• home
  • dradis framework guides

Installing Dradis on BackTrack

This guide covers how to get the latest Dradis Framework up and running in BackTrack 5.

We are going to clone the development repository of Dradis so you can be sure you are always running the latest and greatest.

Please note that eventually we will fine tune the process of pushing the latest Dradis packages to the BT repositories in a timely manner. In the mean time, you can use this guide to stay on the bleeding edge.

1 Installing Ruby 1.9.3

We are going to install Ruby 1.9.3 using RVM. This has the benefit of keeping everything under your `~/.rvm/` folder:

root@root:~# bash -s stable < <(curl -s https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
root@root:~# source /etc/profile.d/rvm.sh
root@root:~# rvm -v

Once RVM is up and running we need to get a couple of libraries that will be required by the Ruby installation:

etd@host:~$ for package in zlib openssl libxslt libxml2; do rvm pkg install $package; done

And finally the Ruby 1.9.3 runtime:

root@root:~# rvm install 1.9.3
root@root:~# rvm 1.9.3 --default
root@root:~# ruby -v

There is an additional step that it’s not required but that will shorten the time required to install ruby gems:

root@root:~# echo "gem: --no-rdoc --no-ri" > ~/.gemrc

This tells RubyGems to not generate documentation for every library it installs.

Finally, we just need to install the Bundler gem, all other Ruby gems will be installed using Bundler:

root@root:~# gem install bundler
root@root:~# bundle -v

2 Download Dradis

We are going to work with the Git version of Dradis which is stable but contains the latest and greatest features:

root@root:~# cd /pentest/misc/
root@root:/pentest/misc# mkdir dradis-git && cd dradis-git
root@root:/pentest/misc/dradis-git# git clone https://github.com/dradis/dradisframework.git server
root@root:/pentest/misc/dradis-git# for file in verify reset start; do curl -O https://raw.githubusercontent.com/dradis/meta/master/$file.sh; done
root@root:/pentest/misc/dradis-git# chmod +x *.sh

To make sure it everything is as it should, double check the contents of the directory:

root@root:/pentest/misc/dradis-git# ls -l
total 32
-rwxr-xr-x   1 etd  staff   847 Feb 19 14:26 reset.sh*
drwxr-xr-x  26 etd  staff   884 Feb 19 14:02 server/
-rwxr-xr-x   1 etd  staff   407 Feb 19 14:26 start.sh*
-rwxr-xr-x   1 etd  staff  6775 Feb 19 14:26 verify.sh*

We are going to create a gemset to store all the Ruby gems that Dradis requires in a self-contained package. This means that the libraries won’t affect any other apps you have installed. Also if you decide to remove Dradis, you can delete this gemset and cleanup the system.

To activate the gemset just enter the `server/` directory and answer yes when RVM asks:

root@root:/pentest/misc/dradis-git# cd server/
Do you wish to trust this .rvmrc file? (/pentest/misc/dradis-git/server/.rvmrc)
y[es], n[o], v[iew], c[ancel]> y
Using /root/.rvm/gems/ruby-1.9.3-p125 with gemset dradis
root@root:/pentest/misc/dradis-git# cd ..

Once you have your copy of the repo, we need to install a few Ruby dependencies:

3 Preparing Dradis

Before you can start the server you need to run ./reset.sh this will prepare the config files for first use and will re-generate the repository database.

However, since in BackTrack you typically run as the root user, there is a tweak that you have to apply to the `reset.sh` and `start.sh` scripts.

We will start with `reset.sh`. Replace the RVM load line (around #13) from:

[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"


[[ -s /etc/profile.d/rvm.sh ]] && . /etc/profile.d/rvm.sh

Repeat for `start.sh`. And that’s it:

root@root:/pentest/misc/dradis-git# ./reset.sh
Some Ruby gems are missing, do you want to install them now? [y] y

This will install the libraries that are required to run Dradis. Once that’s is done, we need to run the script again:

root@root:/pentest/misc/dradis-git# ./reset.sh
The config file [config/database.yml.template] was found not to be ready to use.
Do you want to initialize it? [y]es | [N]o | initialize [a]ll

If you ever want to clear your repository (e.g. a new project begins), re-runing the command above will do the trick.

The final step is to make sure all the assets (i.e. images, JavaScripts, CSS, etc.) that Dradis needs are precompiled to ensure they load at maximum speed:

root@root:/pentest/misc/dradis-git# cd server/
root@root:/pentest/misc/dradis-git/server# RAILS_ENV=production bundle exec rake assets:precompile
root@root:/pentest/misc/dradis-git/server# cd ../

4 Running Dradis

Once everything is ready, you can run the server with:

root@root:/pentest/misc/dradis-git# ./start.sh

You are ready to browse:

The script also accepts the -h flag to help you with additional arguments to customize the binding address and port number.

For instance to bind to port 443 and listen in all interfaces you can run:

root@root:/pentest/misc/dradis-git# ./start.sh -b -p 443

5 Updating Dradis

Once you have a local copy of the Dradis repository. Updating is just one instruction away:

root@root:~# cd /pentest/misc/dradis-git/server
root@root:/pentest/misc/dradis-git/server# git pull