[环境搭建]Kali 安装OpenVAS - 知乎常规命令sudo apt-get install gvm 安装gvm sudo gvm-setup 初始化gvm sudo gvm-check-setup检查openvas 是否安装成功 sudo gvm-feed-update升级漏洞库 sudo gvm-start启动openvas sudo -u _gvm gvmd -…https://zhuanlan.zhihu.com/p/117641338
以下为原文
[环境搭建]Kali 安装OpenVAS
AJEST安全实验室
常规命令
sudo apt-get install gvm 安装gvm
sudo gvm-setup 初始化gvm
sudo gvm-check-setup 检查openvas 是否安装成功
sudo gvm-feed-update 升级漏洞库
sudo gvm-start 启动openvas
sudo -u _gvm gvmd --user=admin --new-password=123456
修改web 账号admin 密码为123456
如果遇到问题
AJEST安全实验室
1828 次赞同
去咨询
问题五:创建New Target 时,Port List 不可选,并且save 时报错。
Failed to find port_list '33d0cd82-57c6-11e1-8ed1-406186ea4fc5'
查看版本
┌──(ajest zh-CN)-[/usr/share]
└─$ gsad --version
Oops, secure memory pool already initialized
Greenbone Security Assistant 21.4.3
┌──(ajest zh-CN)-[/usr/share]
└─$ gvmd --version
Greenbone Vulnerability Manager 21.4.4
Manager DB revision 242
Copyright (C) 2009-2021 Greenbone Networks GmbH
License: AGPL-3.0-or-later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
┌──(ajest zh-CN)-[/usr/share]
└─$
查看配置文件
┌──(ajest zh-CN)-[~]
└─$ tree /var/lib/gvm/data-objects/gvmd/21.04
/var/lib/gvm/data-objects/gvmd/21.04
├── configs
├── port_lists
└── report_formats
3 directories, 0 files
┌──(ajest zh-CN)-[~]
└─$
直接拷贝配置文件
┌──(ajest zh-CN)-[/var/lib/gvm/data-objects/gvmd]
└─$ sudo mv /mnt/data/课程环境/渗透测试/扫描技术/OpenVAS/21.04 .
┌──(ajest zh-CN)-[/var/lib/gvm/data-objects/gvmd]
└─$ tree 21.04
21.04
├── configs
│ ├── base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
│ ├── discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
│ ├── empty-085569ce-73ed-11df-83c3-002264764cea.xml
│ ├── full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
│ ├── host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
│ ├── policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
│ ├── policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
│ ├── policy-gaussdbkernel-2eec8313-fee4-442a-b3c4-fa0d5dc83d61.xml
│ ├── policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
│ ├── policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
│ ├── policy-opengauss-c2b049f9-6d3d-45be-871f-2252895ed9e8.xml
│ └── system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml
├── port_lists
│ ├── all-iana-assigned-tcp-33d0cd82-57c6-11e1-8ed1-406186ea4fc5.xml
│ ├── all-iana-assigned-tcp-and-udp-4a4717fe-57d2-11e1-9a26-406186ea4fc5.xml
│ └── all-tcp-and-nmap-top-100-udp-730ef368-57e2-11e1-a90f-406186ea4fc5.xml
└── report_formats
├── anonymous-xml-5057e5cc-b825-11e4-9d0e-28d24461215b.xml
├── csv-results-c1645568-627a-11e3-a660-406186ea4fc5.xml
├── itg-77bd6c4a-1f62-11e1-abf0-406186ea4fc5.xml
├── pdf-c402cc3e-b531-11e1-9163-406186ea4fc5.xml
├── txt-a3810a62-1f62-11e1-9219-406186ea4fc5.xml
└── xml-a994b278-1f62-11e1-96ac-406186ea4fc5.xml
3 directories, 21 files
┌──(ajest zh-CN)-[/var/lib/gvm/data-objects/gvmd]
└─$
重启gvm
sudo gvm-stop
sudo gvm-start
问题四:PostgreSQL version 版本不适应
┌──(ajest zh-CN)-[~]
└─$ sudo gvm-setup
[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (13) is not 14 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster
┌──(ajest zh-CN)-[~]
└─$
sudo apt-get purge postgresql-13
sudo apt-get purge postgresql-14
sudo apt-get install gvm
问题三:Severity 0.0 log
此问题是由于扫描策略中端口扫描插件不起作用引起的,可以修改如下配置,以达到扫描成功的目的。
问题二:The SCAP database is required
sudo runuser -u _gvm -- greenbone-nvt-sync --rsync
sudo -u _gvm greenbone-nvt-sync --rsync
sudo runuser -u _gvm -- greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync
sudo reboot
实在解决不了,睡一觉就好了
问题一: FIX: Please install Greenbone Security Assistant >= 21.04.
sudo cp /usr/bin/gvm-check-setup /usr/bin/gvm-check-setup.bak
sed -i"" 's/GSA_MAJOR="21.04"/GSA_MAJOR="21.4"/g' $(which gvm-check-setup)
sudo gvm-setup
Kali-Linux-2021.2 安装OpenVAS
相关命令如下:
sudo apt-get install gvm 安装gvm
sudo gvm-setup 初始化gvm
sudo gvm-check-setup 检查openvas 是否安装成功
sudo gvm-feed-update 升级漏洞库
sudo gvm-start 启动openvas
sudo -u _gvm gvmd --user=admin --new-password=123456
修改web 账号admin 密码为123456
开启OpenVAS 外部地址访问:
┌──(kali kali)-[~]
└─$ cat /lib/systemd/system/greenbone-security-assistant.service | grep "ExecStart"
ExecStart=/usr/sbin/gsad --listen=0.0.0.0 --port=9392
┌──(kali kali)-[~]
└─$
Kali-Linux-2021.1 安装OpenVAS
相关命令如下:
sudo apt-get install gvm 安装gvm
sudo gvm-setup 初始化gvm
sudo gvm-check-setup 检查openvas 是否安装成功
sudo gvm-feed-update 升级漏洞库
sudo gvm-start 启动openvas
sudo runuser -u _gvm –- gvmd --user=admin --new-password=123456
修改web 账号admin 密码为123456
开启OpenVAS 外部地址访问:
┌──(kali kali)-[~]
└─$ cat /lib/systemd/system/greenbone-security-assistant.service | grep "ExecStart"
ExecStart=/usr/sbin/gsad --listen=0.0.0.0 --port=9392
┌──(kali kali)-[~]
└─$
Kali-Linux-2020.4 安装OpenVAS
- 安装gvm
sudo apt-get update
sudo apt-get install gvm
- gvm 初始化
sudo gvm-setup # gvm 初始化
sudo gvm-check-setup # 检查安装
sudo gvm-feed-update # 更新漏洞库
- 启动OpenVAS
sudo gvm-start
- 重设管理员密码
sudo runuser -u _gvm -- gvmd --user=admin --new-password=123456
Kali-Linux-2020.3 安装OpenVAS
- 安装gvm
sudo apt-get update
sudo apt-get install gvm
- gvm 初始化
sudo apt-get install --yes postgresql-13
sudo pg_dropcluster 13 main --stop
sudo pg_upgradecluster 12 main
sudo gvm-setup
sudo gvm-check-setup
sudo gvm-feed-update
- 启动OpenVAS
sudo gvm-start
- 重设管理员密码
sudo runuser -u _gvm -- gvmd --user=admin --new-password=123456
Kali-Linux-2020.1 安装OpenVAS
- OpenVAS 的安装
sudo apt-get update
sudo apt-get install openvas*
sudo proxychains openvas-setup
sudo reboot
sudo openvas-start
- 修改密码
openvasmd --user=admin --new-password=admin
- 开启外部访问
新版本OpenVAS 开启外部访问有bug。因此可以考虑使用代理或者隧道的方法从外部访问。