Updated INSTALL and README (added steps for Windows installation of

devloop · devloop · commit 71b535cdf1be · 2013-10-16T06:35:37.000Z
requirements)
Updated example.txt as I remove .py extension on scripts.
Updated make_exe.py to add icons to scripts + added icons to the svn.
diff --git a/INSTALL b/INSTALL
@@ -1,3 +1,41 @@
-No installation procedure is available for the moment.
-Just extract the archive and launch Wapiti with
-python wapiti.py
+Wapiti installation
+===================
+
+You do not have to "install" the software on your system to make it work.
+If you have all the requirements on your system, just extract the tarball and launch the "wapiti" command line in
+the "bin" folder :
+./bin/wapiti (when you are in the extracted tarball)
+or
+python bin/wapiti (if your system can't execute the script directly)
+
+
+Installation on Unix-like systems
+=================================
+
+If you really want to install Wapiti on your system, launch the setup.py script with the following command :
+python setup.py install
+It will copy the wapiti libraries (wapitiCore) in your Python installation and place the executables in a "bin" system
+directory (eg: /usr/local/bin).
+
+
+Using Wapiti on Windows systems
+===============================
+
+If you don't want to install all the requirements to use Wapiti on Windows you should look for a standalone package
+made with py2exe (see the available downloads on SourceForge).
+Then, just download and extract the zip archive and launch wapiti.exe from the Windows command line.
+
+
+Installing Wapiti requirements on Windows
+=========================================
+
+You can't install Wapiti on a Windows system but if (for some reasons) you really want to install all the
+requirements then :
+
+* Download a Python 2.7.5 (or more recent) installer for your platform from http://python.org/download/
+* Install it and change the PATH environment variable to append the Python path
+* Download a requests archive from http://docs.python-requests.org/en/latest/user/install/
+* Extract the archive and call the setup.py script from the archive with "python setup.py install"
+* Download BeautifulSoup 3 from http://www.crummy.com/software/BeautifulSoup/
+* Extract the archive and call the setup.py script from the archive with "python setup.py install"
+
diff --git a/README b/README
@@ -44,7 +44,7 @@ Browsing features
 + Safeguards against scan endless-loops (max number of values for a parameter)
 + Possibility to set the first URLs to explore (even if not in scope)
 + Can exclude some URLs of the scan and attacks (eg: logout URL)
-+ Import of cookies (get them with the cookie.py and getcookie.py tools)
++ Import of cookies (get them with the wapiti-cookie and wapiti-getcookie tools)
 + Can activate / deactivate SSL certificates verification
 + Extract URLs from Flash SWF files
 + Try to extract URLs from javascript (very basic JS interpreter)
@@ -178,12 +178,14 @@ Source code structure (wapitiCore directory)
 |   `-- language.py
 |
 |-- language_sources
+|   |-- de.po
 |   |-- en.po
 |   |-- es.po
 |   |-- file_list.txt
 |   |-- fr.po
 |   |-- generateSources.sh  # Script to generate .po files from source code
-|   `-- generateTranslations.sh  # Script to compile .po files to .mo files
+|   |-- generateTranslations.sh  # Script to compile .po files to .mo files
+|   `-- ms.po
 |
 |-- net
 |   |-- HTTP.py    # Wrapper around python-requests, contains HTTP,
@@ -221,3 +223,10 @@ Source code structure (wapitiCore directory)
         |-- kube.buttons.js
         `-- kube.tabs.js
  
+
+Licensing
+=========
+
+Wapiti is released under the GNU General Public License version 2 (the GPL).
+Source code is available on SourceForge :
+https://sourceforge.net/projects/wapiti/
diff --git a/doc/cookie.ico b/doc/cookie.ico
diff --git a/doc/example.txt b/doc/example.txt
@@ -1,15 +1,15 @@
-First, I use wapiti-getcookie.py to login in the restricted area and get the cookie in cookies.json :
+First, I use wapiti-getcookie to login in the restricted area and get the cookie in cookies.json :
 
-bash-4.2$ python bin/wapiti-getcookie.py /tmp/cookies.json http://127.0.0.1/vuln/login.php
+bash-4.2$ python bin/wapiti-getcookie /tmp/cookies.json http://127.0.0.1/vuln/login.php
 <Cookie PHPSESSID=OLPNLIEBPEFELBIFGMKJEKOD for 127.0.0.1/>
 Please enter values for the following form: 
 url = http://127.0.0.1/vuln/login.php
 username (default) : admin
 password (letmein) : secret
 <Cookie PHPSESSID=OLPNLIEBPEFELBIFGMKJEKOD for 127.0.0.1/>
 
-It can also be done with wapiti-cookie.py this way :
-python bin/wapiti-cookie.py /tmp/cookies.json http://127.0.0.1/vuln/login.php username=admin password=secret
+It can also be done with wapiti-cookie this way :
+python bin/wapiti-cookie /tmp/cookies.json http://127.0.0.1/vuln/login.php username=admin password=secret
 
 Then, I scan the vulnerable website using the cookie and excluding the logout script :
 
diff --git a/doc/wapiti.ico b/doc/wapiti.ico
diff --git a/make_exe.py b/make_exe.py
@@ -66,10 +66,16 @@ def build_file_list(results, dest, root, src=""):
     console=[
         {
             "script": "bin/wapiti",
-            "icon_resources": [(1, "wapiti.ico")]
+            "icon_resources": [(1, "doc/wapiti.ico")]
         },
-        "bin/wapiti-cookie",
-        "bin/wapiti-getcookie"
+        {
+            "script": "bin/wapiti-cookie",
+            "icon_resources": [(1, "doc/cookie.ico")]
+        },
+        {
+            "script": "bin/wapiti-getcookie",
+            "icon_resources": [(1, "doc/cookie.ico")]
+        }
     ],
     classifiers=[
         'Development Status :: 5 - Production/Stable',
