openvas docker
介紹
OpenVAS(Open Vulnerability Assessment System,開放式弱點評估系統)是一款開源的網絡掃描和弱點評估工具。
目前不支援 windows 環境,推薦是在 kali linux 系統安裝 OpenVAS,目前可以在 windows 安裝 Docker Desktop ,使用 docker 的方式運作。
硬體需求
最低配置:
推薦配置:
參考網址
OpenVAS官方: https://greenbone.github.io/docs/latest/22.4/container/index.html#
docker-desktop: https://www.docker.com/products/docker-desktop/
kali linux 系統安裝 OpenVAS 方式: https://hackmd.io/@liam0116/ryiSRDIO0
安裝/啓動步驟
1. 在 windows 系統上安裝 docker desktop
2. 使用 vscode 打開 openvas-docker 專案目錄
這個指令會根據 docker-compose.yml 文件啓動所有定義的服務。
若需要在後台執行,則添加 -d
建議使用該指令
啓動畫面
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
可以打開 docker desktop 檢查是否順利啓動
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
注:有一些未啓動屬於正常,它們是執行完初始化任務後就會自動關閉的容器
3. 進入 openvas
-
進入網址
- http://127.0.0.1:9392/login
- 可在 docker desktop 點擊進入
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
登錄頁面
備注: 如果剛啓動,可能需要等待一下才登錄,等該系統配置都完整啓動
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
登錄後畫面
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
檢查掃描配置 切換至 Configuration > Scan Configs
- 檢查是否有相關配置
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
- 如果是空如下圖
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
- 請你在該頁面一直重整,到出現爲止,目前所知的方法
- 如果沒掃描配置會發生該錯誤
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
掃描方式 一 (網路掃描 Network Scan)
這類掃描主要基於 IP 地址來進行掃描,通常是針對網絡服務進行基礎漏洞檢測,類似於你提到的普通簡單掃描。在 OpenVAS 中,這類掃描可以使用「基本掃描」(Basic Scan)或「無認證掃描」(Unauthenticated Scan)來描述,因為它不需要額外的用戶憑證。
注: 不需要任何配置。
- 開始掃描 切換至 Scans > Tasks
注意: 如果掃描 ip 需要 VPN 才能連缐,請你確保 VPN 有連缐
- 點擊Task Wizard
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
- 輸入需要掃描的 ip
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
- 再來點 start 按鈕稍等一下就會開始掃描(一開始會停在0%一陣子要等)
掃描方式 二 (認證掃描 Authenticated Scan)
這類掃描需要提供 SSH 或其他系統賬戶來進行更深入的檢測,能夠檢查操作系統和應用程序層面的漏洞。你提到的第二種掃描方式即為這一類,通常稱為「認證掃描」或「深度掃描」。
注: 需要使用 SSH 憑證進行特權掃描,以獲取更深入的掃描結果。
-
首先到 Configuration > Credentials 裡面新增驗證訊息
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
通過以下步驟來設置這些 SSH 憑證
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
在 Type 下拉菜單中選擇 Username + Password,如果需要密鑰選擇 Username + SSH key。
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
填寫資訊
Name: 給這個憑證一個名稱,例如 "SSH to 192.168.2.78"。
Username: 填寫 root。
Password: 如果你使用密碼認證,填寫 root 用戶的密碼;
Private Key: 如果有需要使用私鑰認證,則上傳私鑰文件。
填寫完成點擊 save 保存
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
再到 Configuration > Targets 裡面配置需要被掃描的目標主機
- 點擊左上角白紙星星圖案新增 New Targets
- 新增需要被掃描的目標主機
Image Not Showing
Possible Reasons
- The image was uploaded to a note which you don't have access to
- The note which the image was originally uploaded to has been deleted
Learn More →
-
回到 Scans > Tasks
- 點擊左上角白紙星星圖案新增 New Task
- Scan Targets 下拉選中剛才配置好的目標主機
- Scan Config 需要是 full and fast
- 完成點擊 save

- 再來點開始按鈕稍等一下就會開始掃描(一開始會停在0%一陣子要等)

正常執行情況

如果一下子就結束屬於不正常需要檢查使用有鏈接 VPN 或者配置錯誤
-
掃描完成到 Scans > Reports 查看報告

-
點日期可以進入報告詳細

-
並根據不同分類(例如Hosts, Ports, App…查看各個類別底下的風險)

-
並在上方有下載按鈕可以下載報告

-
選擇報告文件類型
- 可以選擇 PDF
- 點擊 ok 下載報告

- 成功取得報告

-
回到 Dashboards 主頁 Overview 有掃描狀態及分佈
