Latest News

How to setup OpenVas in Kali linux

Intro- The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The OpenVAS protocol structure is known to be well documented to assist developers.

1.  How to run openvas-setup
A. GUI Method
Application → Kali Linux → Vulnerability Analysis → openvas-setup
                                                                                             (click image for large view)

B. Open Terminal and type openvas-setupand hit enter

2.  Here we are running first time openvas-setup

3. Plugins are loading. At first time it takes time.

4. All plugins loaded. We are getting error while starting openvas Manager but don’t worry it will be solve. Enter password whatever you want and hit enter. Some time after hitting enter this window will be crash if it happens you have to start it again but this will take less time to load plugin.

5. In my case, my window crashed and I started it again. If your window has also crashed and you are running again like me. You will notice one thing that loading plugins are faster than previous one.

6. Here you can see we are not getting any type of errors so it seems everything is fine and perfect.

7. Setting up openvas manager – First thing we need to do is make a client cert for Openvas manager.
Syntax – root@mrquiety:~# openvas-mkcert-client -n om –i

8. Now we need to rebuild the database as it is now out of date with the added nvt's and we would otherwise get errors about the database. You should do this each time you update the NVT's. This process can take time to complete.
Syntax – root@mrquiety:~# openvasmd –rebuild

9. Setup OpenVAS Administrator - We need to create an administrative user that we will be using to perform all of our vulnerability assesments.
Syntax – root@mrquiety:~#  openvasad -c 'add_user' -n mrquiety -r Admin
            Here ‘mrquiety’ is my openvas admin username you can choose a username whatever you want.
Now write your Password and hit enter. Make sure you can remember this username and associated password as you will need it when running openvas.

10. Starting OpenVAS Manager - Now we need to start Openvas Manager
Syntax – root@mrquiety:~#  openvasmd -p 9390 -a

11. Starting OpenVAS Administrator - Now we need to start Openvas Administrator.
Syntax – root@mrquiety:~#  openvasad -p 9393 -a

12. Starting Greenbone Security Assistant - Now we need to start Greenbone security Assistant
Syntax – root@mrquiety:~#  gsad --http-only --listen= -p 9392
If we write a port address which is already in use. we will get this error in our given port address. So in next step we will try again by giving another port.

13. Here we changed our port address for starting Greenbone security Assistant.
Syntax – root@mrquiety:~#  gsad --http-only --listen= -p 9395

14. Web Interface - We have done everything now I am introducing you openvas Web Based scanner. First of all open your web browser and write in your web browser address bar and hit enter you will see a login page. Now time to write your username and password then click on login.

15. As you can see we have logged in as Admin (mrquiety)

16. GUI based scanner – we can also use GUI based scanner.
Application → Kali Linux → Vulnerability Analysis → OpenVAS→ openvas-gsd 

17. First of all we need to login. write profile name (if you want), Write server and port address (if not given), write your username and password and click on login.

18. This is you GUI Based OpenVas scanner. As you can see we have logged in as Admin (mrquiety).

19. Whenever you reboot your system and you want to start OpenVAS you have to run these command on your terminal for starting your scanner.
(click image for large view)

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you , ,
skype: greeenchip


This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.

Featured Post

Custom Domains And HTTPS Redirection Code