文章

ARL源码安装

发表于 更新于
作者 lmds
2 分钟阅读
ARL源码安装

安装ARL

ARL只适配CentOS7, 直接在服务器上下载会出现各种各样的问题

我们下载setup-arl.sh

1

wget https://raw.githubusercontent.com/TophantTechnology/ARL/master/misc/setup-arl.sh

进行分析,查看需要什么环境,提前准备进行安装

下面是提取出来的,需要下载的环境

1
2
3
4
5
6
7
8
9
10
11
12
13
14

rpm -vhU https://nmap.org/dist/nmap-7.91-1.x86_64.rpm
git clone https://github.com/TophantTechnology/ARL
git clone https://github.com/1c3z/ARL-NPoC

wget https://github.com/1c3z/arl_files/raw/master/ncrack -O /usr/local/bin/ncrack
chmod +x /usr/local/bin/ncrack

wget https://github.com/1c3z/arl_files/raw/master/ncrack-services -O /usr/local/share/ncrack/ncrack-services

mkdir -p /data/GeoLite2
    wget https://github.com/1c3z/arl_files/raw/master/GeoLite2-ASN.mmdb -O /data/GeoLite2/GeoLite2-ASN.mmdb
    wget https://github.com/1c3z/arl_files/raw/master/GeoLite2-City.mmdb -O /data/GeoLite2/GeoLite2-City.mmdb

curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/ssl/certs/dhparam.pem

我们就可以用本地的相关命令,或者下载器下载下面的文件

1
2
3
4
5
6
7
8

https://nmap.org/dist/nmap-7.91-1.x86_64.rpm
git clone https://github.com/TophantTechnology/ARL    或者    https://github.com/TophantTechnology/ARL/archive/refs/heads/master.zip
git clone https://github.com/1c3z/ARL-NPoC    或者    https://github.com/1c3z/ARL-NPoC/archive/refs/heads/master.zip
https://github.com/1c3z/arl_files/raw/master/ncrack
https://github.com/1c3z/arl_files/raw/master/ncrack-services
https://github.com/1c3z/arl_files/raw/master/GeoLite2-ASN.mmdb
https://github.com/1c3z/arl_files/raw/master/GeoLite2-City.mmdb
https://ssl-config.mozilla.org/ffdhe2048.txt

如下图,我们如果下载了压缩包,一定要解压和重命名。我们使用xftp全部传到 /opt 目录,setup-arl.sh 也不要忘了

之后修改我们下载的setup-arl.sh,我们需要去掉几行不需要的

安装nmap的去掉

证书 这两行也要去掉

之后下面的命令一条条在命令行执行

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

cd /opt
rpm -ivh nmap-7.91-1.x86_64.rpm

mv ncrack /usr/local/bin/ncrack
chmod +x /usr/local/bin/ncrack

mkdir -p /usr/local/share/ncrack/
mv ncrack-services /usr/local/share/ncrack/ncrack-services

mkdir -p /data/GeoLite2
mv GeoLite2-ASN.mmdb /data/GeoLite2/GeoLite2-ASN.mmdb
mv GeoLite2-City.mmdb /data/GeoLite2/GeoLite2-City.mmdb

cat ffdhe2048.txt > /etc/ssl/certs/dhparam.pem
rm -f ffdhe2048.txt
rm -f nmap-7.91-1.x86_64.rpm

cd /etc/ssl/certs/
openssl req -new -newkey rsa:2048 -sha256 -nodes -out arl_web.csr -keyout arl_web.key -subj "/C=CN/ST=Shanghai/L=Shanghai/O=Example Inc./OU=Web Security/CN=127.0.0.1"
openssl x509 -req -days 3650 -in arl_web.csr -signkey arl_web.key -out arl_web.crt

上面的命令执行完成后,我们就要执行setup-arl.sh

1
2

chmod +x setup-arl.sh
./setup-arl.sh

这样就完成了

https://IP:5003/login

默认用户名密码admin/arlpass

添加指纹

git clone https://github.com/loecho-sec/ARL-Finger-ADD

https://github.com/loecho-sec/ARL-Finger-ADD/archive/refs/heads/main.zip

下载并放到服务器下

python3.6 ARL-Finger-ADD.py https://127.0.0.1:5003/ admin password

配置ARL

/opt/ARL/app/config.yaml

配置文件根据自己的需求进行配置

https://github.com/TophantTechnology/ARL/wiki/ARL-2.3-%E6%96%B0%E6%B7%BB%E5%8A%A0%E5%8A%9F%E8%83%BD%E8%AF%A6%E7%BB%86%E8%AF%B4%E6%98%8E#%E6%B7%BB%E5%8A%A0%E6%9C%BA%E5%99%A8%E4%BA%BA

SRC, Tools
arl tools
本文由作者按照 CC BY 4.0 进行授权