If you’re planning to run nidhogg with it’s scanning capability, you won’t get around to sadly run it as root. (or with cap rights)
This is due the nmap scanning parameter and arp scanning mechanism.
Ideally you’re using the already created docker, to mitigate some of the security concerns, not all though.
-
libpcap0.8
-
nmap
-
curl
-
sqlite3-0
|
Warning
|
If you’re running Ubuntu chances are high that you’ll need to create a symlink for libpcapln -s /usr/lib/x86_64-linux-gnu/libpcap.so.1.9.1 /usr/lib/x86_64-linux-gnu/libpcap.so.1
|
-
Clone repository or download source
-
Build nidhogg
cargo build --release -
Manually create config files (see example config.yml)
-
Download latest .deb
-
Install with dpkg
dpkg -i xx.deb -
Configure application (/etc/nidhogg/)
Get the Docker image from:
https://hub.docker.com/r/b401/nidhogg
docker run -it --net=host --privileged -v $(pwd)/config.yml:/etc/nidhogg/config.yml -v $(pwd)/mappings.xml:/etc/nidhogg/mappings.xml -v $(pwd)/portspecs.yml:/etc/nidhogg/portspecs.yml b401/nidhogg:final
|
Warning
|
All configflags are mandatory |
See examples for more indepth settings.
Defines most configuration aspects of nidhogg.
All config flags are mandatory but every functionality can be disabled.
Defines which target and which ports should be in a special state.
If a port is undefined, it will be ignored in the final report.
mappings.xml is used to bind a spec to a target.
Special thanks to nmap-analyze