Nessj Install BackTrack 2.0 Beta
I am currently taking SANS @Home Security 504: Hacker Techniques, Exploits & Incident Handling which is being taught by Ed Skoudis. Tonight was our fourth session and I have to say it is the one that I have learned the most from so far. Of course, so as to not take away form Ed’s class, I am not going to go over any details of his course work.
I would like to, however, direct you to a Nessus client that he pointed the class to this evening. The program is called Nessj. Basically it is a java client that can connect to Nessus and OpenVAS servers.
After the class the first thing I did was download the client and try to install it in my VMWare BackTrack 2 beta installation. I am still running the beta version of BackTrack 2 because the VMWare Tools module had not been updated. I can see, tonight, that this has been done but I am going to wait a little bit until the rest of the extra modules have been updated before I create an ISO with these modules installed.
Downloading Nessj was definitely the easy part. I first tried to run the standalone jar file but quickly learned that I did not have the dependencies installed (yes, I know, RTFM). Next I tried the Linux tar gzipped version. Running it is easy enough:
BT nessj# sh nessg.sh
I quickly learned that BackTrack does not set the environmental variable MOZILLA_FIVE_HOME. The script does try to search for the Mozilla installation but because of a file system bug the “find” command cannot completely search the drive.
BT nessj# find / -name embedmoz
find: Filesystem loop detected; `/mnt/sda1` has the same device number and inode as a directory which is 2 levels higher in the filesystem hierarchy.
Fortunately, BackTrack 2 includes Firefox and the libraries are located in “/opt/firefox”. The program’s search feature just errored out before it could find the directory. Or so I thought. Actually, what the search feature does not find is a file that contains the characters I included in the search above. The file that the program is actually looking for is “libgtkembedmoz.so”. This file is necessary because Nessj wants to use the browser as its GUI interface. If you try to edit the Nessj startup script so that it points to the included Firefox libraries you will get an error similar to:
BT nessj# ./nessg.sh
Nessj 0.7.0
Copyright 2006 Intedras, Inc. All rights reserved.
Web: http://www.intedras.com
E-mail: info@intedras.com2007-03-20 23:20:27 +0000 WARNING 0 THROW com.islandjohn.reason.gui.Main.main()
org.eclipse.swt.SWTError: No more handles [NS_InitEmbedding /opt/firefox error -2147221164]
*snip*
After searching on the error for a while I discovered that the file I was looking for is included in XULRunner. “XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird.” I quickly downloaded the Linux version of XULRunner and untarred it in the /opt directory of the filesystem. I then tried to start Nessj again using the nessg.sh script and I was greeted with a new Nessus client.
Now to determine if I want to use it instead of NessusClient. Of course, all of this might not be necessary with the new BackTrack 2 Final. If these steps are not necessary then please leave a comment to let future readers know. I’ll update the post one way or the other once I have upgraded.
Go forth and do good things,
Cutaway
Nessj, Nessus, NessusClient, XULRunner, Firefox, BackTrack, SANS, Skoudis, Security Ripcord
Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply