- dradis framework guides
Installing Dradis on BackTrack
This guide covers how to get the latest Dradis Framework up and running in BackTrack 5.
We are going to clone the development repository of Dradis so you can be sure you are always running the latest and greatest.
Please note that eventually we will fine tune the process of pushing the latest Dradis packages to the BT repositories in a timely manner. In the mean time, you can use this guide to stay on the bleeding edge.
1 Installing Ruby 1.9.3
We are going to install Ruby 1.9.3 using RVM. This has the benefit of keeping everything under your `~/.rvm/` folder:
root@root:~# bash -s stable < <(curl -s https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer) root@root:~# source /etc/profile.d/rvm.sh root@root:~# rvm -v
Once RVM is up and running we need to get a couple of libraries that will be required by the Ruby installation:
etd@host:~$ for package in zlib openssl libxslt libxml2; do rvm pkg install $package; done
And finally the Ruby 1.9.3 runtime:
root@root:~# rvm install 1.9.3 root@root:~# rvm 1.9.3 --default root@root:~# ruby -v
There is an additional step that it’s not required but that will shorten the time required to install ruby gems:
root@root:~# echo "gem: --no-rdoc --no-ri" > ~/.gemrc
This tells RubyGems to not generate documentation for every library it installs.
Finally, we just need to install the Bundler gem, all other Ruby gems will be installed using Bundler:
root@root:~# gem install bundler root@root:~# bundle -v
2 Download Dradis
We are going to work with the Git version of Dradis which is stable but contains the latest and greatest features:
root@root:~# cd /pentest/misc/ root@root:/pentest/misc# mkdir dradis-git && cd dradis-git root@root:/pentest/misc/dradis-git# git clone https://github.com/dradis/dradisframework.git server root@root:/pentest/misc/dradis-git# for file in verify reset start; do curl -O https://raw.githubusercontent.com/dradis/meta/master/$file.sh; done root@root:/pentest/misc/dradis-git# chmod +x *.sh
To make sure it everything is as it should, double check the contents of the directory:
root@root:/pentest/misc/dradis-git# ls -l total 32 -rwxr-xr-x 1 etd staff 847 Feb 19 14:26 reset.sh* drwxr-xr-x 26 etd staff 884 Feb 19 14:02 server/ -rwxr-xr-x 1 etd staff 407 Feb 19 14:26 start.sh* -rwxr-xr-x 1 etd staff 6775 Feb 19 14:26 verify.sh*
We are going to create a gemset to store all the Ruby gems that Dradis requires in a self-contained package. This means that the libraries won’t affect any other apps you have installed. Also if you decide to remove Dradis, you can delete this gemset and cleanup the system.
To activate the gemset just enter the `server/` directory and answer yes when RVM asks:
root@root:/pentest/misc/dradis-git# cd server/ Do you wish to trust this .rvmrc file? (/pentest/misc/dradis-git/server/.rvmrc) y[es], n[o], v[iew], c[ancel]> y Using /root/.rvm/gems/ruby-1.9.3-p125 with gemset dradis root@root:/pentest/misc/dradis-git# cd ..
Once you have your copy of the repo, we need to install a few Ruby dependencies:
3 Preparing Dradis
Before you can start the server you need to run ./reset.sh this will prepare the config files for first use and will re-generate the repository database.
However, since in BackTrack you typically run as the root user, there is a tweak that you have to apply to the `reset.sh` and `start.sh` scripts.
We will start with `reset.sh`. Replace the RVM load line (around #13) from:
[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"
[[ -s /etc/profile.d/rvm.sh ]] && . /etc/profile.d/rvm.sh
Repeat for `start.sh`. And that’s it:
root@root:/pentest/misc/dradis-git# ./reset.sh Some Ruby gems are missing, do you want to install them now? [y] y
This will install the libraries that are required to run Dradis. Once that’s is done, we need to run the script again:
root@root:/pentest/misc/dradis-git# ./reset.sh The config file [config/database.yml.template] was found not to be ready to use. Do you want to initialize it? [y]es | [N]o | initialize [a]ll a
If you ever want to clear your repository (e.g. a new project begins), re-runing the command above will do the trick.
root@root:/pentest/misc/dradis-git# cd server/ root@root:/pentest/misc/dradis-git/server# RAILS_ENV=production bundle exec rake assets:precompile root@root:/pentest/misc/dradis-git/server# cd ../
4 Running Dradis
Once everything is ready, you can run the server with:
You are ready to browse: https://127.0.0.1:3004/
The script also accepts the -h flag to help you with additional arguments to customize the binding address and port number.
For instance to bind to port 443 and listen in all interfaces you can run:
root@root:/pentest/misc/dradis-git# ./start.sh -b 0.0.0.0 -p 443
5 Updating Dradis
Once you have a local copy of the Dradis repository. Updating is just one instruction away:
root@root:~# cd /pentest/misc/dradis-git/server root@root:/pentest/misc/dradis-git/server# git pull