不多說,直接上干貨!
關於OpenAVS的概念,我這里不多贅述。
前提得,大家要先安裝好OpenVAS!!!
我們都知道,BT5中已經預先安裝好了OpenVAS網絡漏洞掃描工具,我們只需進行一些配置即可。
具體,請見我下面的這篇博客。
BackTrack5里使用OpenVAS
本博文,是在kali 2.0 linux里,使用OpenVAS,所以大家需要去看我下面的這篇博客。(若你沒有安裝的話)
Kali 2.0 linux里安裝OpenVAS
Kali linux2.0里Metasploit的OpenVAS
一、首先要載入OpenVAS插件
root@kali:~# msfconsole msf > load openvas [*] Welcome to OpenVAS integration by kost and averagesecurityguy. [*] [*] OpenVAS integration requires a database connection. Once the [*] database is ready, connect to the OpenVAS server using openvas_connect. [*] For additional commands use openvas_help. [*] [*] Successfully loaded plugin: OpenVAS msf >
二、連接上OpenVAS
msf > openvas_connect
[*] Usage:
[*] openvas_connect username password host port <ssl-confirm>
msf > openvas_connect admin admin 10.0.0.1 9390 ok
三、設置掃描目標,這里假設10.0.0.1
msf > openvas_target_create router 10.0.0.1 msf
四、選擇掃描策略
msf > openvas_config_list
[+] OpenVAS list of configs
ID Name
-- ----
0 Full and fast
1 Full and fast ultimate
2 Full and very deep
3 Full and very deep ultimate
4 empty
五、建立掃描任務並選擇相應掃描策略
msf > openvas_task_create
[*] Usage: openvas_task_create <name> <comment> <config_id> <target_id>
msf > openvas_task_create router "router commnent scan" 0 2
六、執行掃描任務
msf > openvas_task_start
[*] Usage: openvas_task_start <id>
msf > openvas_task_start 2
七、查看任務進度
msf > openvas_task_list
msf > openvas_task_list
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
0 unnamed Done -1
1 router router commnent scan Requested 1
八、下載掃描報告
msf > openvas_report_list //找到需要下載的掃描報告ID
msf > openvas_format_list//列出可供下載的掃描報告格式
msf > openvas_report_download
[*] Usage: openvas_report_download <report_id> <format_id> <path> <report_name>
msf > openvas_report_download 2 1 /root router_scan_report.html
如果你不習慣使用命令行下建立掃描任務,當然你可以配置在瀏覽器里面打開,建立掃描。
http://pwd1999.blog.51cto.com/2934152/1546849