diff -Naur jeriko.orig/.jerikorc jeriko/.jerikorc --- jeriko.orig/.jerikorc 2009-03-01 22:17:35.000000000 +0100 +++ jeriko/.jerikorc 2009-04-02 17:38:43.000000000 +0200 @@ -2,23 +2,83 @@ # JERIKO CONFIG SKELL # just copy this file within your project's or your user's folder # -PATH_TO_NMAP= -PATH_TO_NESSUS= -PATH_TO_MSFCONSOLE= + +# +# NESSUS / NESSUSD +# choose if using nessus or OpenVAS +# +NESSUS="nessus" +NESSUSD="nessusd" +#NESSUS="OpenVAS-Client" +#NESSUSD="openvasd" + +# +# MSFDB +# set Metasploit db type +# +MSFDB="db_sqlite2" +#MSFDB="db_sqlite3" +#MSFDB="db_postgres" # # SETUP PATHS # configure system paths # +PATH_TO_NMAP= +PATH_TO_NESSUS= +PATH_TO_MSFCONSOLE= + for BIN in $PATH_TO_NMAP $PATH_TO_NESSUS $PATH_TO_MSFCONSOLE do if [ `which $BIN` ] then PATH=$PATH:`dirname $BIN` - fi + fi done # +# RUN IN BATCH +# environment variables specific to run-in-batch +# +RUN_IN_BATCH_MAX_PROCESSES=10 + +# +# RUN IN PARALLEL +# environment variables specific to run-in-parallel +# +RUN_IN_PARALLEL_MAX_PROCESSES=10 +RUN_IN_PARALLEL_MAX_WAIT=10 + +# +# SCAN WHOIS +# environment vriables specific to scan-whois +# +WHOIS_SERVERS="whois.apnic.net whois.arin.net whois.ripe.net whois.networksolutions.com" + +# +# NMAP +# configure nmap +# +NMAP_TCP_SCAN_METHOD="-sS -P0" +NMAP_UDP_SCAN_METHOD="-sU -P0" + +# +# NESSUS +# configure nessus +# +NESSUS_HOST=127.0.0.1 +NESSUS_PORT=1241 +NESSUS_USER=user +NESSUS_PASS=pass + +# +# WGET +# configure wget +# +WGET_URL_SCAN_METHOD="-l1" +WGET_URL_STREAM_METHOD= + +# # MAKE CHECKLESS # if this file is present and configured we don't need to perform further checks # diff -Naur jeriko.orig/environment-check jeriko/environment-check --- jeriko.orig/environment-check 2009-04-02 01:58:59.000000000 +0200 +++ jeriko/environment-check 2009-04-02 17:38:43.000000000 +0200 @@ -36,7 +36,7 @@ check_for_cmd wget check_for_cmd nmap check_for_cmd msfconsole - check_for_cmd nessus + check_for_cmd $NESSUS # # JERIKO STRICT CHECKS @@ -45,7 +45,7 @@ then if [ "$NESSUS_HOST" = "127.0.0.1" -o "$NESSUS_HOST" = "localhost" ] then - check_for_process nessusd + check_for_process $NESSUSD fi fi fi diff -Naur jeriko.orig/environment-load jeriko/environment-load --- jeriko.orig/environment-load 2009-04-02 01:58:59.000000000 +0200 +++ jeriko/environment-load 2009-04-02 17:38:43.000000000 +0200 @@ -7,6 +7,19 @@ export PATH=`dirname $0`:$PATH # +# NESSUS / NESSUSD +# choose if using nessus or OpenVAS +# +NESSUS="nessus" +NESSUSD="nessusd" + +# +# MSFDB +# set Metasploit db type +# +MSFDB="db_sqlite2" + +# # RUN IN BATCH # environment variables specific to run-in-batch # diff -Naur jeriko.orig/environment-setup jeriko/environment-setup --- jeriko.orig/environment-setup 2009-02-23 01:04:21.000000000 +0100 +++ jeriko/environment-setup 2009-04-02 17:38:43.000000000 +0200 @@ -11,6 +11,10 @@ auto_install_package() { sudo yum install $@ } +else + auto_install_package() { + echo "$@ is missing. Please install it." + } fi install_if_not_present() { diff -Naur jeriko.orig/generate-exploit-batch jeriko/generate-exploit-batch --- jeriko.orig/generate-exploit-batch 2009-04-02 01:58:59.000000000 +0200 +++ jeriko/generate-exploit-batch 2009-04-02 17:40:34.000000000 +0200 @@ -2,7 +2,7 @@ . `dirname $0`/environment-load cat << EOF -load db_sqlite2 +load $MSFDB db_create EOF diff -Naur jeriko.orig/scan-vulnerabilities jeriko/scan-vulnerabilities --- jeriko.orig/scan-vulnerabilities 2009-03-24 10:34:49.000000000 +0100 +++ jeriko/scan-vulnerabilities 2009-04-02 17:41:49.000000000 +0200 @@ -16,5 +16,5 @@ do echo "$TARGET" > "vulnerability_scan_$TARGET_$TIMESTAMP.target" - nessus -V -T nbe -x -c "vulnerability_scan_$TARGET_$TIMESTAMP.config" -q $NESSUS_HOST $NESSUS_PORT $NESSUS_USER $NESSUS_PASS "vulnerability_scan_$TARGET_$TIMESTAMP.target" "vulnerability_scan_$TARGET_$TIMESTAMP.nbe" + $NESSUS -V -T nbe -x -c "vulnerability_scan_$TARGET_$TIMESTAMP.config" -q $NESSUS_HOST $NESSUS_PORT $NESSUS_USER $NESSUS_PASS "vulnerability_scan_$TARGET_$TIMESTAMP.target" "vulnerability_scan_$TARGET_$TIMESTAMP.nbe" done