openvas Package Description

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks’ commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 50,000 in total.

All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).

Source: http://www.openvas.org
OpenVAS Homepage | Kali openvas Repo

  • Author: Greenbone Networks GmbH
  • License: GPL-2+

Tools included in the openvas package

openvas-setup – OpenVAS setup script
root@kali:~# openvas-setup
openvas-feed-update – OpenVAS signature updater
root@kali:~# openvas-feed-update
openvasmd – Manager of the Open Vulnerability Assessment System
root@kali:~# openvasmd -h
Usage:
  openvasmd [OPTION…] - Manager of the Open Vulnerability Assessment System

Help Options:
  -h, --help                                   Show help options

Application Options:
  --backup                                     Backup the database.
  --check-alerts                               Check SecInfo alerts.
  -d, --database=<file/name>                   Use <file/name> as database for SQLite/Postgres.
  --disable-cmds=<commands>                    Disable comma-separated <commands>.
  --disable-encrypted-credentials              Do not encrypt or decrypt credentials.
  --disable-password-policy                    Do not restrict passwords to the policy.
  --disable-scheduling                         Disable task scheduling.
  --create-user=<username>                     Create admin user <username> and exit.
  --delete-user=<username>                     Delete user <username> and exit.
  --get-users                                  List users and exit.
  --create-scanner=<scanner>                   Create global scanner <scanner> and exit.
  --modify-scanner=<scanner-uuid>              Modify scanner <scanner-uuid> and exit.
  --scanner-name=<name>                        Name for --modify-scanner.
  --scanner-host=<scanner-host>                Scanner host for --create-scanner and --modify-scanner. Default is /var/run/openvassd.sock.
  --otp-scanner=<unixsocket>                   Path to scanner unix socket file. Used by --rebuild and --update
  --scanner-port=<scanner-port>                Scanner port for --create-scanner and --modify-scanner. Default is 9391.
  --scanner-type=<scanner-type>                Scanner type for --create-scanner and --mdoify-scanner. Either 'OpenVAS' or 'OSP'.
  --scanner-ca-pub=<scanner-ca-pub>            Scanner CA Certificate path for --[create|modify]-scanner.
  --scanner-key-pub=<scanner-key-public>       Scanner Certificate path for --[create|modify]-scanner.
  --scanner-key-priv=<scanner-key-private>     Scanner private key path for --[create|modify]-scanner.
  --verify-scanner=<scanner-uuid>              Verify scanner <scanner-uuid> and exit.
  --delete-scanner=<scanner-uuid>              Delete scanner <scanner-uuid> and exit.
  --get-scanners                               List scanners and exit.
  -f, --foreground                             Run in foreground.
  --inheritor=<username>                       Have <username> inherit from deleted user.
  -a, --listen=<address>                       Listen on <address>.
  --listen2=<address>                          Listen also on <address>.
  --listen-owner=<string>                      Owner of the unix socket
  --listen-group=<string>                      Group of the unix socket
  --listen-mode=<string>                       File mode of the unix socket
  --max-ips-per-target=<number>                Maximum number of IPs per target.
  --max-email-attachment-size=<number>         Maximum size of alert email attachments, in bytes.
  --max-email-include-size=<number>            Maximum size of inlined content in alert emails, in bytes.
  -m, --migrate                                Migrate the database and exit.
  --modify-setting=<uuid>                      Modify setting <uuid> and exit.
  --encrypt-all-credentials                    (Re-)Encrypt all credentials.
  --new-password=<password>                    Modify user's password and exit.
  --optimize=<name>                            Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, cleanup-result-severities, cleanup-schedule-times, rebuild-report-cache or update-report-cache.
  -p, --port=<number>                          Use port number <number>.
  --port2=<number>                             Use port number <number> for address 2.
  --progress                                   Display progress during --rebuild and --update.
  --rebuild                                    Rebuild the NVT cache and exit.
  --role=<role>                                Role for --create-user and --get-users.
  -u, --update                                 Update the NVT cache and exit.
  -c, --unix-socket=<filename>                 Listen on UNIX socket at <filename>.
  --user=<username>                            User for --new-password.
  --gnutls-priorities=<priorities-string>      Sets the GnuTLS priorities for the Manager socket.
  --dh-params=<file>                           Diffie-Hellman parameters file
  --value=<value>                              Value for --modify-setting.
  -v, --verbose                                Has no effect.  See INSTALL for logging config.
  --version                                    Print version and exit.
openvas-manage-certs – Manage certificate infrastructure for an OpenVAS installation
root@kali:~# openvas-manage-certs -h
Usage:
  /usr/bin/openvas-manage-certs [OPTION] - Manage certificate infrastructure for an OpenVAS installation

Options:
  -h             Print help
  -a             Automatically set up default infrastructure for OpenVAS
  -V             Verify existing OpenVAS certificate infrastructure
  -C             Create a certificate authority (CA)
  -I             Install a CA certificate
  -R             Create a certificate request for a CA
  -r             Create a certificate request
  -c             Create a certificate request and sign it
  -i             Install a certificate
  -S             Sign a certificate request
  -f             Force overwriting of existing files

Certificate options:
  -E             Create a server certificate
  -L             Create a client certificate
  -A             Skip CA generation in automatic mode

Output control:
  -d             Print debug output
  -v             Print verbose messages
  -q             Be quiet, only print error messages

Configuration:
  -e <file>      Read configuration from <file>

All certificate generation options can be set either through the configuration
  file or through environment variables like the following:

  OPENVAS_CERTIFICATE_LIFETIME   Days until the certificate will expire
  OPENVAS_CERTIFICATE_HOSTNAME   Name to use for the certificate
  OPENVAS_CERTIFICATE_SIGNALG    Hash algorithm to use for signing

  OPENVAS_CERTIFICATE_KEYSIZE    Size in bits of the generated key
  or
  OPENVAS_CERTIFICATE_SECPARAM   GnuTLS security level [low|medium|high|ultra]

  OPENVAS_CERT_DIR               Directory where keys and certificates are stored
                                 before installation

  OPENVAS_CERT_PREFIX            Prefix for certificate filename (e.g. "server")

For a complete list of options, please refer to the documentation.
openvas-migrate-to-postgres – Migrate Manager database from SQLite3 to Postgres
root@kali:~# openvas-migrate-to-postgres --help
/usr/sbin/openvas-migrate-to-postgres: Migrate Manager database from SQLite3 to Postgres
 --help     display this help
 --selftest perform self-test
 --version  display version
openvas-portnames-update – Update port names data from a port names XML file
root@kali:~# openvas-portnames-update
Update port names data from a port names XML file.

Currently supports the official IANA Services Names list.
In order to update the DB, download the port names list and
provide its path as an argument to this script.
 $ wget http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
 $ openvas-portnames-update service-names-port-numbers.xml
 $ rm service-names-port-numbers.xml
openvassd – Scanner of the Open Vulnerability Assessment System
root@kali:~# openvassd -h
Usage:
  openvassd [OPTION?] - Scanner of the Open Vulnerability Assessment System

Help Options:
  -h, --help                       Show help options

Application Options:
  -V, --version                    Display version information
  -f, --foreground                 Do not run in daemon mode but stay in foreground
  -c, --config-file=<filename>     Configuration file
  -s, --cfg-specs                  Print configuration settings
  -y, --sysconfdir                 Print system configuration directory (set at compile time)
  -C, --only-cache                 Exit once the NVT cache has been initialized or updated
  --unix-socket=<filename>         Path of unix socket to listen on
  --listen-owner=<string>          Owner of the unix socket
  --listen-group=<string>          Group of the unix socket
  --listen-mode=<string>           File mode of the unix socket
  --gnupg-home=<directory>         Gnupg home directory

openvas Usage Examples

Before trying to do anything with OpenVAS, you must first run the setup script, appropriately named openvas-setup. At the end of the (very long) setup process, the automatically created password will be displayed to you. Save the password somewhere safe.

root@kali:~# openvas-setup
ERROR: Directory for keys (/var/lib/openvas/private/CA) not found!
ERROR: Directory for certificates (/var/lib/openvas/CA) not found!
ERROR: CA key not found in /var/lib/openvas/private/CA/cakey.pem
ERROR: CA certificate not found in /var/lib/openvas/CA/cacert.pem
ERROR: CA certificate failed verification, see /tmp/tmp.YpvirUZgxc/openvas-manage-certs.log for details. Aborting.

ERROR: Your OpenVAS certificate infrastructure did NOT pass validation.
       See messages above for details.
Generated private key in /tmp/tmp.XwwD8IOl5u/cakey.pem.
Generated self signed certificate in /tmp/tmp.XwwD8IOl5u/cacert.pem.
Installed private key to /var/lib/openvas/private/CA/cakey.pem.
Installed certificate to /var/lib/openvas/CA/cacert.pem.
Generated private key in /tmp/tmp.XwwD8IOl5u/serverkey.pem.
Generated certificate request in /tmp/tmp.XwwD8IOl5u/serverrequest.pem.

...

znc_detect.nasl
znc_detect.nasl.asc
zone_alarm_local_dos.nasl
zone_alarm_local_dos.nasl.asc
OpenVAS community feed server - http://www.openvas.org/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be blocked.

receiving incremental file list
./
COPYING
          1,493 100%    1.42MB/s    0:00:00 (xfr#1, to-chk=84/86)
COPYING.asc
            181 100%  176.76kB/s    0:00:00 (xfr#2, to-chk=83/86)
nvdcve-2.0-2002.xml

...

sha1sums
          2,002 100%    2.34kB/s    0:00:00 (xfr#33, to-chk=2/36)
timestamp
             13 100%    0.02kB/s    0:00:00 (xfr#34, to-chk=1/36)
timestamp.asc
            181 100%    0.21kB/s    0:00:00 (xfr#35, to-chk=0/36)

sent 719 bytes  received 41,272,464 bytes  398,774.71 bytes/sec
total size is 41,260,051  speedup is 1.00
/usr/sbin/openvasmd
User created with password 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx'.

After the setup completes, you will find two listening TCP ports: 9390 and 9392. Port 9392 is likely the one of most interest to you as it is the web interface for OpenVAS. You can open the web interface using your browser of choice.

root@kali:~# ss -lnt4
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN     0      128     127.0.0.1:9390                        *:*                  
LISTEN     0      128     127.0.0.1:9392                        *:*

root@kali:~# firefox https://127.0.0.1:9392

Despite reminding people to save the default password generated during setup, it still sometimes gets misplaced. Fortunately, the “openvasmd” utility can be used to create and remove users as well as reset their passwords.

root@kali:~# openvasmd --create-user=dookie
User created with password 'yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyy'.
root@kali:~# openvasmd --get-users
admin
dookie
root@kali:~# openvasmd --user=dookie --new-password=s3cr3t
root@kali:~# openvasmd --user=admin --new-password=sup3rs3cr3t

OpenVAS signatures can be updated with the “openvas-feed-update” utility.

root@kali:~# openvas-feed-update
Updating OpenVas Feeds
OpenVAS community feed server - http://www.openvas.org/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
...

Verify the certificates that are configured for OpenVAS.

root@kali:~# openvas-manage-certs -V
OK: Directory for keys (/var/lib/openvas/private/CA) exists.
OK: Directory for certificates (/var/lib/openvas/CA) exists.
OK: CA key found in /var/lib/openvas/private/CA/cakey.pem
OK: CA certificate found in /var/lib/openvas/CA/cacert.pem
OK: CA certificate verified.
OK: Certificate /var/lib/openvas/CA/servercert.pem verified.
OK: Certificate /var/lib/openvas/CA/clientcert.pem verified.

OK: Your OpenVAS certificate infrastructure passed validation.
Menu