Using Backtrack 4: Information Gathering: Dradis Server and Client

Dradis Server and Client

Purpose:

To provide an online database application to manage information gathered by a team during exploits or penetration tests.

Discussion:

There are two components here. The first thing you’ll need to do is start the server, how to do this isn’t immediately obvious. The opening screen, below, tells you how to do it – but if you’ve launched a shell by clicking Menu > Backtrack > Information Gathering > Dradis Server, you’re not in the right place. You’ll be at
/pentest/misc/dradis/server/script
but you’ll need to run

cd script/

to then start the server:

ruby server &

Now open a web browser to http://localhost:3004, and if everything’s good you’ll see your server is running because you’re presented with a login screen. Just this once, you can enter a user name and password, and you’re good to go. However, don’t forget this user name and password!

At this point, go read the tutorial at Question-Defense.com linked below.

Opening Screen:

=> Booting WEBrick…
Usage: ruby server [options]
-p, –port=port                  Runs Rails on the specified port.
Default: 3004
-b, –binding=ip                 Binds Rails to the specified ip.
Default: 127.0.0.1
-e, –environment=name           Specifies the environment to run this server under (test/development/production).
Default: development
-m, –mime-types=filename        Specifies an Apache style mime.types configuration file to be used for mime types
Default: none
-d, –daemon                     Make Rails run as a Daemon (only works if fork is available — meaning on *nix).
-u, –debugger                   Enable ruby-debugging for the server.
-c, –charset=charset            Set default charset for output.
Default: UTF-8
-h, –help                       Show this help message.

Stage:

Information gathering

Home Page:

http://dradisframework.org

Tutorial:

http://www.question-defense.com/2010/06/09/backtrack-4-information-gathering-dradis-effective-information-sharing

Leave a Reply