Tuesday, August 12, 2014

kali linux - Openvas with Greenbone security assistant

so i assume you had install the kali linux and ready to install openvas

Installation

openvas-mkcert
this will create the ssl cert for openvas program

openvas-nvt-sync
this will sync the Openvas NVT database with the latest NVT and get the latest vulnerability checks

openvas-mkcert-client -n om -i
openvasmd --rebuild
this will generate a client certificate and rebuild the database

openvassd
this will start the Openvas scanner and load all plugins

openvasmd --rebuild
openvasmd --backup
this will rebuild and create backup of the database

opevas-adduser
this will create a normal user

  • enter login name
  • just press enter for auth request
  • enter the password twice
  • for rules, just skip by press Ctrl + D
  • press y to add the user
openvasmd -p 9390 -a 127.0.0.1
openvasad -a 127.0.0.1 -p 9393
gsad --http-only --listen=127.0.0.1 -p 9392
this will configure the port that openvas will use
the port 9392 is for the browser and you can change it for other port

now you can access OpenVAS at your browser using http://127.0.0.1:9392
you should be able to see GreenBone Security Assistant login pages


Login with your admin account


(Optional)
there are other easier method to start and stop Openvas after done all this.
for myself, i just use script provide by Lazykali.
just download the folder and script and save it in 1 folder and execute it using command
you can get the script at the below link

------------------------------------------------------------------------------------------------------------

Setup

after you login,
lets start up to scan your own laptop as an example

click on Configuration > Targets



you should be able to see it got Localhost in the list, so lets add a new one into it by click the star button in red highlight as pic below



Then you give it a name and key in the IP or URL you want to scan.
Other things just left it default and click Create Target




Now you should be saw your new target added to the list.
ok, lets proceed to create a new task
click on Scan Management > New Task



Fill in the details mark in Red arrow
for the scan config, there are 4 option for you to choose (ignore test and vulne as i create it myself when i playing around). for now, i choose Full and very deep ultimate to see what it can scan and report later.



Scan target, choose the new target you created just now and click create task



Now you should be able to see your newly created task there and the status is "New"
click the play button in red highlight like the pic below to start the scan
the scan might take some time



When it done, you should be seeing something like in pic below
just click on the date itself on the for the report


then click on the red highlight button like show on the pic below for the report



For more info,
please see the video from NetSecNow as I also learn mine from there
OpenVas guide from NetSecNow