由于新版的kali中没有预装OpenVAS。所以在虚拟机中安装花了非常多的时间。
安装过程参考:http://www.cnblogs.com/zlslch/p/6872559.html过程写的非常详细本文不再赘述。
稍微提示一下:如果使用openvas-check-setup命令检查出有错误但是又不知道如何去修正(恩,没错说的就是我自己^_^!)可以尝试再次使用openvas-setup命令安装一下看看,说不定就好了呢。
安装好后:
启动openvas
修改密码
root@kali:~# openvas-start
Starting OpenVas Services
root@kali:~# netstat -antp | grep 939*
tcp 0 0 127.0.0.1:9390 0.0.0.0:* LISTEN 2722/openvasmd
tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 2745/gsad
root@kali:~# openvasmd --user admin --new-password admin
登录后根据页面的功能介绍和提示使用即可
下面是在msf中使用OpenVAS
msf > load openvas 载入OpenVAS插件
[*] Welcome to OpenVAS integration by kost and averagesecurityguy.
[*]
[*] OpenVAS integration requires a database connection. Once the
[*] database is ready, connect to the OpenVAS server using openvas_connect.
[*] For additional commands use openvas_help.
[*]
[*] Successfully loaded plugin: OpenVAS
msf > openvas_connect admin admin 127.0.0.1 9390 ok 连接到相应服务器上的OpenVAS管理引擎
[*] Connecting to OpenVAS instance at 127.0.0.1:9390 with username admin...
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS connection successful
msf > openvas_config_list 这里可以查看到创建任务所需的扫描策略
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of configs
ID Name
-- ----
085569ce-73ed-11df-83c3-002264764cea empty
2d3f051c-55ba-11e3-bf43-406186ea4fc5 Host Discovery
698f691e-7489-11df-9d8c-002264764cea Full and fast ultimate
708f25c4-7489-11df-8094-002264764cea Full and very deep
74db13d6-7489-11df-91b9-002264764cea Full and very deep ultimate
8715c877-47a0-438d-98a3-27c7a6ab2196 Discovery
bbca7412-a950-11e3-9109-406186ea4fc5 System Discovery
daba56c8-73ec-11df-a475-002264764cea Full and fast
msf > openvas_target_create test 192.168.3.199 创建扫描target目标,这里输入不完整,提示了正确的命令格式
[*] Usage: openvas_target_create <name> <hosts> <comment>
msf > openvas_target_create test 192.168.3.199 msf 创建扫描target目标,创建完成后会展示已创建的全部target
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[*] ea604ecc-81fd-4e1d-bcc3-6ca46cdb3890
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of targets
ID Name Hosts Max Hosts In Use Comment
-- ---- ----- --------- ------ -------
609bb6c5-4628-45b9-9ba6-211ac928d4bc office 192.168.3.0/24 254 1
ea604ecc-81fd-4e1d-bcc3-6ca46cdb3890 test 192.168.3.199 1 0 msf
msf > openvas_task_create test 查找好扫描策略、创建好target后我们就可以创建扫描任务了。
[*] Usage: openvas_task_create <name> <comment> <config_id> <target_id>
msf > openvas_task_create test testscanpi daba56c8-73ec-11df-a475-002264764cea ea604ecc-81fd-4e1d-bcc3-6ca46cdb3890
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[*] a4a06d4d-ea02-4aa0-8266-d396a533f1ea
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
306bc008-21e1-4cf1-987a-f8e6b0f0cc19 unnamed Running 2
a4a06d4d-ea02-4aa0-8266-d396a533f1ea test testscanpi New -1
可以看到之前在网页上创建的扫描任务还在执行中,我们再网页上中止该任务。
再次查看task任务清单
msf > openvas_task_list
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
306bc008-21e1-4cf1-987a-f8e6b0f0cc19 unnamed Stopped 2
a4a06d4d-ea02-4aa0-8266-d396a533f1ea test testscanpi New -1
发现之前执行的任务已中止。
msf > openvas_task_start a4a06d4d-ea02-4aa0-8266-d396a533f1ea 执行我们新创建的任务
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[*] <X><authenticate_response status='200' status_text='OK'><role>Admin</role><timezone>UTC</timezone><severity>nist</severity></authenticate_response><start_task_response status='202' status_text='OK, request submitted'><report_id>4766db03-a6e9-4f2d-b13b-464abf012432</report_id></start_task_response></X>
msf > openvas_task_list
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
306bc008-21e1-4cf1-987a-f8e6b0f0cc19 unnamed Stopped 2
a4a06d4d-ea02-4aa0-8266-d396a533f1ea test testscanpi Requested 1
msf > openvas_task_list
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
306bc008-21e1-4cf1-987a-f8e6b0f0cc19 unnamed Stopped 2
a4a06d4d-ea02-4aa0-8266-d396a533f1ea test testscanpi Running 1
观察到任务开始执行
msf > openvas_report_list
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of reports
ID Task Name Start Time Stop Time
-- --------- ---------- ---------
4766db03-a6e9-4f2d-b13b-464abf012432 test 2017-09-22T06:55:20Z
83b98324-d85f-4b05-bbd5-0b4517c7b60c unnamed 2017-09-22T02:12:17Z 2017-09-22T06:52:55Z
msf > openvas_format_list
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS list of report formats
ID Name Extension Summary
-- ---- --------- -------
5057e5cc-b825-11e4-9d0e-28d24461215b Anonymous XML xml Anonymous version of the raw XML report
50c9950a-f326-11e4-800c-28d24461215b Verinice ITG vna Greenbone Verinice ITG Report, v1.0.1.
5ceff8ba-1f62-11e1-ab9f-406186ea4fc5 CPE csv Common Product Enumeration CSV table.
6c248850-1f62-11e1-b082-406186ea4fc5 HTML html Single page HTML report.
77bd6c4a-1f62-11e1-abf0-406186ea4fc5 ITG csv German "IT-Grundschutz-Kataloge" report.
9087b18c-626c-11e3-8892-406186ea4fc5 CSV Hosts csv CSV host summary.
910200ca-dc05-11e1-954f-406186ea4fc5 ARF xml Asset Reporting Format v1.0.0.
9ca6fe72-1f62-11e1-9e7c-406186ea4fc5 NBE nbe Legacy OpenVAS report.
9e5e5deb-879e-4ecc-8be6-a71cd0875cdd Topology SVG svg Network topology SVG image.
a3810a62-1f62-11e1-9219-406186ea4fc5 TXT txt Plain text report.
a684c02c-b531-11e1-bdc2-406186ea4fc5 LaTeX tex LaTeX source file.
a994b278-1f62-11e1-96ac-406186ea4fc5 XML xml Raw XML report.
c15ad349-bd8d-457a-880a-c7056532ee15 Verinice ISM vna Greenbone Verinice ISM Report, v3.0.0.
c1645568-627a-11e3-a660-406186ea4fc5 CSV Results csv CSV result list.
c402cc3e-b531-11e1-9163-406186ea4fc5 PDF pdf Portable Document Format report.
msf > openvas_report_download
[*] Usage: openvas_report_download <report_id> <format_id> <path> <report_name>
msf >