Just sharing my experience in installing w3af (1.6) on Kali 1.0.4

The default version installed on Kali 1.0.4 is Ver 1.2 and do not work properly. If we run from the menu, the splash screen will come and disappear, w3af GUI will not be launched. If you run through terminal we can see actually an exception is occurred ( "w3afException: There was an error while importing plugins.discovery.wordnet: "No module named nltk.corpus.util"" )...

The exception details are reported and the workaround is available in http://bugs.kali.org/view.php?id=197. These steps will succeeds and stops the exception, however the version is still 1.2 and do not upgraded to 1.5.

If we need w3af 1.5 version we can get this as I tried follows.

Ensure your sources.list file has the following two entries:

deb http://http.kali.org/kali kali main contrib non-free
deb http://security.kali.org/kali-security kali/updates main contrib non-free

Then proceed as

1. apt-get update
2. apt-get upgrade
3. apt-get remove 3waf
4. cd /usr/share
5. rm -rf w3af
6. git clone https://github.com/andresriancho/w3af.git
7. cd w3af
8. ./w3af_gui
9. You will get the list of depended package for running the latest w3af, a script will be generated in the following path: /tmp/w3af_dependency_install.sh
10. cd /tmp
11 ./w3af_dependency_install.sh - this will install the missing package..
12. w3af
13. After launching go to help -> About menu : see the version of w3af. see the attached image.

Hope this helps !

Thanks for posting a solution!

Please note, by doing this you become responsible for updating the tool yourself (and installing any dependencies).

Since you shouldn’t be messing with packaged files, the most common option is to svn or git checkout $your_favorate_tool in a temporary directory and use it from there as shown below. In most cases, all the dependencies needed for the updated tool will usually already exist in Kali. Alternatively, you could opt to rebuild the source package, which includes your updates and changes.


cd ~
mkdir work
cd work
git clone $your_favorate_tool
cd $your_favorate_tool
./your_favorate_tool

Source: Bleeding Edge Kali Linux (http://www.kali.org/kali-monday/bleeding-edge-kali-repositories/)

Hi g0tmi1k

Thank you for correcting me.

Even after adding the bleeding edge, getting the old version of w3af.

Thats because w3af isn't (yet) in the bleeding edge repos.
Not all tools are - however the dev team is adding to it all the time.

thankx Bro , i does all the think you mentioned !
but when i enter to the program i got this errors :

The profile you are trying to load (/root/.w3af/profiles/audit_high_risk.pw3af) seems to be outdated, this is a common issue which happens when the framework is updated and one of its plugins adds/removes one of the configuration parameters referenced by a profile, or the plugin is removed all together.

The profile was loaded but some of your settings might have been lost. This is the list of issues that were found:

- The profile references the "output.gtkOutput" plugin which is unknown.
- The profile references the "audit.osCommanding" plugin which is unknown.
- The profile references the "audit.blindSqli" plugin which is unknown.
- The profile references the "audit.remoteFileInclude" plugin which is unknown.
- The profile references the "audit.fileUpload" plugin which is unknown.
- Setting the options for plugin "audit.eval" raised an exception due to unknown or invalid configuration parameters. The OptionList doesn't contain an option with the name: "useTimeDelay"

We recommend you review the specific plugin configurations, apply the required changes and save the profile in order to update it and avoid this message. If this warning does not disappear you can manually edit the profile file to fix it.

im not really good in english , so what this thinks mean & how i can correct that !!
thank you !

Not a good way it give errors while selecting profiles and audits.

thanks .it's helpful

kali to update repositories
deb http://security.kali.org/kali-security kali / updates main contrib non - free
deb http://repo.kali.org/kali bleeding-edge kali main
deb http://http.kali.org/ / kali main contrib non - free
deb http://http.kali.org/ / wheezy main contrib non - free
kali -dev deb http://http.kali.org/kali main contrib non - free
kali -dev deb http://http.kali.org/kali main / debian -installer
deb -src -dev http://http.kali.org/kali kali main contrib non - free
deb http://http.kali.org/kali kali main contrib non - free
deb http://http.kali.org/kali kali main / debian -installer
deb -src http://http.kali.org/kali kali main contrib non - free ...
kali update after this is what tells me w3af with upgrades
w3af_gui
Starting w3af , running on:
Python version:
2.7.3 (default , Jan February 2013 , 16:53:07 )
[ GCC 4.7.2 ]
GTK version: 2.24.10
PyGTK version: 2.24.0

w3af - Web Application Attack and Audit Framework
Version: 1.2
Revised: unknown
Distribution : Debian
Author: Andres Riancho and the w3af team .
Traceback (most recent call last ) :
File " / usr/share/w3af/w3af_gui " , line 84 , in <module>
errCode = main ( )
File " / usr/share/w3af/w3af_gui " , line 81 , in main
core.ui.gtkUi.main.main (profile , doupdate )
File " / usr/share/w3af/core/ui/gtkUi/main.py " , line 858, in main
MainApp (profile , do_upd )
File " / usr/share/w3af/core/ui/gtkUi/main.py " , line 406, in __ init__
self.pcbody = pluginconfig.PluginConfigBody (self, self.w3af )
File " / usr/share/w3af/core/ui/gtkUi/pluginconfig.py " , line 620, in __ init__
self._buildpan self.pan = ()
File " / usr/share/w3af/core/ui/gtkUi/pluginconfig.py " , line 638, in _buildpan
self.std_plugin_tree = PluginTree ( self.w3af , " standard" , self.config_panel )
File " / usr/share/w3af/core/ui/gtkUi/pluginconfig.py " , line 241 , in __ init__
self._getEditablePlugin if (plugin , plugintype ) :
File " / usr/share/w3af/core/ui/gtkUi/pluginconfig.py " , line 296 , in _getEditablePlugin
plugin = self.w3af.plugins.getPluginInstance ( pname , ptype )
File " / usr/share/w3af/core/controllers/coreHelpers/plugins.py " , line 237, in getPluginInstance
pluginInst = factory ( ' plugins. ' + pluginType + '. ' + pluginName )
File " / usr/share/w3af/core/controllers/misc/factory.py " , line 49 , in factory
w3afException raise ( ' There was an error while importing ' + moduleName + ' "' + str ( ie) + ' " .')
w3afException : There was an error while importing plugins.discovery.wordnet : " No module named nltk.corpus.util " .

Plugins family DISCOVERY is missing from w3af 1.6 Kali install. Any thoughts about how can I get this aspect resolved? :confused:

Thanks.