OpenVAS image for Docker 筆記 介紹 OpenVAS一套開源可提供漏洞掃描的工具,運作於linux環境。所有OpenVAS產品都是免費軟件。
因為不支援windows環境,因此以往推薦簡單的用法就是下載kali linux系統,並使用虛擬機運作,這篇使用的是 OpenVAS image for Docker 的方式,在windows安裝 Docker Desktop ,即可使用docker的方式運作
不想在 docker 安裝,想直接安裝在 linux 請參考這兩篇
操作步驟
請先至 docker for windows下載並安裝完成docker
https://docs.docker.com/docker-for-windows/install/
安裝完的畫面如下
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
檢查自己是否在linux的環境,在windows docker的圖案上按右鍵可以切換
如果看到的是 Switch to Windows containers,代表自己現在是在linux,不須切換
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
或是在cmd 輸入以下指令,也可以知道自己使用的docker環境
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
輸入指令
這個指令是從mikesplain/openvas下載image,同時執行起來
第一個17443是本機要連上docker的port號,第二個443是docker內服務的port號,如果本機也有其他17443服務可能會衝突,可以依照實際情況改用別的數字
docker run -d -p 17443:443 --name openvas mikesplain/openvas
其他說明可以參考 OpenVAS image for Docker
安裝過程畫面如下
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
故障排除 如果出現以下訊息
docker: Error response from daemon: Ports are not available: listen tcp 0.0.0.0:17443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
代表docker內沒有這個port,就是前面的 port 打錯,請注意必須是 port數字:443,例如 17443:443
從瀏覽器連線到 openvas
可以在 docker的 Containers / Apps 分頁中,看到正在執行的 containers ,游標移上去後,右側會有圖案顯示,選擇 Open In Browser,瀏覽器便會開啟
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
預設開啟可能是 http://localhost:17443 ,請把網址改成 https://localhost:17443
如果遇到 localhost 網站不安全 的問題打不開,請參考此篇解決 https chrome 打不開 解決 localhost 的 http 網站被強制導向 https 的問題 edge適用 (hsts)
成功後會看到登入畫面,預設帳號密碼是
Username: admin
Password: admin
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
儀錶板
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
選擇 Scan後,游標移動到左上角的 星星符號 ,可以開啟一個新的task進行掃描,也可以使用魔術棒圖案的 Task Wizard 開啟導引精靈
NewTask 新任務的選項
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
TaskWizard 精靈的選項
Image Not Showing
Possible Reasons
The image file may be corrupted The server hosting the image is unavailable The image path is incorrect The image format is not supported
Learn More →
填寫要掃描的主機ip或網址
注意 Openvas 是針對"全主機弱點掃描",無法僅使用port號,一次就是整台主機
scanme.nmap.org
從Scan > report 觀看報告
參考資料 OpenVAS image for Docker
https://github.com/mikesplain/openvas-docker
開源弱點檢測管理平台:OpenVAS
http://blog.jason.tools/2019/09/2020-ironman-05.html
如何在 Windows 10 同時安裝與執行 Windows 與 Linux 容器 (Docker)
https://blog.miniasp.com/post/2016/11/22/Run-Linux-and-Windows-Containers-on-Windows-10
在Kali Linux中配置和調整OpenVAS
https://www.kali.org/blog/configuring-and-tuning-openvas-in-kali-linux/
自建OpenVAS弱點掃描 資安稽核報表不求人(下)
https://www.netadmin.com.tw/netadmin/zh-tw/technology/68793305F73A44F39888EF3209179A46?page=2