In this post I have added practical notes of OpenVas as a software developer point of view.

To Understand OpenVas little deeper for vulnerability assessment :

https://app.pluralsight.com/library/courses/openvas-network-vulnerability-scanning/table-of-contents

About :

Network Vulnerability Scanning with OpenVAS

Before launching a penetration testing session, you must first assess the target network and its compute resources for known vulnerabilities. The OpenVAS suite is built to perform complete and effective vulnerability scans. Learn how it’s done.
David Clinton

Openvas Management Scripts

https://github.com/kurobeats/OpenVas-Management-Scripts

Test If OpenVas Running on your system

ps -eaf | grep openvas

Man pages of OpenVas Daemons

Type man openvassd or man openvasmd

openvassd – openvassd – The Scanner of the Open Vulnerability Assessment System (OpenVAS)

openvasmd –  Manager daemon of the Open Vulnerability Assessment System (OpenVAS)

gsad – Greenbone Security Assistant for the Open Vulnerability Assessment System (OpenVAS)

openvassd – configuration file located at : /etc/openvas/openvassd.conf

Some commands :

root@eSumitCode3Unit10Sep2017:/etc/default# openvasmd –get-scanners
08b69003-5fc2-4037-a479-93b440211c73 OpenVAS Default
root@eSumitCode3Unit10Sep2017:/etc/default#
root@eSumitCode3Unit10Sep2017:/etc/default# openvasmd –get-users
admin

OpenVas Configuration Files Locations

Path on Ubuntu : /etc/openvas

OpenVas Database Location

Location of Tasks.DB database /var/lib/openvas/mgr

Sqlite3

Sqlite3 to use to open the tasks.db on the below location.

• To Install SQLITE3 did the following :
• sudo add-apt-repository ppa:jonathonf/backports
• sudo apt-get update && sudo apt-get install sqlite3

Commands to use sqlite3:

root@ubuntu-2gb-blr1-01:/var/lib/openvas/mgr# sqlite3 tasks.db  // it will open tasks.db database;
 SQLite version 3.19.3 2017-06-08 14:26:16
 Enter ".help" for usage hints.
 sqlite> .help  -- would show all help

sqllite>.tables  -- would show all tables;

sqlite>select * from results; -- would show results on this table;

sqllite>.quit --toquit

sqlite> Select * from users;
 1|64f62c8a-db69-4e80-b96c-e44d4a297490||admin||a2b1fb9a212786cc994cba52518673c3 01eb7c26c9ec8af484d6d3389eb0b6c4|||0||0|file|1488986943|1488986943
 sqlite>

Use any SQLite tool and open the OpenVas Database

 

How to Install OpenVas on Ubuntu 16.04 ?

esumit@esumit-VirtualBox:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial

Installation Steps :

https://www.vultr.com/docs/how-to-install-openvas-vulnerability-scanner-on-ubuntu-16-04

OpenVAS developers provide a handy tool called openvas-check-setup to check the state of your OpenVAS installation. See below link to Install :

http://www.openvas.org/setup-and-start.html

Make sure that installation done fine :

Follow as usual steps are given in the above link , If on opening the green bone agent from command line ( default password admin,admin) doesn’t show the NVTs then do openvasmd –rebuild , and then it should show the Greenbone agent screen like below.

command line should show below :

root@ubuntu-2gb-blr1-01:~# ps -eaf | grep openvas
root 1498 1 0 Sep21 ? 00:02:30 openvasmd
root 1500 1 0 Sep21 ? 00:05:37 openvassd: Waiting for incoming connections
root 7340 27020 0 18:03 pts/2 00:00:00 grep --color=auto openvas

OpenVas Find Command

find / -name “openvas*”

root@ubuntu-2gb-blr1-01:/var/log/openvas# find / -name "openvas*"
/run/openvasmd.pid
/run/openvassd.pid
/run/systemd/generator.late/openvas-gsa.service
/run/systemd/generator.late/openvas-scanner.service
/run/systemd/generator.late/openvas-manager.service
/run/systemd/generator.late/graphical.target.wants/openvas-gsa.service
/run/systemd/generator.late/graphical.target.wants/openvas-scanner.service
/run/systemd/generator.late/graphical.target.wants/openvas-manager.service
/run/systemd/generator.late/multi-user.target.wants/openvas-gsa.service
/run/systemd/generator.late/multi-user.target.wants/openvas-scanner.service
/run/systemd/generator.late/multi-user.target.wants/openvas-manager.service
find: ‘/proc/9919’: No such file or directory
find: ‘/proc/9921’: No such file or directory
find: ‘/proc/9922’: No such file or directory
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-manager.service
/var/lib/openvas
/var/lib/openvas/openvasmd
/var/lib/openvas/plugins/2011/openvas_tcp_scanner.nasl
/var/lib/openvas/plugins/2011/openvas_tcp_scanner.nasl.asc
/var/lib/dpkg/info/openvas-manager.md5sums
/var/lib/dpkg/info/openvas.md5sums
/var/lib/dpkg/info/openvas-scanner.postrm
/var/lib/dpkg/info/openvas-gsa.postrm
/var/lib/dpkg/info/openvas-scanner.config
/var/lib/dpkg/info/openvas-gsa.postinst
/var/lib/dpkg/info/openvas-gsa.list
/var/lib/dpkg/info/openvas.list
/var/lib/dpkg/info/openvas-manager.postrm
/var/lib/dpkg/info/openvas-gsa.prerm
/var/lib/dpkg/info/openvas-scanner.postinst
/var/lib/dpkg/info/openvas-manager.prerm
/var/lib/dpkg/info/openvas-manager.conffiles
/var/lib/dpkg/info/openvas-cli.md5sums
/var/lib/dpkg/info/openvas-cli.list
/var/lib/dpkg/info/openvas-scanner.templates
/var/lib/dpkg/info/openvas-scanner.list
/var/lib/dpkg/info/openvas-manager.postinst
/var/lib/dpkg/info/openvas-scanner.conffiles
/var/lib/dpkg/info/openvas-manager.list
/var/lib/dpkg/info/openvas-scanner.md5sums
/var/lib/dpkg/info/openvas-gsa.md5sums
/var/lib/dpkg/info/openvas-gsa.conffiles
/var/lib/dpkg/info/openvas-scanner.prerm
/var/cache/openvas
/var/cache/openvas/2011/openvas_tcp_scanner.nasl.nvti
/var/log/openvas
/var/log/openvas/openvassd.dump
/var/log/openvas/openvassd.messages
/var/log/openvas/openvasmd.log
/var/log/openvas/openvassd.log
/sys/fs/cgroup/devices/system.slice/openvas-scanner.service
/sys/fs/cgroup/devices/system.slice/openvas-gsa.service
/sys/fs/cgroup/devices/system.slice/openvas-manager.service
/sys/fs/cgroup/pids/system.slice/openvas-scanner.service
/sys/fs/cgroup/pids/system.slice/openvas-gsa.service
/sys/fs/cgroup/pids/system.slice/openvas-manager.service
/sys/fs/cgroup/blkio/system.slice/openvas-scanner.service
/sys/fs/cgroup/blkio/system.slice/openvas-gsa.service
/sys/fs/cgroup/blkio/system.slice/openvas-manager.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-scanner.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-gsa.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-manager.service
/sys/fs/cgroup/memory/system.slice/openvas-scanner.service
/sys/fs/cgroup/memory/system.slice/openvas-gsa.service
/sys/fs/cgroup/memory/system.slice/openvas-manager.service
/sys/fs/cgroup/systemd/system.slice/openvas-scanner.service
/sys/fs/cgroup/systemd/system.slice/openvas-gsa.service
/sys/fs/cgroup/systemd/system.slice/openvas-manager.service
/etc/init.d/openvas-gsa
/etc/init.d/openvas-scanner
/etc/init.d/openvas-manager
/etc/openvas
/etc/openvas/openvasmd_log.conf
/etc/openvas/openvassd.conf
/usr/sbin/openvassd
/usr/sbin/openvas-migrate-to-postgres
/usr/sbin/openvas-scapdata-sync
/usr/sbin/openvasmd
/usr/sbin/openvas-certdata-sync
/usr/sbin/openvas-nvt-sync
/usr/sbin/openvas-mkcert
/usr/sbin/openvas-portnames-update
/usr/share/doc/openvas-cli
/usr/share/doc/openvas-gsa
/usr/share/doc/openvas-scanner
/usr/share/doc/openvas
/usr/share/doc/openvas-manager
/usr/share/nmap/scripts/openvas-otp-brute.nse
/usr/share/man/man1/openvas-nasl.1.gz
/usr/share/man/man1/openvas-mkcert-client.1.gz
/usr/share/man/man8/openvasmd.8.gz
/usr/share/man/man8/openvassd.8.gz
/usr/share/man/man8/openvas-nvt-sync.8.gz
/usr/share/man/man8/openvas-mkcert.8.gz
/usr/share/openvas
/usr/share/openvas/openvas-lsc-rpm-creator.sh
/usr/share/openvas/openvasmd
/usr/bin/openvas-mkcert-client
/root/work/openvas-check-setup
root@ubuntu-2gb-blr1-01:/var/log/openvas# find / -name "openvas*"

 

Latest OpenVas

Refer : http://www.openvas.org/protocol-doc.html

 OMP Version 7.0 : http://docs.greenbone.net/API/OMP/omp-7.0.html

 

References :

https://www.cb-net.co.uk/linux/installing-openvas-and-greenbone-security-assistant-deployment-on-debian-8-jessie/

https://csrc.nist.gov/

https://csrc.nist.gov/topics



Developers Site : http://wald.intevation.org/projects/openvas/

Openvassd Conf File : https://forums.kali.org/showthread.php?21891-openvassd-conf-location-no-file

SQLLite commands : https://sqlite.org/cli.html

Pause Command : http://openvas-discuss.wald.intevation.narkive.com/KQ1rpK2P/why-openvas-does-not-resume-scans-properly

How to restart a stopped task in omp cli : http://lists.wald.intevation.org/pipermail/openvas-discuss/2016-October/010162.html

Advanced Configurations Server : http://www.openvas.org/compendium/advanced-configuration-server.html
OpenVas CLI http://www.openvas.org/src-doc/openvas-cli/index.html

Kali Linux Cheat Sheet – https://comparite.ch/kalics

• Networking Technologies