OpenVas – Open Vulnerability Assessment System Notes

OpenVas – Open Vulnerability Assessment System Notes

In this post I have added practical notes of OpenVas as a software developer point of view.

To Understand OpenVas little deeper for vulnerability assessment :

OpenVas Course by David Clinton at PluralSight
OpenVas Course by David Clinton at PluralSight

https://app.pluralsight.com/library/courses/openvas-network-vulnerability-scanning/table-of-contents

About :

Network Vulnerability Scanning with OpenVAS

Before launching a penetration testing session, you must first assess the target network and its compute resources for known vulnerabilities. The OpenVAS suite is built to perform complete and effective vulnerability scans. Learn how it’s done.
David Clinton

Openvas Management Scripts

https://github.com/kurobeats/OpenVas-Management-Scripts

OpenVas-Setup-Script-Output
OpenVas-Setup-Script-Output
OpenVas-Stop-Start-Scripts-Example
OpenVas-Stop-Start-Scripts-Example

Test If OpenVas Running on your system

ps -eaf | grep openvas

Test if OpenVas is running
Test if OpenVas is running

 

Man pages of OpenVas Daemons

Type man openvassd or man openvasmd

openvassd – openvassd – The Scanner of the Open Vulnerability Assessment System (OpenVAS)

openvasmd –  Manager daemon of the Open Vulnerability Assessment System (OpenVAS)

gsad – Greenbone Security Assistant for the Open Vulnerability Assessment System (OpenVAS)

openvassd – configuration file located at : /etc/openvas/openvassd.conf

Some commands :

root@eSumitCode3Unit10Sep2017:/etc/default# openvasmd –get-scanners
08b69003-5fc2-4037-a479-93b440211c73 OpenVAS Default
root@eSumitCode3Unit10Sep2017:/etc/default#
root@eSumitCode3Unit10Sep2017:/etc/default# openvasmd –get-users
admin

 

OpenVas Configuration Files Locations

Path on Ubuntu : /etc/openvas

OpenVas Configuration Files Locations
OpenVas Configuration Files Locations

 

OpenVas Database Location

Location of Tasks.DB database /var/lib/openvas/mgr

Sqlite3

Sqlite3 to use to open the tasks.db on the below location.

  • To Install SQLITE3 did the following :
  • sudo add-apt-repository ppa:jonathonf/backports
  • sudo apt-get update && sudo apt-get install sqlite3

Commands to use sqlite3:

root@ubuntu-2gb-blr1-01:/var/lib/openvas/mgr# sqlite3 tasks.db  // it will open tasks.db database;
 SQLite version 3.19.3 2017-06-08 14:26:16
 Enter ".help" for usage hints.
 sqlite> .help  -- would show all help

sqllite>.tables  -- would show all tables;

sqlite>select * from results; -- would show results on this table;

sqllite>.quit --toquit

sqlite> Select * from users;
 1|64f62c8a-db69-4e80-b96c-e44d4a297490||admin||a2b1fb9a212786cc994cba52518673c3 01eb7c26c9ec8af484d6d3389eb0b6c4|||0||0|file|1488986943|1488986943
 sqlite>
OpenVas SqlLite3 Database
OpenVas SqlLite3 Database

Use any SQLite tool and open the OpenVas Database

OpenVas Database
OpenVas Database

How to Install OpenVas on Ubuntu 16.04 ?

esumit@esumit-VirtualBox:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial

Installation Steps :

https://www.vultr.com/docs/how-to-install-openvas-vulnerability-scanner-on-ubuntu-16-04

OpenVAS developers provide a handy tool called openvas-check-setup to check the state of your OpenVAS installation. See below link to Install :

http://www.openvas.org/setup-and-start.html

Make sure that installation done fine :

Follow as usual steps are given in the above link , If on opening the green bone agent from command line ( default password admin,admin) doesn’t show the NVTs then do openvasmd –rebuild , and then it should show the Greenbone agent screen like below.

Check NVT Syncup for OpenVas
Check NVT Syncup for OpenVas

command line should show below :

root@ubuntu-2gb-blr1-01:~# ps -eaf | grep openvas
root 1498 1 0 Sep21 ? 00:02:30 openvasmd
root 1500 1 0 Sep21 ? 00:05:37 openvassd: Waiting for incoming connections
root 7340 27020 0 18:03 pts/2 00:00:00 grep --color=auto openvas

OpenVas Find Command

find / -name “openvas*”

root@ubuntu-2gb-blr1-01:/var/log/openvas# find / -name "openvas*"
/run/openvasmd.pid
/run/openvassd.pid
/run/systemd/generator.late/openvas-gsa.service
/run/systemd/generator.late/openvas-scanner.service
/run/systemd/generator.late/openvas-manager.service
/run/systemd/generator.late/graphical.target.wants/openvas-gsa.service
/run/systemd/generator.late/graphical.target.wants/openvas-scanner.service
/run/systemd/generator.late/graphical.target.wants/openvas-manager.service
/run/systemd/generator.late/multi-user.target.wants/openvas-gsa.service
/run/systemd/generator.late/multi-user.target.wants/openvas-scanner.service
/run/systemd/generator.late/multi-user.target.wants/openvas-manager.service
find: ‘/proc/9919’: No such file or directory
find: ‘/proc/9921’: No such file or directory
find: ‘/proc/9922’: No such file or directory
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/devices/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/pids/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/blkio/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/cpu,cpuacct/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/memory/system.slice/openvas-manager.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-scanner.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-gsa.service
/var/lib/lxcfs/cgroup/name=systemd/system.slice/openvas-manager.service
/var/lib/openvas
/var/lib/openvas/openvasmd
/var/lib/openvas/plugins/2011/openvas_tcp_scanner.nasl
/var/lib/openvas/plugins/2011/openvas_tcp_scanner.nasl.asc
/var/lib/dpkg/info/openvas-manager.md5sums
/var/lib/dpkg/info/openvas.md5sums
/var/lib/dpkg/info/openvas-scanner.postrm
/var/lib/dpkg/info/openvas-gsa.postrm
/var/lib/dpkg/info/openvas-scanner.config
/var/lib/dpkg/info/openvas-gsa.postinst
/var/lib/dpkg/info/openvas-gsa.list
/var/lib/dpkg/info/openvas.list
/var/lib/dpkg/info/openvas-manager.postrm
/var/lib/dpkg/info/openvas-gsa.prerm
/var/lib/dpkg/info/openvas-scanner.postinst
/var/lib/dpkg/info/openvas-manager.prerm
/var/lib/dpkg/info/openvas-manager.conffiles
/var/lib/dpkg/info/openvas-cli.md5sums
/var/lib/dpkg/info/openvas-cli.list
/var/lib/dpkg/info/openvas-scanner.templates
/var/lib/dpkg/info/openvas-scanner.list
/var/lib/dpkg/info/openvas-manager.postinst
/var/lib/dpkg/info/openvas-scanner.conffiles
/var/lib/dpkg/info/openvas-manager.list
/var/lib/dpkg/info/openvas-scanner.md5sums
/var/lib/dpkg/info/openvas-gsa.md5sums
/var/lib/dpkg/info/openvas-gsa.conffiles
/var/lib/dpkg/info/openvas-scanner.prerm
/var/cache/openvas
/var/cache/openvas/2011/openvas_tcp_scanner.nasl.nvti
/var/log/openvas
/var/log/openvas/openvassd.dump
/var/log/openvas/openvassd.messages
/var/log/openvas/openvasmd.log
/var/log/openvas/openvassd.log
/sys/fs/cgroup/devices/system.slice/openvas-scanner.service
/sys/fs/cgroup/devices/system.slice/openvas-gsa.service
/sys/fs/cgroup/devices/system.slice/openvas-manager.service
/sys/fs/cgroup/pids/system.slice/openvas-scanner.service
/sys/fs/cgroup/pids/system.slice/openvas-gsa.service
/sys/fs/cgroup/pids/system.slice/openvas-manager.service
/sys/fs/cgroup/blkio/system.slice/openvas-scanner.service
/sys/fs/cgroup/blkio/system.slice/openvas-gsa.service
/sys/fs/cgroup/blkio/system.slice/openvas-manager.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-scanner.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-gsa.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/openvas-manager.service
/sys/fs/cgroup/memory/system.slice/openvas-scanner.service
/sys/fs/cgroup/memory/system.slice/openvas-gsa.service
/sys/fs/cgroup/memory/system.slice/openvas-manager.service
/sys/fs/cgroup/systemd/system.slice/openvas-scanner.service
/sys/fs/cgroup/systemd/system.slice/openvas-gsa.service
/sys/fs/cgroup/systemd/system.slice/openvas-manager.service
/etc/init.d/openvas-gsa
/etc/init.d/openvas-scanner
/etc/init.d/openvas-manager
/etc/openvas
/etc/openvas/openvasmd_log.conf
/etc/openvas/openvassd.conf
/usr/sbin/openvassd
/usr/sbin/openvas-migrate-to-postgres
/usr/sbin/openvas-scapdata-sync
/usr/sbin/openvasmd
/usr/sbin/openvas-certdata-sync
/usr/sbin/openvas-nvt-sync
/usr/sbin/openvas-mkcert
/usr/sbin/openvas-portnames-update
/usr/share/doc/openvas-cli
/usr/share/doc/openvas-gsa
/usr/share/doc/openvas-scanner
/usr/share/doc/openvas
/usr/share/doc/openvas-manager
/usr/share/nmap/scripts/openvas-otp-brute.nse
/usr/share/man/man1/openvas-nasl.1.gz
/usr/share/man/man1/openvas-mkcert-client.1.gz
/usr/share/man/man8/openvasmd.8.gz
/usr/share/man/man8/openvassd.8.gz
/usr/share/man/man8/openvas-nvt-sync.8.gz
/usr/share/man/man8/openvas-mkcert.8.gz
/usr/share/openvas
/usr/share/openvas/openvas-lsc-rpm-creator.sh
/usr/share/openvas/openvasmd
/usr/bin/openvas-mkcert-client
/root/work/openvas-check-setup
root@ubuntu-2gb-blr1-01:/var/log/openvas# find / -name "openvas*"

Latest OpenVas

Refer : http://www.openvas.org/protocol-doc.html

 OMP Version 7.0 : http://docs.greenbone.net/API/OMP/omp-7.0.html

References :

https://www.cb-net.co.uk/linux/installing-openvas-and-greenbone-security-assistant-deployment-on-debian-8-jessie/

https://csrc.nist.gov/

https://csrc.nist.gov/topics


Developers Site : http://wald.intevation.org/projects/openvas/

Openvassd Conf File : https://forums.kali.org/showthread.php?21891-openvassd-conf-location-no-file

SQLLite commands : https://sqlite.org/cli.html

Pause Command : http://openvas-discuss.wald.intevation.narkive.com/KQ1rpK2P/why-openvas-does-not-resume-scans-properly

How to restart a stopped task in omp cli : http://lists.wald.intevation.org/pipermail/openvas-discuss/2016-October/010162.html

Advanced Configurations Server : http://www.openvas.org/compendium/advanced-configuration-server.html
OpenVas CLI http://www.openvas.org/src-doc/openvas-cli/index.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s