Having a Go at Gryffin

I was delighted to hear that Yahoo released the scanning platform Gryffin as open source. Nothing beats installing some public domain software to clear the week-end hangover, so let's go.

I created my test server on a Digital Ocean droplet (you get a 10 dollar credit if you register at Digital Ocean through this link). The instructions should work however for any Ubuntu 14.04 LTS server.

Prerequisites

First check your fridge, you will need at least a six-pack of beers since installation will take a lot of time.

I started with my base Ubuntu 14.04 LTS installation as described here.

Execute the following:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install git wget build-essential g++ flex bison gperf ruby perl libsqlite3-dev libfontconfig1-dev libicu-dev curl libcurl3 libcurl4-openssl-dev libfreetype6 libssl-dev libpng12-dev libjpeg-dev python libx11-dev libxext-dev mercurial

GOlang

One of the prerequisites is GOlang, a language I haven't been playing with for a very long time. Time to brush up my knowledge!

Unfortunately, the Ubuntu 14.04 LTS version of GOlang is a bit too old and we need to install it manually.

Download the current version from the Golang repository.

 cd
 wget https://storage.googleapis.com/golang/go1.5.1.linux-amd64.tar.gz
 sudo tar -C /usr/local -xzf go1.5.1.linux-amd64.tar.gz

Add the following line to /etc/profile

 export PATH=$PATH:/usr/local/go/bin

make sure the PATH is loaded:

 source /etc/profile

PhantomJS

Gryffin uses PhantomJS as headless browser. Unfortunately, no pre-made package is available for version 2.x and this needs to be build from source. Time to get that first beer, since compilation will take about two and a half hours.

 cd
 git clone git://github.com/ariya/phantomjs.git
 cd phantomjs
 git checkout 2.0
 ./build.sh
 sudo ln -s $PWD/bin/phantomjs /usr/local/bin/phantomjs 

Scanners

Gryffin comes configured for sqlmap and Arachni. Let's install them both.

 cd
 git clone git://github.com/sqlmapproject/sqlmap.git
 sudo ln -s $PWD/sqlmap/sqlmap.py /usr/local/bin/sqlmap.py

Check the availability of the latest version of Arachni and download the self-contained package:

 cd
 wget https://github.com/Arachni/arachni/releases/download/v1.2.1/arachni-1.2.1-0.5.7.1-linux-x86_64.tar.gz
 tar zxvf tar zxvf arachni-1.2.1-0.5.7.1-linux-x86_64.tar.gz
 cd arachni-1.2.1-0.5.7.1/bin
 for f in arachni*; do sudo ln -s $PWD/"$f" "/usr/local/bin/$f"; done

NSQ

Install NSQ as follows:

 cd
 wget https://s3.amazonaws.com/bitly-downloads/nsq/nsq-0.3.6.linux-amd64.go1.5.1.tar.gz
 tar zxvf nsq-0.3.6.linux-amd64.go1.5.1.tar.gz
 cd nsq-0.3.6.linux-amd64.go1.5.1/bin
 for f in *; do sudo ln -s $PWD/"$f" "/usr/local/bin/$f"; done

Kibana and ElasticSearch

Kibana creates a dashboard for ElasticSearch. Both will run in Docker image.

First we need to install docker and enable your local non-root user to run it. Modify the "igbuend" to your own username!

 cd
 sudo wget -qO- https://get.docker.com/ | sh
 sudo usermod -aG docker igbuend

Log out and log in again. Now run the following:

 docker run hello-world

This should run without problems. Now try the Kibana/ElasticSearch image:

 docker run -p 8080:5601 -p 5000:5000 yukinying/elk

Again this should run without problems.

Gryffin

Finally, we can install Gryffin. Open another shell and execute:

 cd
 mkdir gofiles
 export GOPATH=$PWD/gofiles
 go get github.com/yahoo/gryffin/...

Add the following to your .bashrc file:

 export GOPATH=$PWD/gofiles

This is it! Reboot your server (so you can detect potential errors) and try-out your installation with:

 sudo docker daemon
 docker run -p 8080:5601 -p 5000:5000 yukinying/elk

In another shell type:

 cd
 nsqlookupd &
 nsqd &   
 $GOPATH/bin/gryffin-standalone

And this should start scanning:

$GOPATH/bin/gryffin-standalone http://www.example.com

Probably a lot more configuration is needed, but unfortunately, the documentation is completely missing from the site. Ah, the joys of open source! Anyway, have fun hacking at Gryffin!

Herman Stevens

Just some guy on the internet. Loves technology, diving, travelling, photography and Belgian Trappist beers.