linux环境下搭建W12Scan：一款功能强大的网络安全资产扫描引擎

原创

马吉辉 2019-05-15 10:58:53 博主文章分类：linux运维系列 ©著作权

©著作权归作者所有：来自51CTO博客作者马吉辉的原创作品，请联系作者获取转载授权，否则将追究法律责任

半夜接到领导的邮件，说研究一下w12scan，对此毫无感念的我，废话不多说，google 百度用起来，下面为搭建全过程。至于w12scan到底干什么用的，我后面会单独的博客来介绍，先搭建起来再说。

第一步：准备服务器，centos7.6 内存4G cpu 4核

第二步：执行优化脚本（必做），优化脚本

第三步：安装docker

[root@w12scan-0-177 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.177 w12scan-0-177

[root@w12scan-0-177 opt]# which docker
/usr/bin/which: no docker in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
[root@w12scan-0-177 opt]# yum -y install yum-utils device-mapper-persistent-data lvm2
...
...
...
[root@w12scan-0-177 opt]# yum-config-manager --add-repo   https://download.docker.com/linux/centos/docker-ce.repo 
...
...
...
[root@w12scan-0-177 opt]# cd /etc/yum.repos.d/
[root@w12scan-0-177 yum.repos.d]# ll
total 48
-rw-r--r--. 1 root root 2523 Jun 16  2018 CentOS-Base.repo
-rw-r--r--. 1 root root 1664 Apr  1  2015 CentOS-Bas.repo.backup
-rw-r--r--. 1 root root 1309 Nov 23 21:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 21:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root  314 Nov 23 21:16 CentOS-fasttrack.repo
-rw-r--r--. 1 root root  630 Nov 23 21:16 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Nov 23 21:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 21:16 CentOS-Vault.repo
-rw-r--r--  1 root root 2424 Oct 25  2018 docker-ce.repo
-rw-r--r--. 1 root root  951 Oct  3  2017 epel.repo
-rw-r--r--. 1 root root 1050 Oct  3  2017 epel-testing.repo
[root@w12scan-0-177 yum.repos.d]# yum makecache fast
...
...
...
[root@w12scan-0-177 yum.repos.d]# yum install docker-ce-17.12.0.ce-1.el7.centos.x86_64 -y
...
...
...
[root@w12scan-0-177 yum.repos.d]# docker version
Client:
 Version:       17.12.0-ce
 API version:   1.35
 Go version:    go1.9.2
 Git commit:    c97c6d6
 Built: Wed Dec 27 20:10:14 2017
 OS/Arch:       linux/amd64
 [root@w12scan-0-177 yum.repos.d]# systemctl start docker
[root@w12scan-0-177 yum.repos.d]# which docker
/usr/bin/docker
[root@w12scan-0-177 yum.repos.d]# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 17.12.0-ce
Storage Driver: devicemapper
 Pool Name: docker-8:3-807331917-pool
 Pool Blocksize: 65.54kB
 Base Device Size: 10.74GB
 Backing Filesystem: xfs
 Udev Sync Supported: true
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Data Space Used: 11.73MB
 Data Space Total: 107.4GB
 Data Space Available: 107.4GB
 Metadata Space Used: 17.36MB
 Metadata Space Total: 2.147GB
 Metadata Space Available: 2.13GB
 Thin Pool Minimum Free Space: 10.74GB
 Deferred Removal Enabled: true
 Deferred Deletion Enabled: true
 Deferred Deleted Device Count: 0
 Library Version: 1.02.149-RHEL7 (2018-07-20)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
  curity Options:
▽seccomp
  Profile: default
Kernel Version: 3.10.0-957.12.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.858GiB
Name: w12scan-0-177
ID: 6V77:LJ6U:QERB:UFXZ:DF2H:PTFQ:YZLA:7M2G:5OKE:UJDH:EIAK:U2MC
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
         Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
[root@w12scan-0-177 yum.repos.d]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@w12scan-0-177 yum.repos.d]# vim /etc/docker/daemon.json
{
        "registry-mirrors": [ "https://registry.docker-cn.com" ]
}

[root@w12scan-0-177 yum.repos.d]# rpm -qa|grep docker
docker-ce-17.12.0.ce-1.el7.centos.x86_64

第四步安装w12scan

[root@w12scan-0-177 opt]# git clone https://github.com/boy-hack/w12scan
Cloning into 'w12scan'...
remote: Enumerating objects: 119, done.
remote: Counting objects: 100% (119/119), done.
remote: Compressing objects: 100% (80/80), done.
remote: Total 3145 (delta 48), reused 80 (delta 29), pack-reused 3026
Receiving objects: 100% (3145/3145), 13.18 MiB | 666.00 KiB/s, done.
Resolving deltas: 100% (833/833), done.
[root@w12scan-0-177 opt]# ll
total 4
drwxr-xr-x 2 root root    6 May 15 10:26 scripts
drwxr-xr-x 9 root root 4096 May 15 10:38 w12scan
[root@w12scan-0-177 opt]# cd w12scan/
[root@w12scan-0-177 w12scan]# ll
total 36
drwxr-xr-x 6 root root   72 May 15 10:38 application
-rw-r--r-- 1 root root  822 May 15 10:38 config.py
drwxr-xr-x 3 root root  124 May 15 10:38 doc
-rw-r--r-- 1 root root  707 May 15 10:38 docker-compose.yml
drwxr-xr-x 2 root root   46 May 15 10:38 dockerconf
-rw-r--r-- 1 root root  962 May 15 10:38 Dockerfile
-rw-r--r-- 1 root root 1064 May 15 10:38 LICENSE
-rwxr-xr-x 1 root root  804 May 15 10:38 manage.py
drwxr-xr-x 2 root root   96 May 15 10:38 pipeline
-rw-r--r-- 1 root root 3363 May 15 10:38 README.md
-rw-r--r-- 1 root root 4149 May 15 10:38 README-ZH.md
-rw-r--r-- 1 root root  275 May 15 10:38 requirements.txt
drwxr-xr-x 2 root root   70 May 15 10:38 Server
drwxr-xr-x 7 root root   64 May 15 10:38 static
[root@w12scan-0-177 w12scan]# docker-compose up -d
-bash: docker-compose: command not found

解决方法：
[root@w12scan-0-177 w12scan]# which pip
/usr/bin/which: no pip in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)

[root@w12scan-0-177 w12scan]# yum -y install epel-release
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * epel: mirrors.yun-idc.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Package epel-release-7-11.noarch already installed and latest version
Nothing to do
[root@w12scan-0-177 w12scan]# yum -y install python-pip
...
...
...
[root@w12scan-0-177 w12scan]# which pip
/usr/bin/pip
[root@w12scan-0-177 w12scan]# pip install --upgrade pip
Collecting pip
  Downloading https://files.pythonhosted.org/packages/5c/e0/be401c003291b56efc55aeba6a80ab790d3d4cece2778288d65323009420/pip-19.1.1-py2.py3-none-any.whl (1.4MB)
    100% |████████████████████████████████| 1.4MB 309kB/s 
Installing collected packages: pip
  Found existing installation: pip 8.1.2
    Uninstalling pip-8.1.2:
      Successfully uninstalled pip-8.1.2
Successfully installed pip-19.1.1
[root@w12scan-0-177 w12scan]# pip install docker-compose
...
...
...

[root@w12scan-0-177 w12scan]# docker-compose -version
docker-compose version 1.24.0, build 0aa5906

[root@w12scan-0-177 w12scan]# which docker-compose
/usr/bin/docker-compose

[root@w12scan-0-177 w12scan]# docker-compose up -d
...
...
...
Digest: sha256:4a824ecd07d4718810495dea2a93b579607798a0cd4e4f2333a160ca849e85ea
Status: Downloaded newer image for boyhack/w12scan-client:latest
Creating w12scan_elasticsearch_1 ... done
Creating w12scan_redis_1         ... done
Creating w12scan_web_1           ... done
Creating w12scan_client_1        ... done
//大约需要5分钟，跟服务器的配置 网络有关

第五步：

[root@w12scan-0-177 w12scan]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5377/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      5472/master         
tcp6       0      0 :::22                   :::*                    LISTEN      5377/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      5472/master         
tcp6       0      0 :::8000                 :::*                    LISTEN      8724/docker-proxy   
[root@w12scan-0-177 w12scan]#

环境搭建完成后，我们可以直接在浏览器中访问地址：http://127.0.0.1:8000。

默认账号和密码均为：boyhack。

我们访问地址为 http://192.168.0.177:8000/user/login

会看到登陆界面，接下来输入登陆账号和密码

到这里就是搭建好了！如何使用期待下篇博客。

参考链接为： https://x.hacking8.com/tag/w12scan //官网 https://github.com/w-digital-scanner/w12scan https://www.freebuf.com/sectool/202375.html https://blog.csdn.net/jiangyu1013/article/details/84570872