forked from zeroq/amun
-
Notifications
You must be signed in to change notification settings - Fork 3
/
INSTALL
51 lines (44 loc) · 1.92 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
-- Amun: Installation Instructions --
:: Requirements:
- Python >= 2.6
- (optional) Python Psyco (available at http://psyco.sourceforge.net/)
- (optional) MySQLdb if submit-mysql or log-mysql is used
- (optional) psycopg2 if log-surfnet is used
:: Installation:
- change the amun.conf file to fit your needs (conf/amun.conf)
- set the ip address for amun to listen on (0.0.0.0 to listen on all)
- start the software with "./amun_server"
- stop the software with strg+c
:: Max Open Files:
- To increase the maximum number of open files on Linux:
- echo "104854" > /proc/sys/fs/file-max
- ulimit -Hn 104854
- ulimit -n 104854
- To increase the maximum number of open files on BSD:
- sysctl kern.maxfiles=104854
- ulimit -Hn 104854
- ulimit -n 104854
:: Logging
- all logging information are stored in the "logs" directory
- amun_server.log
- contains general information, errors, and alive messages of the amun server
- amun_request_handler.log
- contains information about unknown exploits and not matched exploit stages
- analysis.log
- contains information about manual shellcode analysis (performed via the -a option)
- download.log
- contains information about all download modules (ftp, tftp, bindport, etc...)
- exploits.log
- contains information about all exploits that where triggert
- shellcode_manager.log
- contains information and errors of the shellcode manager
- submissions.log
- contains information about unique downloads
- successfull_downloads.log
- contains information about all downloaded malware
- unknown_downloads.log
- contains information about unknown download methods
- vulnerabilities.log
- contains information about certain vulnerability modules
:: Parameters
- amun can be executed with -a parameter to analyse a given file for known shellcode