如何搭建企业自己的扫描器(二)Tsunami 使用
邵兴怀
tsunami 使用
环境安装
使用ubuntu,我使用centos由于ncrack没有安装成功放弃了
安装java环境:
安装maven
apt install maven
安装nmap
# nmap >= 7.80
rpm -vhU https://nmap.org/dist/nmap-7.80-1.x86_64.rpm
安装ncrack
下载地址:https://nmap.org/ncrack/dist/ncrack-0.7.tar.gz
下面是ubuntu安装教程:
# ncrack >= 0.7
tar -xzf ncrack-0.7.tar.gz
cd ncrack-0.7
./configure
make
su root
make install
这玩意很难安装,如果报错:
fatal error: openssl/sha.h: No such file or directory
解决办法,安装openssl,直接安装sudo apt-get install libssl-dev没有用,正确方式如下:
# remove old libssl-dev (1.0)
apt remove libssl-dev
# install openssl 1.10h from source
wget http://www.openssl.org/source/openssl-1.1.0h.tar.gz
tar -xvzf openssl-1.1.0h.tar.gz
cd openssl-1.1.0h/
./config
make
sudo make install
sudo ldconfig
openssl version -a
如果报错:
configure: error: *** zlib.h missing - please install first or check config.log ***
解决办法
# tar zxf http://www.zlib.net/zlib-1.2.11.tar.gz
# cd zlib-***/
# ./configure --shared
# make test
# make install
# cp zutil.h /usr/local/include/
# cp zutil.c /usr/local/include/
tsunami安装
下载tsunami的扫描器
git clone https://github.com/google/tsunami-security-scanner.git
接着打包,如果报错,多试几次,如果还报错,换代理,或者放到海外vps打包好再搞回来。
cd tsunami-security-scanner
./gradlew shadowJar
下载tsunami的插件,并编译打包
git clone https://github.com/google/tsunami-security-scanner-plugins.git
cd ./tsunami-security-scanner-plugins/google
./build_all.sh
tsunami例子
使用如下命令:
java -cp "./tsunami-security-scanner/main/build/libs/tsunami-main-0.0.4-SNAPSHOT-cli.jar:/root/tsunami/tsunami-security-scanner-plugins/google/build/plugins/*" \
-Dtsunami.config.location=./tsunami-security-scanner/tsunami.yaml \
com.google.tsunami.main.cli.TsunamiCli \
--ip-v4-target=127.0.0.1 \
--scan-results-local-output-format=JSON \
--scan-results-local-output-filename=./tsunami-result.json
解释
-Dtsunami.config.location
加载配置文件
com.google.tsunami.main.cli.TsunamiCli
主函数
–ip-v4-target
扫描目标
–scan-results-local-output-format
–scan-results-local-output-filename
保存格式和保存地方
输出如下:
{
"scanStatus": "SUCCEEDED",
"scanStartTimestamp": "2021-02-12T15:00:48.965Z",
"scanDuration": "0.718s",
"fullDetectionReports": {
},
"reconnaissanceReport": {
"targetInfo": {
"networkEndpoints": [{
"type": "IP",
"ipAddress": {
"addressFamily": "IPV4",
"address": "127.0.0.1"
}
}]
},
"networkServices": [{
"networkEndpoint": {
"type": "IP_PORT",
"ipAddress": {
"addressFamily": "IPV4",
"address": "127.0.0.1"
},
"port": {
"portNumber": 22
}
},
"transportProtocol": "TCP",
"serviceName": "ssh",
"software": {
"name": "OpenSSH"
},
"versionSet": {
"versions": [{
"type": "NORMAL",
"fullVersionString": "7.6p1 Ubuntu 4ubuntu0.3"
}]
},
"banner": ["SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3"]
}]
}
}
参考:
1、tsunami how do i
2、Google Tsunami Plugins
3、question
类似资料: