kali环境下载openvas
下载命令
apt-get install openvas
安装命令
openvas-setup
未找到命令执行以下命令等待3到5小时左右
sudo gvm-setup
sudo gvm-start
出现以下报错
ERROR: The default postgresql version is not 13 required by libgvmd
解决办法
默认情况下,Kali附带了postgres 12,但OpenVAS(gvm)安装了版本postgres 13。Postgres 13侦听的端口为5433。但是OpenVAS仍在寻找5432。
查看默认安装的版本
如果是postgres 11版本的更改
vi /etc/postgresql/11/main/postgresql.conf
如果是postgres 12版本的更改
vi /etc/postgresql/12/main/postgresql.conf
把端口号改成其他端口(比如 5555)改完后重启
重启
service postgresql restart
重新执行
gvm-setup
检测
openvas-check-setup
没有安装成功就先配置安装源
注册账号
openvasmd --create-user=root --password=root --role=Admin
开启
openvas start
登录地址
https://127.0.0.1:9392
BT5使用openvas
#配置OPenVAS,生成证书文件 root@bt:~# openvas-mkcert -q /usr/local/var/lib/openvas/private/CA created /usr/local/var/lib/openvas/CA created root@bt:~# openvas-mkcert-client -n om -i Generating RSA private key, 1024 bit long modulus ...........................................++++++ ....++++++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.2078/stdC.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'DE' localityName :PRINTABLE:'Berlin' commonName :PRINTABLE:'om' Certificate is to be certified until Oct 16 01:16:12 2021 GMT (365 days) Write out database with 1 new entries Data Base Updated User om added to OpenVAS. #升级NVT库 root@bt:~# openvas-nvt-sync [i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'. [i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'. [i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'. [i] NVT dir: /usr/local/var/lib/openvas/plugins [i] rsync is not recommended for the initial sync. Falling back on http. [i] Will use wget [i] Using GNU wget: /usr/bin/wget [i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [i] Downloading to: /tmp/openvas-nvt-sync.mATVkqNMDB/openvas-feed-2020-10-15-2109.tar.bz2 --2020-10-15 21:16:40-- http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Resolving www.openvas.org... 45.135.105.67, 2a0e:6b40:10::67 Connecting to www.openvas.org|45.135.105.67|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [following] --2020-10-15 21:16:45-- https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Connecting to www.openvas.org|45.135.105.67|:443... connected. OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version Unable to establish SSL connection. [i] Checking dir: ok [i] Checking MD5 checksum: /usr/bin/md5sum: /usr/local/var/lib/openvas/plugins/md5sums: No such file or directory not ok Error: md5sums not correct. Your NVT collection might be broken now. Please try this for details: cd "/usr/local/var/lib/openvas/plugins" ; /usr/bin/md5sum -c "/usr/local/var/lib/openvas/plugins/md5sums" | less #初始化操作 root@bt:~# openvassd All plugins loaded root@bt:~# openvasmd --migrate root@bt:~# openvasmd --rebuild #添加管理员角色 root@bt:~# openvasad -c 'add_user' -n admin -r "Admin" Enter password: ad main:MESSAGE:2469:2020-10-15 21h42.29 EDT: No rules file provided, the new user will have no restrictions. ad main:MESSAGE:2469:2020-10-15 21h42.29 EDT: User admin has been successfully created. #启动openVAS Scanner root@bt:~# openvassd --listen=127.0.0.1 --port=9391 All plugins loaded root@bt:~# openvasmd --database=/usr/local/var/lib/openvas/mgr/tasks.db --slisten=127.0.0.1 --sport=9391 --listen=0.0.0.0 --port=9390 root@bt:~# /pentest/misc/openvas/openvas-check-setup openvas-check-setup 2.1.5 Test completeness and readiness of OpenVAS-4 (add '--v5' if you want to check for OpenVAS-5) Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 3.2.5. OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem. ERROR: The NVT collection is very small. FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync. ERROR: Your OpenVAS-4 installation is not yet complete! Please follow the instructions marked with FIX above and run this script again. If you think this result is wrong, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
多人共享使用GSA服务
gsad --listen=0.0.0.0 --port=9392 --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 --http-only
back track 5 命令行模式转桌面模式命令
startx
网络登录地址
http://localhost:9392
启动脚本 start_openvas.sh
openvas-nvt-sync openvassd --listen=127.0.0.1 --port=9391 openvassd --listen=127.0.0.1 --port=9393 openvasmd --database=/usr/local/var/lib/openvas/mgr/tasks.db --slisten=127.0.0.1 --sport=9391 --listen=0.0.0.0 --port=9390 gsad --listen=0.0.0.0 --port=9392 --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 --http-only
设置权限
chmod a+x start_openvas.sh
OpenVAS与参透测试数据库
进入Metasploit命令行
msfconsole
加载OpenVAS插件
load openvas
连接到OpenVAs管理引擎
命令格式 openvas_connect 用户名 密码 ip 端口 ok
openvas_connect admin admin 192.168.100.137 9390 ok
查看OpenVAS扫描报告列表数据
openvas_report_list
查找NBE格式
openvas_format_list
将数据以NBE格式导入数据库
格式·openvas_report_import 要导入数据的id 格式的id
openvas_report_import 2 4
vuns查看导入的漏洞信息
vulns
共享参透测试数据库信息
查看PostgreSQL是否运行
netstat -nlp | grep "postgres"
编辑文件ctl.sh
vim /opt/metasploit/postgresql/scripts/ctl.sh
修改以下数据
POSTGRESQL_START="/opt/metasploit/postgresql/bin/postgres -D /opt/metasploit/postgresql/data -p 7337 -h 0.0.0.0"
编辑文件pg_hba.conf
vim /opt/metasploit/postgresql/data/pg_hba.conf
修改为自己的ip段
host all all 127.0.0.1/32 md5
host all all 192.168.100.1/24 md5
重启PostgreSQL
/opt/metasploit/postgresql/scripts/ctl.sh stop
/opt/metasploit/postgresql/scripts/ctl.sh start
查看PostgreSQL是否运行
netstat -nlp | grep "postgres"
