EH-Net

Our friend from Intelguardians and SANS, Kevin Johnson, put together this kewl project. Kudos!


http://sourceforge.net/projects/samurai

Don

Great work by Kevin, and thanks for the heads up Don, downloading now.

cool, Dl'ed the other day but didnt play with it yet.

Downloaded last week but could not get passed the login until today, thanks to Ed. I am running it in VM, it boots up and works well but when u try to restart the VM it crashes.

VJ

Default login is samurai : samurai in case anyone else was unsure.

There's a good review/partial how-to of Samurai on last week's pauldotcom.com podcast.

Aside from the web testing tools on this distro, they did something really cool:
they put a local wiki to take notes with while you are pen-testing, then you can export the wiki when you are done.

Has anyone tried to run SamuraiWTF in VMware.
If so, what were your network settings?

Having trouble getting it out to the internet.

Hi Akolyte,

I've run Samurai in VMWare for a few different jobs, working with both the liveCD (booted on VMWare guest) and the official VM image (version 0.6). Ran fine for me in both NAT and Bridged VMWare networking modes without issue.

Can you provide any additional info to help diagnose your problems?

• Static or DHCP IP?
• VMWare mode tried?
• Can you reach your gateway IP?
• Can you reach other machines on the network?
• Can other machines on local network reach your Samurai virtual machine?

Hi

Does anyone know what the root password is for samurai wtf and also has anyone managed to convert it into a VM instead of running it as a live CD in a vm?

Cheers

Not sure if this still applies though.

I've downloaded the most up-to-date liveCD and samurai:samurai was required.

You need to use the "sudo" command for root privileges.  Hope this helps.

Unfortunately I didnt fully read your post! The installer is on the desktop and is called ubiquity-gtkui.desktop. Double click it and enter the password samurai.

This will launch the installer for you.

Hope this helps!
n1p

great spot! i had a little training/workshop the other day from IBM on Rational Appscan and was impressed by the features. i was wondering if there were any good open source alternatives for web app scanning so i guess i will have to try samuraiWTF!

??? Can you help  have samurai installed in VMware toolstation starts no problem when i type in airmon- start wlan0 it keeps saying command not recognized or aireplay-ng can you tell me what i am doing wrong please it looks like a cool machine help please many thanks colin.

I hadn't looked, previously, but does Samurai even include those tools?  It's  web app pentesting platform, not a wireless hacking platform?  (Maybe it does, but while I've used it plenty to test web apps, I've never looked for aireplay in it, etc...)  For aireplay, I use BackTrack...

Yeah, you beat me to it :P

@just need help - This is a Web Testing Platform, hence the WTF. So it certainly wont include the tools for Wireless auditing. You are obviously free to install them though..

Just use Backtrack for this...

When I'm not pegged to the wall with projects, occasionally I'm the first to catch the little stuff.   ::)

Some days are better than others...

trust me, its hard to beat Hayabusa with sharp remarks ;)

on topic again: i would love to see a comparison on web functionality between SamuraiWTF and lets say IBM rational app scan. Maybe when i get a little time this would be a nice job for myself...