Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Page 1 sur 5
OpenVAS
De Linuxmemo.
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and
tools offering a comprehensive and powerful vulnerability scanning and vulnerability management
solution.
Sommaire
1 Installation et setup
2 Clients
3 Service
4 Data
5 Metasploit plugin
6 Code status
7 NVT OID
8 Recettes
8.1 Conversion VM
8.2 Import
8.3 Export db Metasploit
8.4 Export db Postgres
9 Bugs
Installation et setup
Step 1: Configure OBS Repository
sudo
sudo
sudo
sudo
|| sudo openvas-mkcert -q
http://linuxmemo.free.fr/index.php?title=OpenVAS
12/06/2015
OpenVAS - Linuxmemo
Page 2 sur 5
Clients
OpenVAS-Client - Obsolte car rest a la version du protocole OMP
/usr/bin/OpenVAS-Client
Service
OpenVAS-Scanner
le scanner OpenVAS
OpenVas-Manager
fonctionnalits pour grer et organiser les rsultats de l'analyse, agit comme une couche entre le scanner OpenVA
http://linuxmemo.free.fr/index.php?title=OpenVAS
12/06/2015
OpenVAS - Linuxmemo
Page 3 sur 5
OpenVAS-Administrator
openvasad
gestion des comptes utilisateur et la gestion des feeds
openvasad --enable-modify-settings -c set_role -u openvas -r Admin
openvasad --enable-modify-settings -c <modify_user> <name>Foobar</name> <password modify="0"> </password> <role>A
Data
NVT's
For online-synchronisation use the command
openvas-nvt-sync
to update your local NVTs with the newest ones from the feed service. The command allows rsync,
wget or curl as transfer method. The feed is usually updated every weekday.
via proxy
If you have newer version of openvas-scanner (3.0.1 or higher). You can do something like this:
http_proxy="http://yourproxy.com:8080"; openvas-nvt-sync --wget
Results
Configs
Metasploit plugin
load openvas
openvas_connect admin pass 127.0.0.1 9390
openvas_help
openvas_target_create <name> <hosts> <comment>
openvas_config_list
openvas_task_create <name> <comment> <config_id> <target_id>
openvas_task_start <id>
openvas_task_list
http://linuxmemo.free.fr/index.php?title=OpenVAS
12/06/2015
OpenVAS - Linuxmemo
Page 4 sur 5
Code status
The OpenVAS manager uses numerical response codes to indicate whether a command issued by the
client could be executed successfully. The response codes are very similar to the response codes used
by HTTP as specified in RFC 2616; a response code in the 2xx range indicates that the command has
been successfully received, understood, and accepted. A response code in the 4xx range indicates
that the command issued could not be executed due to error made by the client. A response in the
5xx range indicates that an error occurred in the manager during the processing of this command.
Responses are expected to include helpful information whenever possible, like the ID of the resulting
report when a task is started. Implementations which transfer OMP using a response-code aware
protocol (e.g. HTTP) might want to consider including this status code in the message generated by
this protocol.
http://www.ietf.org/rfc/rfc2616.txt
NVT OID
Ref: http://openvas.komma-nix.de/
Recettes
Conversion VM
ovftool --lax OpenVAS-6-DEMO-2.0.ova OpenVAS-6-DEMO-2.0.vmx
Import
restriction 4095 hosts maxi
Export db Metasploit
http://linuxmemo.free.fr/index.php?title=OpenVAS
12/06/2015
OpenVAS - Linuxmemo
Page 5 sur 5
Editer le fichier
vim /tmp/msf-db-rhosts-20130413-13479-dsxd0q-0
:%s/\n/,/g
supprimer a dernire ","
puis ajouter les balises xml
Export db Postgres
depuis le shell
su postgres
psql -U postgres -d msf -c "COPY (SELECT hosts.address FROM hosts, services WHERE hosts.id = services.host_id AND
Bugs
Failed to receive data: A TLS packet with unexpected length was received.
Rcupre de http://linuxmemo.free.fr/index.php?title=OpenVAS
Catgories : Logiciel | Securite-outils
Dernire modification de cette page le 19 septembre 2014 11:43.
http://linuxmemo.free.fr/index.php?title=OpenVAS
12/06/2015