Step-by-Step Guide: Installing and Migrating from Amass V3 to V4 on Linux

Updating Linux System:

It is recommended to update your Linux system to the most recent version of your operating system, run the following command in the terminal:

sudo apt update && sudo apt upgrade -y

Installing Go (version 1.20.6):

• Download the Go file “go1.20.6.linux-amd64.tar.gz” from the link: https://go.dev/doc/install
• Open the terminal in the directory where the Go file is downloaded.

Step-by-step installation:

Step 1: Delete the old version of Go(if previously installed) and replace it with the new version

rm -rf /usr/local/go && tar -C /usr/local -xzf go1.20.6.linux-amd64.tar.gz

(You may need to run the command as root or through sudo)

Step 2: Add /usr/local/go/bin to the PATH environment variable

export PATH=$PATH:/usr/local/go/bin

Step 3: Verify the Go version once it’s installed

go version

Additional Troubleshooting:

If you encounter issues with the Go installation(Eg:- Command ‘go’ not found). This can be resolved by following these steps:

Step 1: Check the location of the Go binary file. In my case it was installed in

/usr/local/go/bin/go

How to identify with the use of “find” command

sudo find / -type f -name "go" 2>/dev/null

This will help you to locate the file in your system and find where go was located

Step 2: Copy the binary file & move it to /usr/bin

cp /usr/local/go/bin/go /usr/bin

When you execute “Go” after doing this, it will be available throughout all of Linux.

Finally, The primary reason we are here is to install Amass 4.

Installing Amass (version 4.0.4):

To install Amass version 4.0.4, follow these steps:

1. Install Go using the following instructions.
2. Install Amass from its GitHub repository (https://github.com/owasp-amass/amass) & commands to follow are provided below

go install -v github.com/owasp-amass/amass/v4/...@master

3. The amass binary file should be under “go directory”.The command to check is

sudo su
cd /root/go/bin/amass

4. Next we go inside “/root/go/bin”

Use the command:-

cp amass /usr/bin

Now we have access to our new amass

Amass version 4.0.4

Now that we have Amass, it is advised to install PostgreSQL first if you are working with a large database as it makes the work much easier.

Amass now has the feature of “sqlite” as our database or data storage format, it also benefits us in terms of data management and retrieval.

The Steps to Install PostgreSQL:-

Choose your operating system and install from the website listed below. I’m using kali, thus I’m using Linux.
https://www.postgresql.org/download/linux/debian/

Use the following commands:

1. Create the file repository configuration

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

2. Import the repository signing key

wget - quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

3. Update the package lists

sudo apt-get update

4. Install the latest version of Postgresql

sudo apt-get -y install postgresql

5. To check if PostgreSQL is installed on Kali Linux, you can use the dpkg package manager command. Open a terminal and run the following command:

dpkg -l | grep postgresql

The dpkg -l command lists all installed packages, and the grep postgresql filters the output to show only the packages containing “postgresql” in their names. If PostgreSQL is installed, you will see a list of related packages and their versions.

6. Additionally, you can also check the status of the PostgreSQL service to see if it’s running:

sudo service postgresql status

Before you run any commands for amass, let’s start the server

sudo service postgresql status

sudo service postgresql start

sudo service postgresql status

Now let’s set up Postgresql
Step one :Create the username and password for postgresql

Open a terminal on your Kali Linux machine/Other OS.

-> Switch to the “postgres” user, which is the superuser for PostgreSQL:

sudo -u postgres psql

-> Create a new PostgreSQL user with the desired username and password:

CREATE USER rishii WITH PASSWORD 'rishii';
 ALTER USER rishii WITH SUPERUSER CREATEDB LOGIN PASSWORD 'rishii';

//just giving some extra permissions to the user “rishii”

-> Let’s check if the role is created
Command to use:-

/du

-> Lets create the database amass
Follow the steps from amass github repo
https://github.com/owasp-amass/amass/blob/master/doc/user_guide.md

-> Now what the above commands does is that, it creates the database named amass

-> If we Still face issues running the above command, create the database manually using below command and list the available databases too.

create DATABASE amass:
CREATE DATABASE

\l

The above mentioned commands create the database named amass and also show the available databases.

psql postgres://rishii:rishii@localhost:5432/amass -c "ALTER DATABASE amass SET TIMEZONE to 'UTC'"

You can access the database in a different terminal

psql postgres://rishii:rishii@localhost:5432/amass

Using the below command exit the PostgreSQL shell:

\q

Note:- If you still face issues in postgres connection just have a look at the Config file of post gres it can be found on “/etc/postgresql/15/main/postgresql.conf “

New Amass Config File Format

Config.yaml:

• The new amass V4 has a different config file from the previous one.We used to utilize “.ini files” , but now we use “.yaml files” . We used to use data sources and config in the same .ini files, but now we have two different files in yaml.
• Example of the file can be found here

https://github.com/owasp-amass/amass/blob/master/examples/config.yaml

• The YAML configuration file is used by the OWASP Amass tool for subdomain enumeration and network mapping.
• It allows users to define the scope of the enumeration by specifying target domain names, IP addresses, CIDR ranges, and ASNs to be included.
• Users can also blacklist specific subdomains, excluding them from the enumeration process.
• The configuration file includes global wordlists for subdomain name generation.
• Users can set DNS resolution options within the configuration file.
• The YAML configuration file helps customize the behavior of OWASP Amass, facilitating efficient and accurate subdomain discovery.

Here’s what the file contains:

1. domains: Specifies the domain names to be included in the scope of the enumeration (e.g., “example.com”).
2. ips: Defines the IP addresses to be included in the scope, supporting various formats, such as single IPs, ranges, and CIDR notation.
3. ASNS: Lists the Autonomous System Numbers (ASNs) that are in scope, helping to focus on specific networks.
4. CIDRS: Specifies CIDR ranges that should be considered within the scope.
5. ports: Indicates the ports to be used when actively probing services during the enumeration.
6. blacklist: Lists subdomains to be blacklisted, preventing them from being enumerated.
7. resolvers: Specifies the resolvers (DNS servers) to be used during the enumeration.
8. datasources: Points to the file containing the data source configuration, aiding in gathering additional information.
9. wordlist: Refers to global wordlists used during the enumeration for subdomain name generation.
10. database: Defines the URI for the PostgreSQL database to store the enumeration results.
11. bruteforce: Specific options for brute-forcing, including enabling it and providing relevant wordlists.
12. alterations: Specific options for domain alterations, including enabling it and providing relevant wordlists.

• The most important item in this file is to check and preserve the same name for the database you create, as well as your username and password. In my case, the file would contain the steps I described in the preceding example for setting up and creating a user and a database.

• So in above example as you can see i have my name as “rishii” password as “rishii” and its listening on localhost port 5432 and the database name is amass
• The datasources.yaml file is expected to be present in the current working directory alongside the config.yaml. However, users have the option to customize the location of the datasources.yaml file as needed.

And for easy access I would recommend keeping the file in one of the below locations. In my case i have copied all the config files in /root/.config/amass as displayed in below example

• You can specify the desired location of config files with the -config option, to specify the location of config file, but it is not recommended to use this, as what happens is when you run amass enum -d example.com you do not need to provide the configuration files; simply enter this, and the configuration files are taken immediately from the default location { $XDG_CONFIG_HOME/amass/config.yaml or $HOME/.config/amass/config.yaml or /etc/amass/config.yaml} when it searches for them, making it much easier to retrieve them.

• Also you can define where you need the database to be stored that is amass.sqlite by doing -dir .
• This will update the output directory with the data that has been scanned and may be utilized, however it is preferable to use postgresql because in the future you may have data in bulk and it can be located in one place because it is shared by one server and helps to maintain the data editable and accessible.

Datasources.yaml:

• Example of the file can be found here

https://github.com/owasp-amass/amass/blob/master/examples/datasources.yaml

• he datasources.yaml file is expected to be present in the current working directory alongside the config.yaml. Users have the option to customize the location of the datasources.yaml file as needed. however the location for this file should be specified in the config.yaml file.
• Keep the data sources you need by inputting the api keys, and delete or comment out the ones you don’t using “#”

Let’s begin the sample scan

Amass enum -d google.com.

Open a database terminal; I’m using the CLI version, but you may use the GUI version if you like.

psql postgres://rishii:rishii@localhost:5432/amass

The below command, launches the database for me

\dt

This will provide a list of all the tables in the database.

• To select a table use this

amass=# SELECT * FROM assets;

So the key advantage of this database is that we can access the data while it is operating; we don’t have to wait until the scan is over; and GUI softwares have a better way of displaying this as well.

Now lets see the GUI version of same database

• I am using the tool https://www.pgadmin.org/download/pgadmin-4-apt/ Here’s how to install pgAdmin4 on Kali Linux using pip:

Install the required dependencies:

sudo apt update

sudo apt install python3-pip python3-venv libglib2.0-bin

Create a Python virtual environment:

python3 -m venv pgadmin

Activate the virtual environment:

source pgadmin/bin/activate

Install pgAdmin4 using pip:

pip install pgadmin4

Configure pgAdmin4:

pgadmin4

During the configuration, it will ask you to set up an email and password for the initial admin user.

Start pgAdmin4:

Pgadmin4

Now, you can access pgAdmin4 by opening your web browser and going to http://localhost:5050. Login using the email and password you set during the configuration.

• Please keep in mind that installing pgAdmin4 using pip may not be the best option because it is not handled by the package manager. If the package is not accessible in the standard repositories, this method should work to get pgAdmin4 operating on Kali Linux.

Now to link your server to pgadmin4

Access pgAdmin4 Web Interface:

-> Open your web browser and navigate to http://localhost:5050 to access the pgAdmin4 web interface.

Log in with Admin Credentials:

-> Enter the email and password you provided during the pgAdmin4 configuration to log in as the admin user.

Add a PostgreSQL Server:

-> After logging in, you’ll be taken to the pgAdmin4 dashboard. To connect to a

-> PostgreSQL server, click on “Add New Server” in the “Quick Links” section or

-> “Servers” in the “Browser” section on the left sidebar.

Configure PostgreSQL Server Details:

-> In the “General” tab, give a name for your server (e.g., “My PostgreSQL Server”).

!!!! In the “Connection” tab, fill in the following details: !!!!

Host name/address: Enter “localhost” or the IP address of your PostgreSQL server.

Port: Default PostgreSQL port is 5432. If you haven’t changed it during installation, keep it as 5432.

Maintenance database: Enter “postgres” or the name of your default database.

Username: Enter the username you created earlier for the PostgreSQL server (e.g., “rishii”).

Password: Enter the password you set for the PostgreSQL user.

Leave other settings as default or modify them as needed.

Save the Server Configuration:

Click on “Save” to add the PostgreSQL server to pgAdmin4.

Connect to the PostgreSQL Server:

Now, you can see your PostgreSQL server listed under the “Servers” section. Click on it to connect. If the connection is successful, you’ll see the list of databases and other server objects in the right panel.

Congratulations! You have successfully connected PostgreSQL to pgAdmin4, and you can now manage your PostgreSQL databases using the graphical interface provided by pgAdmin4.

To view data in PostgreSQL using pgAdmin4, follow these steps:

Navigate to your connected PostgreSQL server in the pgAdmin4 web interface’s “Servers” section on the left sidebar.

• Select the database you want to explore. Its schemas, tables, and other objects will be displayed.
• Expand the “Schemas” and “Tables” sections to see the database’s tables.
• To view the data in a table, right-click on it and pick “View/Edit Data” from the context menu.
• A new tab will appear with the data displayed in a tabular manner. In this view, you can explore, search, and alter the data.
• In the data view, click on the “Edit” or “Insert” icons to change or insert new data.

Please keep in mind that altering and entering data in pgAdmin4 will modify the data in your PostgreSQL database. Be cautious when making changes to the data, especially in a production environment.

pgAdmin4 provides a user-friendly graphical interface for running SQL queries, creating and editing database objects, and managing data in PostgreSQL.

Conclusion :

This step-by-step guide has provided a comprehensive overview of how to install and migrate Amass from version 3 to version 4 on a Linux operating system. The process includes updating the Linux system, installing Go (version 1.20.6), and setting up Amass (version 4.0.4) with the necessary configurations.

The guide also covers additional troubleshooting steps to resolve potential issues with the Go installation and how to install and set up PostgreSQL, which is recommended for working with large databases and facilitates efficient data management and retrieval.

One of the key highlights of the guide is the explanation of the new Amass configuration file format, which uses YAML instead of the previously used .ini files. The YAML configuration file allows users to define the scope of enumeration, specify target domain names, IP addresses, CIDR ranges, and ASNs to be included, and customize the behavior of Amass for efficient subdomain discovery.

The guide also demonstrates how to access and manage the PostgreSQL database using both the command-line interface and the graphical user interface provided by pgAdmin4, which offers a user-friendly way to interact with the database and execute SQL queries, create and edit database objects, and manage data effectively.

By following the steps outlined in this guide, users can successfully install Amass version 4.0.4, set up the required configurations, and work with PostgreSQL for seamless subdomain enumeration and network mapping, making the process of subdomain discovery more accurate and efficient.

Overall, this guide provides valuable instructions and insights for users looking to work with Amass and PostgreSQL on a Linux system, enhancing their capabilities for subdomain enumeration and improving their overall cybersecurity practices.