KALI – How to Install OPENVAS Scanner and kick start her – The Visual Guide
OpenVAS is an amazing scanner, she is also difficult and bitchy to install. If you change the hostname of your machine, the certificates won’t function. This post is to address getting OpenVAS to work when she’s in an angry mood. And she’s not pretty.
Step 1 – KALI Commands
Applications > Kali > Vulnerability Analysis > OpenVAS > OpenVAS setup
This may work, but it’s very likely that the Admin account won’t function, or the browser won’t allow you to connect due to certification issues. So here’s what you do next.
Step 2 – The Unknown OpenVAS commands to kick start her – ROOT TERMINAL
(as user root, only once)
echo “deb http://download.opensuse.org/repositories/security:/OpenVAS:/UNSTABLE:/v6/Debian_7.0/ ./” >> /etc/apt/sources.list
apt-key add ./Release.key
sudo apt-get update
Step 3: Reinstall all the Managers and Databases
(as user root, only once)
apt-get -y install greenbone-security-assistant openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc rsync
To install report generation
apt-get -y install texlive-latex-base texlive-latex-extra texlive-latex-recommended htmldoc
To install support for autogenerated LSC credential packages:
apt-get -y install alien rpm nsis fakeroot
Step 4 – REGENERATE ALL THOSE TRICKY CERTS THAT KEEP BLOCKING YOU OUT
Cut and paste these commands into a Root Terminal…. as one whole block of commands, all at one go!!
During the first install you hopefully will be asked to set a password for user “admin”)
**Fingers crossed that you get asked for an Admin password – cos we’re in BIG trouble if it doesn’t. No pressure.
Copy and paste the whole block into a Root Terminal.
test -e /var/lib/openvas/CA/cacert.pem || openvas-mkcert -q openvas-nvt-sync test -e /var/lib/openvas/users/om || openvas-mkcert-client -n om -i /etc/init.d/openvas-manager stop /etc/init.d/openvas-scanner stop openvassd openvasmd –rebuild openvas-scapdata-sync openvas-certdata-sync test -e /var/lib/openvas/users/admin || openvasad -c add_user -n admin -r Admin killall openvassd sleep 15 /etc/init.d/openvas-scanner start /etc/init.d/openvas-manager start /etc/init.d/openvas-administrator restart /etc/init.d/greenbone-security-assistant restart
Step 5 – Open the Browser – did you get a login prompt??
Admin & your selected password
That’s it!! You’re in.
Or maybe not. Often OpenVAS fails to give you this login prompt. So what to do now?
Now we KICKSTART her, with LazyKali.
LazyKali is ROCK SOLID and flawless in execution. 10/10.
The LazyKali script – will kick start OpenVAS services. We use Option 3, then Option 1.
Option 3 – OpenVAS
Option 1 = START OpenVAS Services – Yay!!
This script is the fastest way to install many hacking tools that Kali doesn’t include. You MUST use this script and the additional tools offered, as they offer the HackPack and wifi jammers – in a rock solid, flawless system.
So now you’ll have the login box appear in your browser, with the OpenVAS services running okay. Leave me a comment if this fails to work for you.
Step 6 – Set up a Target (ie your home network on 192.168.1.1/24)
Configuration > Targets
This screen opens up
Name = Home Router (you label this whatever you’d like)
Manual button = 192.168.1.1/24 (ie your home network)
Port List = a drop down box of OpenVAS default, or TCP Only or various drop down port options
Create Target (notice the button on the bottom Right hand side – click this to create the target IP range).
Step 7 – Create the Scan
Scan Management (top Left hand side) > New Task
The new task screen will appear
Notice that the “home network” target will now be listed in this screen
Scan config = Full and Fast (use the drop down list for more aggressive options)
Scan Targets = Home Network – there she is!! You’ve just created her.
CREATE BUTTON (Remember that OpenVAS put all their CREATE buttons on the bottom Right hand side)
Step 8 – Scan will Start
Whilst still running OpenVAS will allow you to view the status of threats detected. Click on the number under each category – this is a link to more detail.
If you select on the number again, you drill down further into more information. OpenVAS is powerful, you just have to learn to drive her. Like a Formula 1 car… she’s tricky to handle, but awesome once you’ve got her going at full throttle.
Notice the download options on the far right… PDF, HTML etc.
Downloading the report in HTML format
Hiccups & Solutions
Forgotten your OpenVAS Admin password?
The solution is to create a new admin account.
openvasad -c add_user -u your_new_login_here -r Admin
Create a new admin account > you can now reset your original Admin password.
Other Linux distributions
LazyKali Script – For HackPack and Wifi Jammers