Making Webshag module

From OWASP Live CD 2008

Jump to: navigation, search

Get the Source for Webshag

Go to the Webshag website which is not in English by the way. Here's a translation if needed. You'll find the links for downloads fairly far down the page. Grab the most recent Linux one which at this time is ws100_linux.tar.gz.

Also, the tarball (.tar.gz) doesn't include a parent directory and instead dumps its contents into the current directory. Let make sure that doesn't happen to us: 

 # scp mtesauro@my-box.example.com:/home/mtesauro/projects/ws100_linux.tar.gz ./
 # mkdir webshag
 # mv ws100_linux.tar.gz webshag
 # cd webshag
 # tar -xzvf ws100_linux.tar.gz
 # cd ..

Create the needed directories in fakeroot

Eventually, we'll use dir2lzm to make the module, so lets get the directories created that we need: 

 # mkdir -p ./fakeroot/opt/owasp/
 # mkdir -p ./fakeroot/usr/bin
 # mkdir -p ./fakeroot/usr/share/aplications
 # mkdir -p ./fakeroot/usr/share/pixmaps

Create and put the module's files into the fakeroot directory

Although we are getting Python code which is interpreted, according to the manual, there's a configuration script written in Python. Since it will be setting several paths and such in the source code, we'd better first move it to its final home. 

 # mkdir /opt/owasp
 # mv webshag /opt/owasp/
 # cd /opt/owasp/webshag
 # chmod u+x config_linux.py
 # find / > /root/pre-webshag
 # ./config_linux.py  
This script will setup all the required webshag parameters.
Detecting Nmap port scanner...	Done!
Valid Live Search AppID (blank if none): 
Domain information module will not be functional.
Patching source code to setup config file location...	Done!
Setting up path to file fuzzer lists...	Done!
Setting up path to URL database files...	Done!
Setting up path to (IDS) proxies list...	Done!
Writing changes to configuration file...	Done!

Thanks for your interest in webshag! It is now ready to be used!
If you move webshag folder, run this script again to reconfigure.

Enjoy! For more information please visit www.scrt.ch
 # find / > /root/post-webshag
 # cd /root
 # diff pre-webshag post-webshag | less
     [shows that nothing was added to the file system]

Notice that the configuration script asked for a Live Search AppID. I didn't put one in since it would be hard coded in the ISO. If you have one and want to use it with Webshag, add it to line 42 of the file /opt/owasp/webshag/config/webshag.cong.

Let see how we're doing: 

 #  ./webshag.py 
Impossible to locate all required modules!
Check that you have wxPython installed or use webshag in CLI mode.

Looks like we need wxPython. I documented that in Making the wxPython module

Stopping here for now --Mtesauro 22:42, 1 February 2009 (UTC)


Retrieved from "http://mtesauro.com/livecd/index.php?title=Making_Webshag_module"