integrated Wapiti-2.2.1 into OpenVAS
[*]Download wapiti from sourceforge:
http://sourceforge.net/projects/ ... oad?_test=nocounter
[*]Extract to /usr/local/
[*]Change owner of wapiti directory to root:
root@localhost:~# chown -R root:root /usr/local/wapiti-2.2.1/
[*]Make wapiti.py and vulnerability.py executable:
root@localhost:~# chmod 755 /usr/local/wapiti-2.2.1/src/wapiti.py
root@localhost:~# chmod 755 /usr/local/wapiti-2.2.1/src/vulnerability.py
[*]Create wapiti script in /usr/bin
root@localhost:~# touch /usr/bin/wapiti
root@localhost:~# vi /usr/bin/wapiti
[*]Add this to the script:
#!/bin/sh
cd /usr/local/wapiti-2.2.1/src/
./wapiti.py $*
[*]Check permissions and owner:
root@localhost:~# ls -ld /usr/bin/wapiti
-rwxr-xr-x 1 root root 59 2012-04-10 10:42 /usr/bin/wapiti
[*]Now when you run a relevant Openvas scan, you should see the following in the report (note my scan detected no wapiti vulnerabilities):
Low
NVT: wapiti (NASL wrapper)
Here is the wapiti report:
Vulnerabilities report -- Wapiti
http://wapiti.sourceforge.net/
This report has been generated by Wapiti Web Application Scanner
Reference: http://www.linuxquestions.org/questions/linux-software-2/wapiti-security-tool-fails-to-run-with-openvas-935495/#post4649226
頁:
[1]