-
Notifications
You must be signed in to change notification settings - Fork 128
SamuraiWTFBuildNotes
This page covers steps, caveats, hacks, etc... to get from a canned Vagrant build to a fully running SamuraiWTF environment that can be distributed in class. This guide assumes the target environment is a Virtual Box VM, but an export from Virtual Box should work for other virtual providers such as VMWare.
First you will need Vagrant and Virtual Box (unless you have a different supported Vagrant provider already working) installed. This should work fine on Windows, OSX, and most common flavors of Linux. Then:
- clone this repo
- navigate into the project's base folder where the Vagrantfile exists
- run
vagrant up - wait... really. Be patient. Don't try to interact with the VM window that pops up until the Vagrant script is 100% done or you might break things.
Login (samurai/samurai) and perform the following tweaks, using a right-click anywhere on the desktop to bring up the application menu:
Start up Chrome and make the following changes:
- import the bookmarks file ~/chrome_bookmarks.html. If this worked you should have a set of bookmarks starting with dojo-basic.
- Select the Reset DB bookmark. Currently the dojo basic database does not self-initialize.
- Open up the preferences and unselect all the features where Chrome tries to be helpful, such as remembering passwords, auto-correcting URLs, etc... We want to minimize how much these features interfere with the test.
Foxy Proxy is a Chrome and Firefox extension. Set up a Foxy Proxy entry to listen on localhost port 8080. This will be used by the interception proxy (typically Burp or Zap).
If using Burp, some Burp plugins can be found in the samurai user's Downloads folder. These can be installed using the BappStore's manual install button. This is only necessary when students may not have Internet access.