kali環境下載openvas
下載命令
apt-get install openvas
安裝命令
openvas-setup
未找到命令執行以下命令等待3到5小時左右
sudo gvm-setup
sudo gvm-start
出現以下報錯
ERROR: The default postgresql version is not 13 required by libgvmd
解決辦法
默認情況下,Kali附帶了postgres 12,但OpenVAS(gvm)安裝了版本postgres 13。Postgres 13偵聽的端口為5433。但是OpenVAS仍在尋找5432。
查看默認安裝的版本
如果是postgres 11版本的更改
vi /etc/postgresql/11/main/postgresql.conf
如果是postgres 12版本的更改
vi /etc/postgresql/12/main/postgresql.conf
把端口號改成其他端口(比如 5555)改完后重啟
重啟
service postgresql restart
重新執行
gvm-setup
檢測
openvas-check-setup
沒有安裝成功就先配置安裝源
注冊賬號
openvasmd --create-user=root --password=root --role=Admin
開啟
openvas start
登錄地址
https://127.0.0.1:9392
BT5使用openvas
#配置OPenVAS,生成證書文件 root@bt:~# openvas-mkcert -q /usr/local/var/lib/openvas/private/CA created /usr/local/var/lib/openvas/CA created root@bt:~# openvas-mkcert-client -n om -i Generating RSA private key, 1024 bit long modulus ...........................................++++++ ....++++++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.2078/stdC.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'DE' localityName :PRINTABLE:'Berlin' commonName :PRINTABLE:'om' Certificate is to be certified until Oct 16 01:16:12 2021 GMT (365 days) Write out database with 1 new entries Data Base Updated User om added to OpenVAS. #升級NVT庫 root@bt:~# openvas-nvt-sync [i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'. [i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'. [i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'. [i] NVT dir: /usr/local/var/lib/openvas/plugins [i] rsync is not recommended for the initial sync. Falling back on http. [i] Will use wget [i] Using GNU wget: /usr/bin/wget [i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [i] Downloading to: /tmp/openvas-nvt-sync.mATVkqNMDB/openvas-feed-2020-10-15-2109.tar.bz2 --2020-10-15 21:16:40-- http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Resolving www.openvas.org... 45.135.105.67, 2a0e:6b40:10::67 Connecting to www.openvas.org|45.135.105.67|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [following] --2020-10-15 21:16:45-- https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Connecting to www.openvas.org|45.135.105.67|:443... connected. OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version Unable to establish SSL connection. [i] Checking dir: ok [i] Checking MD5 checksum: /usr/bin/md5sum: /usr/local/var/lib/openvas/plugins/md5sums: No such file or directory not ok Error: md5sums not correct. Your NVT collection might be broken now. Please try this for details: cd "/usr/local/var/lib/openvas/plugins" ; /usr/bin/md5sum -c "/usr/local/var/lib/openvas/plugins/md5sums" | less #初始化操作 root@bt:~# openvassd All plugins loaded root@bt:~# openvasmd --migrate root@bt:~# openvasmd --rebuild #添加管理員角色 root@bt:~# openvasad -c 'add_user' -n admin -r "Admin" Enter password: ad main:MESSAGE:2469:2020-10-15 21h42.29 EDT: No rules file provided, the new user will have no restrictions. ad main:MESSAGE:2469:2020-10-15 21h42.29 EDT: User admin has been successfully created. #啟動openVAS Scanner root@bt:~# openvassd --listen=127.0.0.1 --port=9391 All plugins loaded root@bt:~# openvasmd --database=/usr/local/var/lib/openvas/mgr/tasks.db --slisten=127.0.0.1 --sport=9391 --listen=0.0.0.0 --port=9390 root@bt:~# /pentest/misc/openvas/openvas-check-setup openvas-check-setup 2.1.5 Test completeness and readiness of OpenVAS-4 (add '--v5' if you want to check for OpenVAS-5) Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 3.2.5. OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem. ERROR: The NVT collection is very small. FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync. ERROR: Your OpenVAS-4 installation is not yet complete! Please follow the instructions marked with FIX above and run this script again. If you think this result is wrong, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
多人共享使用GSA服務
gsad --listen=0.0.0.0 --port=9392 --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 --http-only
back track 5 命令行模式轉桌面模式命令
startx
網絡登錄地址
http://localhost:9392
啟動腳本 start_openvas.sh
openvas-nvt-sync openvassd --listen=127.0.0.1 --port=9391 openvassd --listen=127.0.0.1 --port=9393 openvasmd --database=/usr/local/var/lib/openvas/mgr/tasks.db --slisten=127.0.0.1 --sport=9391 --listen=0.0.0.0 --port=9390 gsad --listen=0.0.0.0 --port=9392 --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 --http-only
設置權限
chmod a+x start_openvas.sh
OpenVAS與參透測試數據庫
進入Metasploit命令行
msfconsole
加載OpenVAS插件
load openvas
連接到OpenVAs管理引擎
命令格式 openvas_connect 用戶名 密碼 ip 端口 ok
openvas_connect admin admin 192.168.100.137 9390 ok
查看OpenVAS掃描報告列表數據
openvas_report_list
查找NBE格式
openvas_format_list
將數據以NBE格式導入數據庫
格式·openvas_report_import 要導入數據的id 格式的id
openvas_report_import 2 4
vuns查看導入的漏洞信息
vulns
共享參透測試數據庫信息
查看PostgreSQL是否運行
netstat -nlp | grep "postgres"
編輯文件ctl.sh
vim /opt/metasploit/postgresql/scripts/ctl.sh
修改以下數據
POSTGRESQL_START="/opt/metasploit/postgresql/bin/postgres -D /opt/metasploit/postgresql/data -p 7337 -h 0.0.0.0"
編輯文件pg_hba.conf
vim /opt/metasploit/postgresql/data/pg_hba.conf
修改為自己的ip段
host all all 127.0.0.1/32 md5
host all all 192.168.100.1/24 md5
重啟PostgreSQL
/opt/metasploit/postgresql/scripts/ctl.sh stop
/opt/metasploit/postgresql/scripts/ctl.sh start
查看PostgreSQL是否運行
netstat -nlp | grep "postgres"
