w3af的安装

evans@Kali$ cd w3af/
evans@Kali$ ./w3af_console
->(错误)/usr/bin/env: “python”: 没有那个文件或目录

evans@Kali$ sudo apt install python #因为w3af基于Python2

evans@Kali$ ./w3af_console
->(错误)We recommend you install pip before continuing.

evans@Kali$ sudo apt install python-pip
evans@Kali$ ./w3af_console
->(错误)......(一堆要安装的包)
->(错误)A script with these commands has been created for you at /tmp/w3af_dependency_install.sh

evans@Kali$ /tmp/w3af_dependency_install.sh #该脚本会调用apt安装他需要的软件包，所以建议之前要apt update
->(错误)............
#此时大多数异常大概都是因为pip下载软件包时失败造成的，重新运行脚本即可

evans@Kali$ /tmp/w3af_dependency_install.sh
->(错误)............

evans@Kali$ /tmp/w3af_dependency_install.sh
->(错误)No matching distribution found for gitdb>=4.0.1
# 每次都是这错误，估计就是真的出问题了，百度搜了一波找到方法。

evans@Kali$ vim w3af/core/controllers/dependency_check/requirements.py
#将GitPython后面的值改为2.1.15，据说不同版本都不同

evans@Kali$ /tmp/w3af_dependency_install.sh
->(错误)npm WARN deprecated request@2.88.2: request has been deprecated # npm源的问题

evans@Kali$ npm config set registry https://registry.npm.taobao.org #设置npm源

evans@Kali$ /tmp/w3af_dependency_install.sh
->(错误)npm WARN checkPermissions Missing write access to /usr/local/lib #意思是无写的权限

evans@Kali$ sudo chmod -R 777 /usr/local/lib
evans@Kali$ /tmp/w3af_dependency_install.sh
->(错误)Error: EACCES: permission denied, symlink '../lib/node_modules/retire/bin/retire' -> '/usr/local/bin/retire'........
#看来整个/usr/local/都要权限

evans@Kali$sudo chmod -R 755 /usr/local
evans@Kali$ /tmp/w3af_dependency_install.sh #无报错
evans@Kali$ ./w3af_console
->(错误)Your python installation needs the following modules to run w3af:OpenSSL pyasn1 lxml
->(错误)A script with these commands has been created for you at /tmp/w3af_dependency_install.sh

evans@Kali$ /tmp/w3af_dependency_install.sh
->(打脸)它说的包都已安装
#找了好久没找到答案，然后不小心输入

evans@Kali$ sudo ./w3af_console
w3af>>
# 成功了！！原来还要root才行。

#使用与第一次一样的方法
......(正常部分省略)
evans@Kali-Min$ /tmp/w3af_dependency_install.sh
->(错误)/usr/bin/ld:没有找到lz
->(错误)command 'i6862-linux-gun-gcc'failed with exit status 1
#又得百度一波，据说是缺少zlib.
evans@Kali-Min$ sudo apt install zlib* #因为zlib有几个东西所有用通配符*
evans@Kali-Min$ /tmp/w3af_dependency_install.sh #一切顺利

evans@Kali-Min$ ./w3af_console

w3af>> #这次忘了加sudo，但竟然也可，可能是第一次哪步用了root用户来安装

$ sudo apt install python python-pip #最小安装的系统还要安装zlib*
$ git clone https://gitee.com/chenM1020/w3af
$ cd w3af
$ vim w3af/core/controllers/dependency_check/requirements.py
#将GitPython后面的值改为2.1.15
$ ./w3af_console
$ vim /tmp/w3af_dependency_install.sh
#在最靠前的npm前加入一行 npm config set registry https://registry.npm.taobao.org
$ sudo chmod -R 777 /usr/local
$ /tmp/w3af_dependency_install.sh
$ ./w3af_console

$ ./w3af_gui
->(错误)跟命令行时一样
$ /tmp/w3af_dependency_install.sh
->(错误)无法定位软件包python-webkit，其他的软件包全部正常
$ wget http://ftp.br.debian.org/debian/pool/main/p/pywebkitgtk/python-webkit_1.1.8-3_amd64.deb
# 其他架构：http://ftp.br.debian.org/debian/pool/main/p/pywebkitgtk/python-webkit_1.1.8-3_架构.deb
# 以下是Python-webkit的依赖
$ wget http://ftp.br.debian.org/debian/pool/main/w/webkitgtk/libjavascriptcoregtk-1.0-0_2.4.11-3_amd64.deb
# 其他架构：http://ftp.br.debian.org/debian/pool/main/w/webkitgtk/libjavascriptcoregtk-1.0-0_2.4.11-3_架构.deb
$ wget http://ftp.br.debian.org/debian/pool/main/w/webkitgtk/libwebkitgtk-1.0-0_2.4.11-3_amd64.deb
# 其他架构：http://ftp.br.debian.org/debian/pool/main/w/webkitgtk/libwebkitgtk-1.0-0_2.4.11-3_架构.deb
$ wget http://ftp.de.debian.org/debian/pool/main/i/icu/libicu57_57.1-6+deb9u3_arm64.deb
# 其他架构：http://ftp.de.debian.org/debian/pool/main/i/icu/libicu57_57.1-6+deb9u3_架构.deb
$ wget http://ftp.br.debian.org/debian/pool/main/p/python-support/python-support_1.0.15_all.deb
# 开始安装
$ sudo dpkg --install libjavascriptcoregtk-1.0-0_2.4.11-3_amd64.deb
$ sudo dpkg --install libwebkitgtk-1.0-0_2.4.11-3_amd64.deb
$ sudo dpkg --install libicu57_57.1-6+deb9u3_arm64.deb
$ sudo dpkg --install python-support_1.0.15_all.deb
$ sudo dpkg --install python-webkit_1.1.8-3_amd64.deb
$ sudo apt --fix-broken install
$ ./w3af_gui
->(错误)老错误。
$ /tmp/w3af_dependency_install.sh
$ ./w3af_gui
# 搞定！！