Thursday, February 5, 2015

Kali: Configure and Fix OpenVAS issues, start Vulnerability Scanning

OpenVAS is a tool used for Vulnerability Scanning, it comes pre-installed on Kali/Backtrack OS but need to configure to make it working.

root@kali-praveend:~# openvas-check-setup
........
........
        OK: At least one admin user exists.
        WARNING: Your password policy is empty.
        SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
        OK: Greenbone Security Assistant is present in version 4.0.0.
Step 5: Checking OpenVAS CLI ...
        OK: OpenVAS CLI version 1.2.0.
Step 6: Checking Greenbone Security Desktop (GSD) ...
        OK: Greenbone Security Desktop is present in Version 1.2.2.
Step 7: Checking if OpenVAS services are up and running ...
        OK: netstat found, extended checks of the OpenVAS services enabled.
        ERROR: OpenVAS Scanner is NOT running!
        FIX: Start OpenVAS Scanner (openvassd).
        ERROR: OpenVAS Manager is NOT running!
        FIX: Start OpenVAS Manager (openvasmd).
        ERROR: OpenVAS Administrator is NOT running!
        FIX: Start OpenVAS Administrator (openvasad).
        ERROR: Greenbone Security Assistant is NOT running!
        FIX: Start Greenbone Security Assistant (gsad).
 ERROR: Your OpenVAS-6 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.

Start OpenVAS Scanner
#/etc/init.d/openvas-scanner start

Start OpenVAS Manager
#openvasmd --rebuild take around 10 minutes, you can execute below command
#openvasmd

Start OpenVAS Administrator 
#openvasad -c add_user -n praveend --role=Admin
if the username is already created just execute openvasad

Start Greenbone Security Assistant
#gsad

Once the configuration is done execute
root@kali-praveend:~# openvas-check-setup
........
........
Step 5: Checking OpenVAS CLI ...
        OK: OpenVAS CLI version 1.2.0.
Step 6: Checking Greenbone Security Desktop (GSD) ...
        OK: Greenbone Security Desktop is present in Version 1.2.2.
Step 7: Checking if OpenVAS services are up and running ...
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening only on the local interface.
        OK: OpenVAS Scanner is listening on port 9391, which is the default port.
        OK: OpenVAS Manager is running and listening on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the default port.
        OK: OpenVAS Administrator is running and listening on all interfaces.
        OK: OpenVAS Administrator is listening on port 9393, which is the default port.
        OK: Greenbone Security Assistant is running and listening on all interfaces.
        OK: Greenbone Security Assistant is listening on port 443, which is the default port.
Step 8: Checking nmap installation ...
        WARNING: Your version of nmap is not fully supported: 6.47
        SUGGEST: You should install nmap 5.51.
Step 9: Checking presence of optional tools ...
        OK: pdflatex found.
        OK: PDF generation successful. The PDF report format is likely to work.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
        OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
        OK: alien found, LSC credential package generation for DEB based targets is likely to work.
        OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
It seems like your OpenVAS-6 installation is OK.

Start OpenVAS Greenbone Security Desktop (GSD)

Once we click on openvas-gsd, we get a window where we need to enter login credentials and localhost in the place of IP address.


After successful login to GSD we get below Window where we need to configure Targets, Tasks etc.

To start Vulnerability Assessment we need to configure Targets, Tasks etc., tabs on the lower part of the above window.

Click on Extras->Start Greenbone Security Assistant. Will open URL in browser connecting to 127.0.0.1:443

Once the Vulnerability Scanning is done, we can download Report in supported format (PDF, HTML etc).