Closed truesamurai closed 4 years ago
You need ssdeep wrapper for Python. Try searching for python3-ssdeep package.
You need ssdeep wrapper for Python. Try searching for python3-ssdeep package.
When I try to install ssdeep package I get massive error:
`Collecting ssdeep
Using cached https://files.pythonhosted.org/packages/e0/d3/f17602a7dde1231d332f4067fdd421057ffe335c3bbc295e7ccfab769d95/ssdeep-3.4.tar.gz
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-tyc602uy/ssdeep/setup.py'"'"'; __file__='"'"'/tmp/pip-install-tyc602uy/ssdeep/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base pip-egg-info
cwd: /tmp/pip-install-tyc602uy/ssdeep/
Complete output (102 lines):
running egg_info
creating pip-egg-info/ssdeep.egg-info
writing pip-egg-info/ssdeep.egg-info/PKG-INFO
writing dependency_links to pip-egg-info/ssdeep.egg-info/dependency_links.txt
writing requirements to pip-egg-info/ssdeep.egg-info/requires.txt
writing top-level names to pip-egg-info/ssdeep.egg-info/top_level.txt
writing manifest file 'pip-egg-info/ssdeep.egg-info/SOURCES.txt'
src/ssdeep/__pycache__/_ssdeep_cffi_a28e5628x27adcb8d.c:213:14: fatal error: fuzzy.h: Bestand of map bestaat niet
213 | #include "fuzzy.h"
| ^~~~~~~~~
compilation terminated.
Traceback (most recent call last):
File "/usr/lib/python3.7/distutils/unixccompiler.py", line 118, in _compile
extra_postargs)
File "/usr/lib/python3.7/distutils/ccompiler.py", line 910, in spawn
spawn(cmd, dry_run=self.dry_run)
File "/usr/lib/python3.7/distutils/spawn.py", line 36, in spawn
_spawn_posix(cmd, search_path, dry_run=dry_run)
File "/usr/lib/python3.7/distutils/spawn.py", line 159, in _spawn_posix
% (cmd, exit_status))
distutils.errors.DistutilsExecError: command 'x86_64-linux-gnu-gcc' failed with exit status 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/ffiplatform.py", line 51, in _build
dist.run_command('build_ext')
File "/usr/lib/python3.7/distutils/dist.py", line 985, in run_command
cmd_obj.run()
File "/usr/lib/python3/dist-packages/setuptools/command/build_ext.py", line 84, in run
_build_ext.run(self)
File "/opt/buster/.eggs/Cython-0.29.13-py3.7-linux-x86_64.egg/Cython/Distutils/old_build_ext.py", line 186, in run
_build_ext.build_ext.run(self)
File "/usr/lib/python3.7/distutils/command/build_ext.py", line 340, in run
self.build_extensions()
File "/opt/buster/.eggs/Cython-0.29.13-py3.7-linux-x86_64.egg/Cython/Distutils/old_build_ext.py", line 194, in build_extensions
self.build_extension(ext)
File "/usr/lib/python3/dist-packages/setuptools/command/build_ext.py", line 205, in build_extension
_build_ext.build_extension(self, ext)
File "/usr/lib/python3.7/distutils/command/build_ext.py", line 534, in build_extension
depends=ext.depends)
File "/usr/lib/python3.7/distutils/ccompiler.py", line 574, in compile
self._compile(obj, src, ext, cc_args, extra_postargs, pp_opts)
File "/usr/lib/python3.7/distutils/unixccompiler.py", line 120, in _compile
raise CompileError(msg)
distutils.errors.CompileError: command 'x86_64-linux-gnu-gcc' failed with exit status 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-install-tyc602uy/ssdeep/setup.py", line 165, in <module>
ext_package="ssdeep",
File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 145, in setup
return distutils.core.setup(**attrs)
File "/usr/lib/python3.7/distutils/core.py", line 148, in setup
dist.run_commands()
File "/usr/lib/python3.7/distutils/dist.py", line 966, in run_commands
self.run_command(cmd)
File "/usr/lib/python3.7/distutils/dist.py", line 985, in run_command
cmd_obj.run()
File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 296, in run
self.find_sources()
File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 303, in find_sources
mm.run()
File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 534, in run
self.add_defaults()
File "/usr/lib/python3/dist-packages/setuptools/command/egg_info.py", line 570, in add_defaults
sdist.add_defaults(self)
File "/usr/lib/python3.7/distutils/command/sdist.py", line 226, in add_defaults
self._add_defaults_python()
File "/usr/lib/python3/dist-packages/setuptools/command/sdist.py", line 127, in _add_defaults_python
build_py = self.get_finalized_command('build_py')
File "/usr/lib/python3.7/distutils/cmd.py", line 299, in get_finalized_command
cmd_obj.ensure_finalized()
File "/usr/lib/python3.7/distutils/cmd.py", line 107, in ensure_finalized
self.finalize_options()
File "/usr/lib/python3/dist-packages/setuptools/command/build_py.py", line 34, in finalize_options
orig.build_py.finalize_options(self)
File "/usr/lib/python3.7/distutils/command/build_py.py", line 45, in finalize_options
('force', 'force'))
File "/usr/lib/python3.7/distutils/cmd.py", line 287, in set_undefined_options
src_cmd_obj.ensure_finalized()
File "/usr/lib/python3.7/distutils/cmd.py", line 107, in ensure_finalized
self.finalize_options()
File "/tmp/pip-install-tyc602uy/ssdeep/setup.py", line 24, in finalize_options
self.distribution.ext_modules = get_ext_modules()
File "/tmp/pip-install-tyc602uy/ssdeep/setup.py", line 79, in get_ext_modules
binding.verify()
File "/tmp/pip-install-tyc602uy/ssdeep/src/ssdeep/binding.py", line 132, in verify
libraries=self._libraries,
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/api.py", line 464, in verify
lib = self.verifier.load_library()
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/verifier.py", line 104, in load_library
self._compile_module()
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/verifier.py", line 201, in _compile_module
outputfilename = ffiplatform.compile(tmpdir, self.get_extension())
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/ffiplatform.py", line 22, in compile
outputfilename = _build(tmpdir, ext, compiler_verbose, debug)
File "/opt/buster/.eggs/cffi-1.12.3-py3.7-linux-x86_64.egg/cffi/ffiplatform.py", line 58, in _build
raise VerificationError('%s: %s' % (e.__class__.__name__, e))
cffi.VerificationError: CompileError: command 'x86_64-linux-gnu-gcc' failed with exit status 1
----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
`
This should resolve it: sudo apt install libfuzzy-dev
looks good in linux, there a windows version of that package?
Also looks like the GeoIP package is missing GeoIP.h file, but not the same issue.
Scratch the issue with GeoIP (at least on Kali). RTFM...
sudo apt install python3-dnspython python3-tld python3-geoip python3-whois \ python3-requests python3-ssdeep
Still curious about windows support, though.
GeoIP and ssdeep are just wrappers for C libraries which require compilation prior installing from PIP. You need to have essential build tools installed.
I have made sure that I have the latest version of ssdeep however it seems as though the ssdeep command doesn't work. All that happens is a percentage of the original site (Which is 100% btw) and nothing else
The fuzzy hashing feature aims to detect mirrored web pages which are naturally very similar at HTML layer with the original one. Can you share the input domain you're scanning?
I ran it on github.com. Now that I have looked through the results, it seems that it only returns a few percentages.
I am not getting any Fuzzy results from anything right now. I switched to your container and still no fuzzy scores.
I am not getting any Fuzzy results from anything right now. I switched to your container and still no fuzzy scores.
Sorry, figured it out. I had to --format it before I piped it to another file. Thanks!
Please note that the latest version of dnstwist is a bit smarter when it comes to detecting live phishing webpages with fuzzy hashes (reduced the number of false positives). Displays ssdeep scores only if effective URL does not match for the original domain name.
pip install ssdeep
I have ssdeep already installed, but dntwist gives me this error:
dnstwist.py: notice: missing module: ssdeep (fuzzy hashes not available)
I'm on latest Kali version. Any idea how to fix?