce.pl fakeroot/opt/owasp/fierce-domain-scanner
 # chmod 775 fakeroot/opt/owasp/fierce-domain-scanner/fierce.pl

Fierce needs some CPAN modules also, so lets get them:

 # find / > pre-fierce
 # perl -MCPAN -e shell
        [snip]
 cpan> install Net::DNS 
        [snip]
 cpan> exit
 # find / > post-fierce
 # diff pre-fierce post-fierce > cpan-diff
 # cat cpan-diff | grep -v proc | grep -v root > cpan-install
 # vi cpan-install
     [remove any cruft and modify to copy the installed files to /root/fakeroot]
 # cat cpan-install
mkdir -p /root/fakeroot/usr/bin
cp -a /usr/bin/ptar /root/fakeroot/usr/bin
cp -a /usr/bin/iptab /root/fakeroot/usr/bin
cp -a /usr/bin/ptardiff /root/fakeroot/usr/bin
cp -a /usr/bin/config_data /root/fakeroot/usr/bin
cp -a /usr/bin/shasum /root/fakeroot/usr/bin
     [bunch of lines removed]
 # ./cpan-install

Because Fierce Domain Scanner is a command line tool, we're going to create two startup scripts to be used by the menu item:

 # mkdir -p fakeroot/usr/bin
 # vi fakeroot/usr/bin/startup-fierce
   [create script]
 # cat fakeroot/usr/bin/startup-fierce 
#/bin/sh

echo "      _____ _                     ____                        _        "
echo "     |  ___(_) ___ _ __ ___ ___  |  _ \  ___  _ __ ___   __ _(_)_ __   "
echo "     | |_  | |/ _ \ '__/ __/ _ \ | | | |/ _ \| '_ \` _ \ / _\` | | '_ \  "
echo "     |  _| | |  __/ | | (_|  __/ | |_| | (_) | | | | | | (_| | | | | | "
echo "     |_|   |_|\___|_|  \___\___| |____/ \___/|_| |_| |_|\__,_|_|_| |_| "
echo "                                                                  "
echo "                     ____                                   "
echo "                    / ___|  ___ __ _ _ __  _ __   ___ _ __  "
echo "                    \___ \ / __/ _\` | '_ \| '_ \ / _ \ '__| "
echo "                     ___) | (_| (_| | | | | | | |  __/ |    "
echo "                    |____/ \___\__,_|_| |_|_| |_|\___|_|    "
echo " "
echo " "
echo "               Fierce Domain Scanner - Quickly Scan Domains"
echo "                      (part of the OWASP Live CD)"
echo " "
echo " Fierce is a PERL script that quickly scans domains (usually in just a "
echo " few minutes, assuming no network lag) using several tactics."
echo " Type 'fierce -h' for brief help"
echo " "

We'll also have to make a simple script to put fierce into our path:

 $ vi fakeroot/usr/bin/fierce
     [create script]
 $ cat fakeroot/usr/bin/fierce
#!/bin/bash

cd /opt/owasp/fierce-domain-scanner
./fierce.pl "$@"

Now a menu item:

 $ mkdir -p fakeroot/usr/share/applications
 $ vi fakeroot/usr/share/applications/fierce.desktop
   [create the file]
 $ cat fakeroot/usr/share/applications/fierce.desktop 
[Desktop Entry]
Comment=
Exec[$e]=startup-fierce; bash
GenericName=Fierce Domain Scanner
Icon=/usr/share/pixmaps/fierce-icon.png
Name=DNS Scanning
Path[$e]=
StartupNotify=true
Terminal=1
TerminalOptions=-T "Fierce Domain Scanner - Quickly Scans Domains"
Type=Application
X-KDE-SubstituteUID=false
X-KDE-Username=

For the icon, I wasn't quite sure what to do. I grabbed the semi-rabid off the Fierce Domain Scanner site and used a little Gimp-foo to come up with the icon. Then, I moved that into fakeroot.

  mkdir fakeroot/usr/share/pixmaps
 $ cp temp/fierce-icon.png fakeroot/usr/share/pixmaps/

We should now have everything we need in fakeroot. Give it a final sanity check, then create a new module based on what's in fakeroot:

 # find fakeroot/ | less
 # dir2lzm fakeroot/ fierce-1.0.3.lzm

Test the new modules

SLAX will allow you to add modules to a running system. Before going on, you should install the module and make sure it works like expected. Check out the page Add modules to a running system to see how to do this. Since I had to do a make install before I created the module, I used a freshly booted Live CD to test the module. Verify that fierce works as expected. (use values appropriate to your LAN)

# fierce  -range [IP range e.g. 127.0.0.0-255] -dnsserver [host name or IP e.g. 127.0.0.1]

If everything goes as expected, you'll need to add this module to the ISO image. Since we've created the module in the Live CD, you'll need to move it off to a "real" computer. You can use a USB drive, scp or whatever to get the files off the Live CD.

Add the modules to the ISO build directory

Also cake

 $ cp -i fierce-1.0.3.lzm ../contents/slax/base/
 $ chmod 775 ../contents/slax/base/fierce-1.0.3

This assumes your fierce module was moved into your working directory. See How I created the live CD#Create_a_Working_Directory

Clean up and archive

Once you've got a working module, lets clean up a bit.

 $ $ mkdir ./completed_modules/fierce
 $ mv fierce-1.0.3.lzm ./completed_modules/fierce/
 $ rm -rf ./temp/*
Personal tools