用户投稿上一篇我们已经安装好了 Kali Linux,需要的朋友可以参考一下。
接下来我们要在 Kali Linux 安装 OpenVAS,架构图如下。
Community 与 Enterprise Feed 的差异如下
先检查是否有可用更新并升级
sudo apt updatesudo apt dist-upgradeOpenVAS 安装
相较于透过源代码构建,透过 Kali Linux 安装 OpenVAS 非常简单。
sudo apt install gvmGreenbone 已经将自家的 OpenVAS 改名为 Greenbone Vulnerability Management (GVM),避免与市场上的品牌混淆。
https://greenbone.github.io/docs/latest/background.html#history-of-the-openvas-project
Using the term Greenbone Vulnerability Management (GVM) instead of “OpenVAS framework” for the releases.
接下来的安装过程,我们统一使用 GVM 这个名词。
GVM 会帮我们安装 PostgreSQL 储存用户数据与检验结果,检查服务是否正常运行。
sudo systemctl status postgresql.service sudo systemctl enable postgresql.service● postgresql.service - PostgreSQL RDBMS Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; preset: disabled) Active: active (exited) since Fri 2023-06-09 23:23:10 CST; 5 days ago Main PID: 753 (code=exited, status=0/SUCCESS) CPU: 2msGVM 会帮我们安装 Redis 作为快取使用,检查服务是否正常运行。
sudo systemctl status redis-server@openvas.servicesudo systemctl enable redis-server@openvas.service● redis-server@openvas.service - Advanced key-value store (openvas) Loaded: loaded (/lib/systemd/system/redis-server@.service; enabled; preset: disabled) Active: active (running) since Fri 2023-06-09 23:23:07 CST; 5 days ago Docs: http://redis.io/documentation, man:redis-server(1) Main PID: 696 (redis-server) Status: "Ready to accept connections" Tasks: 5 (limit: 9470) Memory: 263.6M CPU: 18min 51.125s CGroup: /system.slice/system-redis\x2dserver.slice/redis-server@openvas.service └─696 "/usr/bin/redis-server unixsocket:/run/redis-openvas/redis-server.sock"首先要进行 GVM 的初始设定
sudo gvm-setup[>] Starting PostgreSQL service[>] Creating GVM's certificate files[>] Creating PostgreSQL database[*] Creating database user[*] Creating database[*] Creating permissionsCREATE ROLE[*] Applying permissionsGRANT ROLE[*] Creating extension uuid-osspCREATE EXTENSION[*] Creating extension pgcryptoCREATE EXTENSION[*] Creating extension pg-gvmCREATE EXTENSION[>] Migrating database[>] Checking for GVM admin user[*] Creating user admin for gvm[*] Please note the generated admin password[*] User created with password '796f5d2b-7792-43a0-aedb-53e563ef4925'.[*] Configure Feed Import Owner[*] Define Feed Import Owner[>] Updating GVM feeds[*] Updating NVT (Network Vulnerability Tests feed from Greenbone Security Feed/Community Feed)...(略)...[+] GVM feeds updated[*] Checking Default scanner[*] Modifying Default ScannerScanner modified.[+] Done[*] Please note the password for the admin user[*] User created with password '9aceeb89-7cfe-42c6-85bd-c3b9da9ac76a'.[>] You can now run gvm-check-setup to make sure everything is correctly configured请务必记住 admin 的密码,稍后登入页面会使用到。
运行检查指令,确认安装没有问题。
sudo gvm-check-setupgvm-check-setup 22.4.1 Test completeness and readiness of GVM-22.4.1Step 1: Checking OpenVAS (Scanner)... OK: OpenVAS Scanner is present in version 22.4.1. OK: Notus Scanner is present in version 22.4.4. OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.Checking permissions of /var/lib/openvas/gnupg/* OK: _gvm owns all files in /var/lib/openvas/gnupg OK: redis-server is present. OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock. OK: redis-server configuration is OK and redis-server is running. OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf OK: _gvm owns all files in /var/lib/openvas/plugins OK: NVT collection in /var/lib/openvas/plugins contains 85636 NVTs. OK: The notus directory /var/lib/notus/products contains 430 NVTs.Checking that the obsolete redis database has been removed OK: No old Redis DB OK: ospd-OpenVAS is present in version 22.4.6.Step 2: Checking GVMD Manager ... OK: GVM Manager (gvmd) is present in version 22.4.2.Step 3: Checking Certificates ... OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem. OK: Your GVM certificate infrastructure passed validation.Step 4: Checking data ... OK: SCAP data found in /var/lib/gvm/scap-data. OK: CERT data found in /var/lib/gvm/cert-data.Step 5: Checking Postgresql DB and user ... OK: Postgresql version and default port are OK. gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 | | libc | 16435|pg-gvm|10|2200|f|22.4.0|| OK: At least one user exists.Step 6: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 22.04.1~git.Step 7: Checking if GVM services are up and running ... Starting ospd-openvas service Waiting for ospd-openvas service OK: ospd-openvas service is active. Starting gvmd service Waiting for gvmd service OK: gvmd service is active. Starting gsad service Waiting for gsad service OK: gsad service is active.Step 8: Checking few other requirements... OK: nmap is present. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. OK: xsltproc found. WARNING: Your password policy is empty. SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.Step 9: Checking greenbone-security-assistant... OK: greenbone-security-assistant is installedIt seems like your GVM-22.4.1 installation is OK.检查 gvmd 服务是否正常运行
sudo systemctl status gvmdsudo systemctl enable gvmd● gvmd.service - Greenbone Vulnerability Manager daemon (gvmd) Loaded: loaded (/lib/systemd/system/gvmd.service; enabled; preset: disabled) Active: active (running) since Wed 2023-06-14 10:40:43 CST; 1 day 3h ago Docs: man:gvmd(8) Main PID: 156609 (gvmd) Tasks: 1 (limit: 9470) Memory: 686.4M CPU: 9min 23.961s CGroup: /system.slice/gvmd.service └─156609 "gvmd: gvmd: Wa" --osp-vt-update=/run/ospd/ospd.sock --listen-group=_gvm检查 ospd-openvas 服务是否正常运行
sudo systemctl status ospd-openvassudo systemctl enable ospd-openvas● ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas) Loaded: loaded (/lib/systemd/system/ospd-openvas.service; enabled; preset: disabled) Active: active (running) since Wed 2023-06-14 10:40:40 CST; 1 day 3h ago Docs: man:ospd-openvas(8) man:openvas(8) Main PID: 156596 (ospd-openvas) Tasks: 5 (limit: 9470) Memory: 139.2M CPU: 7min 35.265s CGroup: /system.slice/ospd-openvas.service ├─156596 /usr/bin/python3 /usr/bin/ospd-openvas --config /etc/gvm/ospd-openvas.conf --log-config /etc/gvm/ospd-logging.conf └─156599 /usr/bin/python3 /usr/bin/ospd-openvas --config /etc/gvm/ospd-openvas.conf --log-config /etc/gvm/ospd-logging.conf检查 gsad 服务是否正常运行
sudo systemctl status greenbone-security-assistantsudo systemctl enable greenbone-security-assistant● gsad.service - Greenbone Security Assistant daemon (gsad) Loaded: loaded (/lib/systemd/system/gsad.service; enabled; preset: disabled) Active: active (running) since Wed 2023-06-14 10:40:48 CST; 1 day 3h ago Docs: man:gsad(8) https://www.greenbone.net Main PID: 156644 (gsad) Tasks: 5 (limit: 9470) Memory: 42.3M CPU: 7.085s CGroup: /system.slice/gsad.service ├─156644 /usr/sbin/gsad --foreground --listen 0.0.0.0 --port 9392 └─156648 /usr/sbin/gsad --foreground --listen 0.0.0.0 --port 9392手动更新漏洞资料库,需要一点时间等它更新完。
sudo gvm-feed-update[>] Updating GVM feeds[*] Updating NVT (Network Vulnerability Tests feed from Greenbone Security Feed/Community Feed)...(略)...[*] Updating GVMD Data...(略)...[*] Updating Scap Data...(略)...[*] Updating Cert Data...(略)...[+] GVM feeds updated预设 gsad 只会监听本机 9392 埠号,只能从本机登入 GVM。
netstat -tnpl | grep LISTEN(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:1883 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN - tcp6 0 0 ::1:6010 :::* LISTEN - tcp6 0 0 ::1:1883 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:5432 :::* LISTEN - 浏览 https://your_gvm_ip:9392 会显示找不到网页,对 127.0.0.1 进行 curl 会发现网页其实是正常运作的。
curl -k https://localhost:9392<!doctype html><html> <head> <link rel="icon" href="/img/favicon.png" type="image/png"/> <title>Greenbone Security Assistant</title> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width,initial-scale=1"> <script type="text/javascript" src="/config.js"></script><script defer="defer" src="/static/js/main.7232151a.js"></script> <link href="/static/css/main.8aca95b1.css" rel="stylesheet"> </head> <body> <div id="app"></div> <div id="portals"></div> </body></html>先关闭 GVM 服务并修改 gsad 服务组态
sudo gvm-stopsudo vi /lib/systemd/system/greenbone-security-assistant.service将 127.0.0.1 改为 0.0.0.0,开放外部登入 OpenVAS。
[Unit]Description=Greenbone Security Assistant daemon (gsad)Documentation=man:gsad(8) https://www.greenbone.netAfter=network.target gvmd.serviceWants=gvmd.service[Service]Type=execUser=_gvmGroup=_gvmRuntimeDirectory=gsadRuntimeDirectoryMode=2775PIDFile=/run/gsad/gsad.pidExecStart=/usr/sbin/gsad --foreground --listen 0.0.0.0 --port 9392Restart=alwaysTimeoutStopSec=10[Install]WantedBy=multi-user.targetAlias=greenbone-security-assistant.service开启 GVM 服务
sudo systemctl daemon-reloadsudo gvm-start确认是否有修改成功
netstat -tnpl | grep LISTEN(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:1883 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9392 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN - tcp6 0 0 ::1:6010 :::* LISTEN - tcp6 0 0 ::1:1883 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:5432 :::* LISTEN -浏览 https://your_gvm_ip:9392 终于正常显示登入页面
预设帐号为 admin 并输入 gvm-check-setup 帮我们产生的密码
[>] Checking for GVM admin user[*] Creating user admin for gvm[*] Please note the generated admin password[*] User created with password '796f5d2b-7792-43a0-aedb-53e563ef4925'.若真的找不到了,可以使用下列指令重置 admin 密码。
sudo runuser -u _gvm -- gvmd --user=admin --new-password=your_new_password登入后画面如下
点选 SecInfo 的页面,错误提示 SCAP 资料库不存在。
手动更新漏洞资料库
sudo gvm-stopsudo runuser -u _gvm -- greenbone-nvt-sync --rsyncsudo runuser -u _gvm -- greenbone-scapdata-sync --rsyncsudo runuser -u _gvm -- greenbone-certdata-sync --rsyncsudo reboot注意 Community 版本对于 Feed 更新做了限制,每次只能执行一个 Sync,否则会暂时封锁来源 IP。
Only one sync per time, otherwise the source ip will be temporarily blocked.
https://forum.greenbone.net/t/how-many-times-i-can-sync-nvts-scapdata-certdata/1978
点选 Administration 的 Feed Status 会发现状态为 Update in progress
等待一些时间,状态就会变成 Current。
似乎是 Community 版本的关係,SCAP 通常不会是最新,只要状态不要是 Too Old 就可以了。
点选 SecInfo 的页面,可以正常显示了。
每天更新漏洞资料库,加入 Crontab 排程。
crontab -e# For example, you can run a backup of all your user accounts# at 5 a.m every week with:# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/# # For more information see the manual pages of crontab(5) and cron(8)# # m h dom mon dow command0 0 * * * sudo gvm-feed-update > /tmp/log/greenbone-feed-update.log 2>&1允许 sudo gvm-feed-update 不用输入密码
sudo -icp /etc/sudoers /root/sudoers.bakvisudo在档案底部添加下列这行即可
your_account_name ALL=(ALL) NOPASSWD: /usr/bin/gvm-feed-update安装的部分到这边就完成了,下一篇我们将介绍如何使用 GVM 进行弱点扫描,感谢收看。
参考文件
https://www.greenbone.net/en/product-comparison/https://greenbone.github.io/docs/latest/https://www.linuxfordevices.com/tutorials/kali-linux/install-openvashttps://systemweakness.com/how-to-install-openvas-gvm-in-kali-linux-2021-4a-61b0ac529aechttps://superuser.com/questions/977331/how-to-make-openvas-listen-on-an-external-interfacehttps://forum.greenbone.net/t/reset-admin-password/4041https://www.greenbone.net/en/feed-comparison/https://forum.greenbone.net/t/how-many-times-i-can-sync-nvts-scapdata-certdata/1978
微信扫一扫打赏
支付宝扫一扫打赏
