来源:蜘蛛抓取(WebSpider)
时间:2016-08-26 11:25
标签:
openvas 创建用户
kali2.0中openvas安装配置 - 简书
kali2.0中openvas安装配置
一、openvas安装学习《Metasploit渗透测试魔鬼训练营》 。需要部署openvas,但是书中步骤太老,无法成功。于是自己动手,重新配置了一下。1.初始化安装利用kali2.0 里的搜索功能,直接点击搜索出来的openvas initial setup,执行。2.执行安装#openvas-setup3.安装检测#openvas-check-setup4.添加admin/admin账号。#openvasmd --user=admin --new-password=admin4 访问GSA地址 https://127.0.0.1:9392/
输入刚设置好的admin 和密码,登录即可二、配置外部访问安装完成之后,openvas默认设置的监听地址为127.0.0.1,每次使用都只能用本机打开浏览器通过https://127.0.0.1:9392来进行登录扫描,不如通过自己的电脑浏览器连接到openvas服务器,直接进行扫描来的方便。openvas新版本有两种方式控制openvas的开关,一种是服务的方式,一种是脚本的方式a)服务方式这种方式通过openvas-start/openvas-stop脚本启动和关闭的,这两个脚本里调用的是service指令.openvas-start脚本内容:openvas-stop脚本内容:经过多方查找,网上找了N中方法,都不适用,最后终于发现启动这些服务的脚本存都放在/lib/systemd/system/下分别编辑:#vi /lib/systemd/system/greenbone-security-assistant.service#vi /lib/systemd/system/openvas-manager.service#vi /lib/systemd/system/openvas-scanner.service分别修改配置文件中的监听ip,由127.0.0.1改为0.0.0.0(表示任意IP),保存之后,需要让systemctl重新加载一下:#systemctl daemon-reload然后重启openvas服务即可:#openvas-stop#openvas-startb)脚本方式需要三个脚本控制开启和关闭openvas/etc/init.d/openvas-manager
//管理manager服务/etc/init.d/openvas-scanner
//管理scanner服务/etc/init.d/greenbone-security-assistant
//管理gsad服务这三个脚本对应的了三个配置文件,分别为:/etc/default/openvas-manager
//管理器:与接口通信,分配扫描任务,并根据扫描结果生成评估报告,默认端口为9390/etc/default/openvas-scanner
//扫描器:调用各种漏洞测试插件,执行分配的扫描操作,默认端口为9391/etc/default/greenbone-security-assistant
//访问web 端接口(gsad):访问opebvas 服务层的web 接口,默认监听地址为127.0.0.1,端口为9392分别修改配置文件中的监听ip,由127.0.0.1改为0.0.0.0(表示任意IP),保存,然后重启服务即可。#/etc/init.d/openvas-manager restart#/etc/init.d/openvas-scanner restart#/etc/init.d/greenbone-security-assistant restartc)查看openvas的监听状态root@lrb-kali:~# netstat -ntuplActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address
Foreign Address
PID/Program nametcp
0 0.0.0.0:9390
5142/openvasmdtcp
0 0.0.0.0:3790
3511/nginx.conftcp
0 0.0.0.0:9391
5117/openvassd: waitcp
0 0.0.0.0:9392
5103/gsadtcp
0 0.0.0.0:9393
5129/openvasad由上面的输出可知,监听IP地址已由127.0.0.1变为0.0.0.0,监听IP更改成功。此时打开浏览器测试,https://192.168.200.129:9392,已经可以访问
寡言少语的胖子5.2.1 配置OpenVAS
root@kali:~# cd /usr/share/openvas/
root@kali:/usr/share/openvas# openvas-mkcert
-----------------------------------------------
Creation of the OpenVAS SSL Certificate
-----------------------------------------------
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
root@kali:/usr/share/openvas# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] rsync is not recommended for the initial sync. Falling back on http.
[i] Will use wget
[i] Using GNU wget: /usr/bin/wget
[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
[i] Downloading to: /tmp/openvas-nvt-sync.xAKyyzYVdT/openvas-feed--8214.tar.bz2
-- 14:35:48-- http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
正在解析主机 www.openvas.org (www.openvas.org)& 5.9.98.186
正在连接 www.openvas.org (www.openvas.org)|5.9.98.186|:80& 已连接。
已发出 HTTP 请求,正在等待回应& 200 OK
长度:M) [application/x-bzip2]
正在保存至:&/tmp/openvas-nvt-sync.xAKyyzYVdT/openvas-feed--8214.tar.bz2&
100%[===============================================================&] 14,771,061 54.0K/s 用时 7m 16s
14:43:07 (33.1 KB/s) - 已保存&/tmp/openvas-nvt-sync.xAKyyzYVdT/openvas- feed-
-8214.tar.bz2& [71061])
12planet_chat_server_xss.nasl
12planet_chat_server_xss.nasl.asc
2013/secpod_ms13-005.nasl.asc
2013/gb_astium_voip_pbx_51273.nasl
2013/secpod_ms13-001.nasl
2013/deb_2597.nasl
2013/gb_astium_voip_pbx_51273.nasl.asc
2013/secpod_ms13-006.nasl
2013/gb_edirectory_57038.nasl
2013/secpod_ms13-006.nasl.asc
&省略部分内容&
zope_zclass.nasl.asc
zyxel_http_pwd.nasl
zyxel_http_pwd.nasl.asc
zyxel_pwd.nasl
zyxel_pwd.nasl.asc
[i] Download complete
[i] Checking dir: ok
[i] Checking MD5 checksum: ok
root@kali:/usr/share/openvas# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
&&&&&&&&&&&&++++++
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.f
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName
:PRINTABLE:'DE'
localityName
:PRINTABLE:'Berlin'
commonName
:PRINTABLE:'om'
Certificate is to be certified until Apr 25 06:55:05 2015 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
User om added to OpenVAS.
root@kali:/usr/share/openvas# openvasmd &rebuild
root@kali:/usr/share/openvas# openvassd
Loading the OpenVAS plugins&base gpgme-Message: Setting GnuPG homedir to '/etc/openvas/ gnupg'
base gpgme-Message: Using OpenPGP engine version '1.4.12'
All plugins loaded
root@kali:/usr/share/openvas# openvasmd --rebuild
root@kali:/usr/share/openvas# openvasmd &backup
root@kali:/usr/share/openvas# openvasad -c 'add_user' -n openvasadmin -r Admin
Enter password:
main:MESSAGE:-25 15h25.35 CST: No rules file provided, the new user will have no restrictions.
main:MESSAGE:-25 15h25.35 CST: User openvasadmin has been successfully created.
root@kali:/usr/share/openvas# openvasmd -p 9390 -a 127.0.0.1
root@kali:/usr/share/openvas# openvasad -a 127.0.0.1 -p 9393
root@kali:/usr/share/openvas# gsad --http-only --listen=127.0.0.1 -p 9392
同步NVT Feed(当新的漏洞被发现时,该记录将改变);
启动OpenVAS扫描器;
重建数据库;
备份数据库;
配置端口。
#!/bin/bash
openvas-nvt-sync
openvasmd --rebuild
openvasmd --backup
openvasmd -p 9390 -a 127.0.0.1
openvasad -a 127.0.0.1 -p 9393
gsad --http-only --listen=127.0.0.1 -p 9392
5.2.2 创建Scan Config和扫描任务
5.2.3 扫描本地漏洞
Compliance扫描Compliance漏洞
Default Accounts
扫描默认账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Ubuntu Local Security Checks
扫描Ubuntu系统的本地安全漏洞
5.2.4 扫描网络漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
扫描CISCO路由器
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Finger abuses
扫描Finger滥用漏洞
扫描防火墙漏洞
Gain a shell remotelly
扫描获取远程Shell的漏洞
扫描恶意软件
扫描网络操作系统
扫描NMAP NSE漏洞
Peer-To-Peer File Sharing
扫描共享文件漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Problems
扫描SMTP问题
扫描SNMP漏洞
Service detection
扫描服务侦察
扫描基本设置漏洞
5.2.5 扫描指定Linux系统漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认用户账号漏洞
Denial of Service
扫描拒绝服务的漏洞
扫描FTP服务器漏洞
Finger abuses
扫描Finger滥用漏洞
Gain a shell remotely
扫描获取远程Shell漏洞
扫描General漏洞
扫描恶意软件漏洞
扫描网络操作系统
扫描NMAP NSE漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察漏洞
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Porblems
扫描SMTP问题
扫描SNMP漏洞
Service detection
扫描服务侦察漏洞
扫描基本设置漏洞
Web Servers
扫描Web服务漏洞
5.2.6 扫描指定Windows系统漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认用户账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Gain a shell remotely
扫描获取远程Shell的漏洞
扫描General漏洞
扫描网络操作系统漏洞
扫描NMAP NSE漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察漏洞
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Problems
扫描SMTP问题漏洞
扫描SNMP漏洞
Service detection
扫描服务侦察漏洞
Web Servers
扫描Web服务漏洞
扫描Windows系统漏洞
Windows:Microsoft Bulletins
扫描Windows系统微软公告漏洞
阅读(...) 评论() &5.2.1 配置OpenVAS
root@kali:~# cd /usr/share/openvas/
root@kali:/usr/share/openvas# openvas-mkcert
-----------------------------------------------
Creation of the OpenVAS SSL Certificate
-----------------------------------------------
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
root@kali:/usr/share/openvas# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] rsync is not recommended for the initial sync. Falling back on http.
[i] Will use wget
[i] Using GNU wget: /usr/bin/wget
[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
[i] Downloading to: /tmp/openvas-nvt-sync.xAKyyzYVdT/openvas-feed--8214.tar.bz2
-- 14:35:48-- http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
正在解析主机 www.openvas.org (www.openvas.org)… 5.9.98.186
正在连接 www.openvas.org (www.openvas.org)|5.9.98.186|:80… 已连接。
已发出 HTTP 请求,正在等待回应… 200 OK
长度:M) [application/x-bzip2]
正在保存至:“/tmp/openvas-nvt-sync.xAKyyzYVdT/openvas-feed--8214.tar.bz2”
100%[===============================================================&] 14,771,061 54.0K/s 用时 7m 16s
14:43:07 (33.1 KB/s) - 已保存“/tmp/openvas-nvt-sync.xAKyyzYVdT/openvas- feed-
-8214.tar.bz2” [71061])
12planet_chat_server_xss.nasl
12planet_chat_server_xss.nasl.asc
2013/secpod_ms13-005.nasl.asc
2013/gb_astium_voip_pbx_51273.nasl
2013/secpod_ms13-001.nasl
2013/deb_2597.nasl
2013/gb_astium_voip_pbx_51273.nasl.asc
2013/secpod_ms13-006.nasl
2013/gb_edirectory_57038.nasl
2013/secpod_ms13-006.nasl.asc
…省略部分内容…
zope_zclass.nasl.asc
zyxel_http_pwd.nasl
zyxel_http_pwd.nasl.asc
zyxel_pwd.nasl
zyxel_pwd.nasl.asc
[i] Download complete
[i] Checking dir: ok
[i] Checking MD5 checksum: ok
root@kali:/usr/share/openvas# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
………………………………++++++
……++++++
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.f
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName
:PRINTABLE:'DE'
localityName
:PRINTABLE:'Berlin'
commonName
:PRINTABLE:'om'
Certificate is to be certified until Apr 25 06:55:05 2015 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
User om added to OpenVAS.
root@kali:/usr/share/openvas# openvasmd –rebuild
root@kali:/usr/share/openvas# openvassd
Loading the OpenVAS plugins…base gpgme-Message: Setting GnuPG homedir to '/etc/openvas/ gnupg'
base gpgme-Message: Using OpenPGP engine version '1.4.12'
All plugins loaded
root@kali:/usr/share/openvas# openvasmd --rebuild
root@kali:/usr/share/openvas# openvasmd –backup
root@kali:/usr/share/openvas# openvasad -c 'add_user' -n openvasadmin -r Admin
Enter password:
main:MESSAGE:-25 15h25.35 CST: No rules file provided, the new user will have no restrictions.
main:MESSAGE:-25 15h25.35 CST: User openvasadmin has been successfully created.
root@kali:/usr/share/openvas# openvasmd -p 9390 -a 127.0.0.1
root@kali:/usr/share/openvas# openvasad -a 127.0.0.1 -p 9393
root@kali:/usr/share/openvas# gsad --http-only --listen=127.0.0.1 -p 9392
同步NVT Feed(当新的漏洞被发现时,该记录将改变);
启动OpenVAS扫描器;
重建数据库;
备份数据库;
配置端口。
#!/bin/bash
openvas-nvt-sync
openvasmd --rebuild
openvasmd --backup
openvasmd -p 9390 -a 127.0.0.1
openvasad -a 127.0.0.1 -p 9393
gsad --http-only --listen=127.0.0.1 -p 9392
5.2.2 创建Scan Config和扫描任务
5.2.3 扫描本地漏洞
Compliance扫描Compliance漏洞
Default Accounts
扫描默认账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Ubuntu Local Security Checks
扫描Ubuntu系统的本地安全漏洞
5.2.4 扫描网络漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
扫描CISCO路由器
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Finger abuses
扫描Finger滥用漏洞
扫描防火墙漏洞
Gain a shell remotelly
扫描获取远程Shell的漏洞
扫描恶意软件
扫描网络操作系统
扫描NMAP NSE漏洞
Peer-To-Peer File Sharing
扫描共享文件漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Problems
扫描SMTP问题
扫描SNMP漏洞
Service detection
扫描服务侦察
扫描基本设置漏洞
5.2.5 扫描指定Linux系统漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认用户账号漏洞
Denial of Service
扫描拒绝服务的漏洞
扫描FTP服务器漏洞
Finger abuses
扫描Finger滥用漏洞
Gain a shell remotely
扫描获取远程Shell漏洞
扫描General漏洞
扫描恶意软件漏洞
扫描网络操作系统
扫描NMAP NSE漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察漏洞
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Porblems
扫描SMTP问题
扫描SNMP漏洞
Service detection
扫描服务侦察漏洞
扫描基本设置漏洞
Web Servers
扫描Web服务漏洞
5.2.6 扫描指定Windows系统漏洞
Brute force attacks暴力攻击
Buffer overflow
扫描缓存溢出漏洞
Compliance
扫描Compliance漏洞
扫描数据库漏洞
Default Accounts
扫描默认用户账号漏洞
Denial of Service
扫描拒绝服务漏洞
扫描FTP服务器漏洞
Gain a shell remotely
扫描获取远程Shell的漏洞
扫描General漏洞
扫描网络操作系统漏洞
扫描NMAP NSE漏洞
Port Scanners
扫描端口漏洞
Privilege Escalation
扫描提升特权漏洞
Product Detection
扫描产品侦察漏洞
扫描RPC漏洞
Remote File Access
扫描远程文件访问漏洞
SMTP Problems
扫描SMTP问题漏洞
扫描SNMP漏洞
Service detection
扫描服务侦察漏洞
Web Servers
扫描Web服务漏洞
扫描Windows系统漏洞
Windows:Microsoft Bulletins
扫描Windows系统微软公告漏洞
阅读(...) 评论()
