Reference page:

Mulval is a commonly used network security analysis tool that uses a vulnerability scanner to scan for network vulnerabilities, and then generates attack graphs for security analysis. The tool has been tested for normal operation under Mac and Linux, and its official website is as follows:

http://people.cs.ksu.edu/~xou/argus/software/mulval/readme.html

Its normal operation depends on mysql, xsb, and graphviz. So install these software first.

1. Install xsb

xsb is used for logical reasoning and deduction. The download URL is as follows:

http://xsb.sourceforge.net/downloads/downloads.html

I downloaded the linux version, namely

XSB.tar.gz

After the download is complete, create a tools folder in the /home directory, unzip the file, and then run the following commands in sequence:

cd /home/tools/XSB/bulid
./configure
./makexsb

After displaying "Now you can run XSB...." successfully compiled, add system environment variables:

export PATH=/home/paris/tools/XSB/bin:$PATH

At this point, the xsb configuration is complete.

2. Install graphviz tool

graphviz is a graphics software for drawing pictures. Used to draw the final attack map. The installation method is as follows:

sudo apt-get install graphviz graphviz-doc

3. Install mariadb (that is, an open source compatible version of mysql)

Since mysql was acquired by Oracle, Kali has gradually reduced its support. So I installed the basically compatible "sister version" of mariadb.

apt-get install mariadb-client
apt-get install mariadb-server

Then the configuration file

 vi /etc/mysql/my.cnf

The main code is as follows:

[client-server]
default-character-set=utf8
port = 3306
socket    = /tmp/mysql.sock
[mysql]
[mysqld]
basedir=/usr/local/mysql/
datadir=/usr/local/mysql/data/mysql
#character-set-server=utf8

The configuration is complete.

4. Install Mulval

The installation instructions are inhttp://people.cs.ksu.edu/~xou/argus/software/mulval/readme.html

After decompressing in the same folder as xsb, run the following commands to set environment variables:

export MULVALROOT=/home/paris/tools/mulval
export PATH=$MULVALROOT/bin:$MULVALROOT/utils:$PATH

5. Test

After the installation is complete, test (preferably in the installation folder):

cd /home/tools/mulval
make

start testing:

cd /home/tools/mulval/utils
chmod u+x graph_gen.sh
cd /home/tools/mulval/testcases/3host
graph_gen.sh input.P -v -p

Finally, if an AttachGraph.eps file is successfully generated, that is, an example attack graph: