blob: b5ea485ec646326396286b15abb8138d717cae96 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
Unicornscan and PostgreSQL
--------------------------
1. The PostgreSQL service has to be up and running. Depending on the exact
version of Slackware, on the first PostgreSQL startup, a "initdb -D \
/var/lib/pgsql/data" is maybe required for initializing.
bash-4.2# /etc/rc.d/rc.postgresql start
2. Switch to the PostgreSQL user.
bash-4.2# su - postgres
postgres@darkstar:~$
3. Create an own PostgreSQL database user for unicornscan. Don't forget to set
a password, e.g. "scanit!" as it is used in all examples.
postgres@darkstar:~$ createuser --no-superuser --no-createrole --no-createdb --pwprompt unicornscan
Enter password for new role:
Enter it again:
4. Create an own PostgreSQL database for unicornscan linked with the previous
generated database user for unicornscan.
postgres@darkstar:~$ createdb --owner unicornscan unicornscan
5. Switch back to the root user.
postgres@darkstar:~$ exit
bash-4.2#
6. Edit PostgreSQL client authentication file /var/lib/pgsql/data/pg_hba.conf
file with a text editor, insert the following lines before the other already
existing rules.
# TYPE DATABASE USER CIDR-ADDRESS METHOD
local unicornscan unicornscan md5
host unicornscan unicornscan 127.0.0.1/32 md5
host unicornscan unicornscan ::1/128 md5
7. Edit PostgreSQL server configuration in /var/lib/pgsql/data/postgresql.conf
and set the configuration variable as follows:
escape_string_warning = off
8. Restart the PostgreSQL service to enable the previous performed changes.
bash-4.2# /etc/rc.d/rc.postgresql restart
Restarting PostgreSQL...
waiting for server to shut down.... done
server stopped
server starting
9. Create the required tables for unicornscan inside of PostgreSQL database,
there will be some error messages displayed after entering the password for
psql. These error messages are normal and expected, because the SQL dump
contains a SQL DROP of all tables before the SQL CREATE is performed.
bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/pgsql_schema.sql
Password for user unicornscan:
[...]
bash-4.2# psql --username unicornscan --password unicornscan < /usr/doc/unicornscan-0.*/session.sql
Password for user unicornscan:
[...]
10. Edit the unicornscan configuration file /etc/unicornscan/modules.conf and
check or correct the PostgreSQL database connection settings.
module "pgsqldb" {
dbconf: "user=unicornscan password=scanit! host=localhost dbname=unicornscan";
logpacket: "true";
};
11. Perform a small sample scan and write the output to PostgreSQL database.
bash-4.2# unicornscan www.google.com -e pgsqldb
TCP open http[ 80] from 209.85.129.104 ttl 52
TCP open https[ 443] from 209.85.129.104 ttl 52
|