Try   HackMD

openvas kali linux 安裝筆記

介紹

OpenVAS是一個開源的漏洞掃描工具,用於檢測系統中的安全漏洞,識別和評估系統中可能存在的漏洞,協助組織確保其系統的安全性

官方網站:
https://www.openvas.org/
官方安裝教程 for kali:
https://greenbone.github.io/docs/latest/22.4/kali/index.html

系統

OpenVAS 需要使用指定 kali linux 來安裝, 目前使用其他系統會出現難解問題

kali 安裝方式

參考該鏈接:
https://youtu.be/ISnuy3A-3tc?si=LPyHb9gxgt-eyX6M

系統安裝好過後

1. 更新軟件源:

sudo apt update sudo apt upgrade -y

如果發生該問題:

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

sudo apt upgrade -y 換成使用 sudo apt full-upgrade -y

參考網站:
https://unix.stackexchange.com/questions/594257/debian-bullseye-no-upgrade-due-to-gnustep-base-runtime-unmet-dependencies

2. 安裝 Greenbone 社區版

Greenbone 社群版和所需的依賴項可以使用單一指令安裝:

sudo apt install gvm -y

3. 執行自動配置腳本(該步驟已經完成了,如果需要啓動可以忽 3 進行 6)

安裝所需的軟體包後,必須執行設定腳本才能完成安裝。若要執行自動配置,請執行下列命令:

在此期間,gvm-setup您必須記錄為管理員使用者建立的預設密碼。

如下圖:賬號為 admin 以及 密碼

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

初始化gvm

sudo gvm-setup

4. 驗證安裝

Kali Linux 本機安裝包含一個用於驗證已安裝服務的腳本。可以使用以下命令運行該腳本:
檢查gvm完整性

sudo gvm-check-setup

如果您的安裝已成功配置,您將在驗證結束時看到以下訊息:

It seems like your GVM-22.5.0 installation is OK.

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

5. 更改密碼(該部分我還沒測試)

sudo runuser -u _gvm -- gvmd --user=admin --new-password=123456

6. 啟動

sudo gvm-start

正常啓動

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

7. 暫停

sudo gvm-stop

成功啓動頁面

訪問鏈接:
https://127.0.0.1:9392

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

設定掃描配置以及執行

  • 檢查掃描配置 切換至 Configuration > Scan Configs
    • 檢查是否有相關配置
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More →
    • 如果是空如下圖
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More →
    • 請你在該頁面一直重整,到出現爲止,目前所知的方法
    • 如果沒掃描配置會發生該錯誤
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More →

參考過網站
https://ithelp.ithome.com.tw/articles/10332929

https://medium.com/@jieshiun/如何使用-openvas-gvm-進行弱點掃描-3c518bc923c

https://www.cnblogs.com/hahaha111122222/p/17411704.html

https://cybersecurity.onlinedoc.tw/2024/02/openvas.html

https://medium.com/@hclylin7/kali-linux-2023-1-2022-4-安裝openvas-2b4e5136753a

https://ithelp.ithome.com.tw/articles/10332326

https://hachibye.medium.com/安裝openvas內部弱掃達到pci-dss合規性要求-a0e062167c97