Making Rat Proxy module
From OWASP Live CD 2008
Contents |
Get the source for Rat Proxy
The home page for Rat Proxy is a Google Code page. Go to the downloads tab to get to the latest source code which is ratproxy-1.53.tar.gz at this time. There are no md5 or sha1 hashes so that file is all you will need.
Compile the source and complete the package
Since we're doing this from source, its best to download the source into a running version of the Live CD. We can then do the compilation there to make sure the Live CD has all the necessary dependencies.
First get the source into the Live CD. Scp them over from your primary box and then extract both files in the same directory
# mkdir build # cd build # scp matt@matt-box.example.com:/home/matt/download/ratproxy-1.53.tar.gz ./ # tar -xzvf ratproxy-1.53.tar.gz
So far so good. Now to install this guy. Unfortunately, we can't the the normal the 3 step Linux install dance since there isn't a configure script nor is there a install target for make. No problem.
# find ratproxy/ > pre-make # cd ratproxy-1.53 # make cc ratproxy.c -o ratproxy -Wall -O3 -Wno-pointer-sign -D_GNU_SOURCE http.c mime.c ssl.c -lcrypto -lssl # cd .. # find ratproxy/ > post-make # diff pre-make post-make > rat-files # vi rat-files
The compile was clean and quite simple. Looking at that diff (rat-files) will tell you (and actually the make output did as well) that all we're really building is a single binary called ratproxy. That's all there is to this sucker.
Now we just need to get that to its new home in fakeroot. Since there scripts and other things needed that didn't get compiled, we're going to move the entire directory as its only 620K:
# cd /root # mkdir -p fakeroot/opt/owasp/ # mv build/ratproxy/ fakeroot/opt/owasp/
I'm also going to take a piece of the README file and keep it separately. We'll see why in a bit so trust me.
# cp fakeroot/opt/owasp/ratproxy/README fakeroot/opt/owasp/ratproxy/how-to-run-the-proxy
# vi fakeroot/opt/owasp/ratproxy/how-to-run-the-proxy
[trim out the unwanted bits of the README]
Create support files in the fakeroot directory
Because ratproxy is a command line tool, we're going to create two startup scripts to be used by the menu item:
$ mkdir -p fakeroot/usr/bin $ vi fakeroot/usr/bin/startup-ratproxy [create script] $ cat fakeroot/usr/bin/startup-ratproxy #/bin/sh echo " __ " echo " _________ _/ /_____ _________ _ ____ __ " echo " / ___/ __ \`/ __/ __ \/ ___/ __ \| |/_/ / / / " echo " / / / /_/ / /_/ /_/ / / / /_/ /> </ /_/ / " echo " /_/ \__,_/\__/ .___/_/ \____/_/|_|\__, / " echo " /_/ /____/ " echo " version 1.53-beta " echo " " echo " ratproxy has many command line options. You can view " echo " the help file with the command \"help4ratproxy\" " echo " " echo " Basic Usage: " echo " ratproxy -v <outdir> -w <outfile> -d <domain> -lfscm " echo " or more more verbose logging " echo " ratproxy -v <outdir> -w <outfile> -d <domain> -lextifscgjm " echo " /root/tools/ratproxy/ is a good <outdir> " echo " " echo " ratproxy will read its log files and generate a nice " echo " html report so more logging = more to report (see above) " echo " To generate a report run the below in /root/tools/ratproxy " echo " assuming you used /root/tools/ratproxy as <outdir> " echo " ratproxy-report ratproxy.log >report.html " echo " Changing the log and report file names as needed. " echo " " echo " To stop the proxy after starting simply hit Ctrl-C " echo " " echo " Now, open Firefox and change the proxy settings to 127.0.0.1 8080 " echo " " $ chmod 775 fakeroot/usr/bin/startup-ratproxy
While we still remember, lets create the help4ratproxy command:
$ vi fakeroot/usr/bin/help4ratproxy $ cat fakeroot/usr/bin/help4ratproxy #!/bin/sh less /opt/owasp/ratproxy/how-to-run-the-proxy $ chmod 775 fakeroot/usr/bin/help4ratproxy
We also need to get Ratproxy and its report generator into our path:
$ vi fakeroot/usr/bin/ratproxy $ cat fakeroot/usr/bin/ratproxy #!/bin/sh cd /opt/owasp/ratproxy ./ratproxy "$@" $ chmod u+x fakeroot/usr/bin/ratproxy $ vi fakeroot/usr/bin/ratproxy-report $ cat fakeroot/usr/bin/ratproxy-report #!/bin/sh cd /opt/owasp/ratproxy ./ratproxy-report.sh "$@" $ chmod 775 fakeroot/usr/bin/ratproxy-report
Now a menu item:
$ mkdir fakeroot/usr/share/applications $ vi fakeroot/usr/share/applications/ratproxy.desktop [create the file] $ cat fakeroot/usr/share/applications/ratproxy.desktop [Desktop Entry] Categories=Application;Network; Comment= Encoding=UTF-8 Exec[$e]=startup-ratproxy; bash GenericName=Ratproxy Icon=/usr/share/pixmaps/ratproxy-icon.png MimeType=text/html Name=Local Proxy Path[$e]= StartupNotify=false Terminal=1 TerminalOptions=-T "Ratproxy - passive web application security assessment tool" Type=Application X-KDE-StartupNotify=true X-KDE-SubstituteUID=false X-KDE-Username=
For the icon, I wasn't quite sure what to do. I grabbed a Swiss Army and used a little Gimp-foo to come up with the icon. Then, I moved that into fakeroot.
mkdir fakeroot/usr/share/pixmaps $ cp temp/ratproxy-icon.png fakeroot/usr/share/pixmaps/rat-icon.png
We should now have everything we need in fakeroot. Give it a final sanity check, then create a new module based on what's in fakeroot:
# find fakeroot/ | less # dir2lzm fakeroot/ ratproxy-1.53.lzm
Test the new modules
SLAX will allow you to add modules to a running system. Before going on, you should install the module and make sure it works like expected. Check out the page Add modules to a running system to see how to do this. Since I had to do a make install before I created the module, I used a freshly booted Live CD to test the module. Verify that ratproxy works as expected.
If everything goes as expected, you'll need to add this module to the ISO image. Since we've created the module in the Live CD, you'll need to move it off to a "real" computer. You can use a USB drive, scp or whatever to get the files off the Live CD.
Add the modules to the ISO build directory
Also cake
$ cp -i ratproxy-1.53.lzm ../contents/slax/base/ $ chmod 775 ../contents/slax/base/ratproxy-1.53.lzm
This assumes your Ratproxy module was moved into your working directory. See How I created the live CD#Create_a_Working_Directory
Clean up and archive
Once you've got a working module, lets clean up a bit.
$ $ mkdir ./completed_modules/ratproxy $ mv ratproxy-1.53.lzm ./completed_modules/ratproxy/ $ mv temp/ratproxy-1.53.tar.gz ./completed_modules/ratproxy/ $ rm -rf ./temp/*
