[OWASP_OWTF] Fwd: Steps to install OWTF on KALI 2.0

Vishal Gandhi vkgandhi84 at gmail.com
Wed Jan 6 17:37:59 UTC 2016


Hi Abraham,

Thought to provide you updates on my findings.

First, I tried to install stable version (option 1 at the beginning of the
installation process) which threw errors.  Second,  I tried latest
development branch (option 2 for KALI) which worked like a charm and
installation was successful.  I had minor trouble starting database and to
me it looks like the database startup script is referencing database
version 9.1, but KALI 2.0 by default has 9.4.  Database did start even
though I saw error and OWTF is up and running now.

I've also tried using few tools and no problems so far.  Strange to notice
that w3af plug-in is still running (for more than 2 days now).  May be it
still working, because I don't see any errors so far.  I'll try to figure
out if this is because of multi-threading issue that you mentioned or
something else.  Please, see attached screen captures and I hope this
additional information helps.

Thank you again for your guidance and all the support I received from OWTF
community.



​

​


---------- Forwarded message ----------
From: Vishal Gandhi <vkgandhi84 at gmail.com>
Date: Tue, Dec 29, 2015 at 5:58 PM
Subject: Re: [OWASP_OWTF] Steps to install OWTF on KALI 2.0
To: Abraham Aranguren <abraham.aranguren at owasp.org>
Cc: owasp_owtf at lists.owasp.org


Hi Abraham,

I tried this on 18th October using Bootstrap script which didn't work.  I
didn't record errors that I saw on my screen, but then I tried this with
Manual Installation which uses default repository
https://github.com/owtf/owtf.git .  But, installation showed many errors
(most of those related to missing dependencies).  I then started browsing
development branches and tried some, but similar errors until I tried
lions2014 .  But, installation from latest development branch worked fine
for you on new Kali 2 VM.  So, I am thinking this may have something to do
with me upgrading from Kali 1.1.0 to 2.0.

I am thinking to create brand new VM with Kali 2 (instead of upgrading) and
try the latest version of OWTF (the one published as well as development
one) next and see if it works.

I didn't make full use of all the features of OWTF yet, but I'll do so soon
and keep you posted.

Thanks again and you have a joyous and happy new year in advance. :)

On Tue, Dec 29, 2015 at 2:27 PM, Abraham Aranguren <
abraham.aranguren at owasp.org> wrote:

> Hi Vishal,
>
> I noticed you are using a very old branch (lions2014), did that work
> better for you than the current development branch? I tested the
> installation on a brand new Kali 2 VM, with almost nothing installed and
> the installation seems to work ok.
>
> We are still facing multiprocessing issues such as deadlocks during
> scanning, I would be interested to know if scanning works well on some of
> the old branches, that should help us narrow down the problem.
>
> Thoughts?
>
> Thanks and happy new year! :)
>
> Abe
> On 29 Dec 2015 03:39, "Vishal Gandhi" <vkgandhi84 at gmail.com> wrote:
>
>> Hi,
>>
>> I am fairly new to this, but I tried out OWTF in October.  I initially
>> installed it on KALI 1.0 which was smooth, but then upgrading to KALI 2.0
>> left it broken.  So, I tried installing it directly on KALI 2.0.
>>
>> I use VirtualBox virtual machine.  Following are the steps that I
>> followed to successfully install OWTF on KALI 2.0 which hopefully will help.
>>
>>
>> 1.  Clone KALI Template:kali-linux-1.1.0a-i386-v2 [ I had a template of
>> KALI 1.1.0 ]
>> 2.  Upgrade to KALI 2.0
>> 3.  cd /opt
>> 4.  git clone -b lions_2014 https://github.com/owtf/owtf.git
>> 5.  cd /opt/owtf/install
>> 6.  chmod u+x install.py
>> 7.  pip install cffi --upgrade
>> 8.  pip install --upgrade -r /opt/owtf/install/owtf.pip
>> 9.  pip install --upgrade beautifulsoup4 lxml Markdown psycopg2 pycurl six
>> 10. ./install.py
>> 11. cd /opt/owtf/profiles/general
>> 12. In default_backtrack.cfg and default.cfg, change value of
>> TOOL_METASPLOIT_DIR to reflect Metasploit installation directory to the
>> correct one which is /usr/share/metasploit-framework/
>>
>> Thanks.
>>
>>
>>
>> _______________________________________________
>> OWASP_OWTF mailing list
>> OWASP_OWTF at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_owtf
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_owtf/attachments/20160106/b21f1dd3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2015-12-30 at 8.06.38 PM.png
Type: image/png
Size: 1335489 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp_owtf/attachments/20160106/b21f1dd3/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2015-12-30 at 7.49.12 PM.png
Type: image/png
Size: 1280311 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp_owtf/attachments/20160106/b21f1dd3/attachment-0003.png>


More information about the OWASP_OWTF mailing list