Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

開源資安工具 – 弱點掃描不求人 – OpenVAS

OpenVAS是一套開源弱掃工具,實作CentOS 7上的Docker安裝OpenVAS的過程。

任務目標

合格的駭客除了要具被攻擊技能外,也必須負責防禦等安全強化。
請您使用openVAS進行弱點掃描,以提供後續修補方案。

使用工具

OpenVAS
作者: Greenbone Networks GmbH
載點:https://github.com/greenbone/openvas-scanner or docker https://github.com/mikesplain/openvas-docker
簡介:漏洞掃描和漏洞管理系統。

攻擊環境

安裝主機:CentOS 7

進行演練

Step 1. 此篇已安裝完docker,若還沒裝可以參考此篇。
https://docs.docker.com/engine/install/centos/
使用Mike Splain 製作的images
https://github.com/mikesplain/openvas-docker

Step 2. 請注意這個images預設使用443/tcp、9390/tcp 如果防火牆不開會造成服務不能訪問,因此先設定防火牆,但我的伺服器已使用443 port,為了避開設定成442。

firewall-cmd — zone=public — add-port=442/tcp — permanent 
firewall-cmd — zone=public — add-port=9390/tcp — permanent 
firewall-cmd — reload

Step 3. 啟用container,hostname是安裝的主機IP。

docker run -d -p 443:442 -e PUBLIC_HOSTNAME=192.168.58.119 --name openvas mikesplain/openvas

Step 4. 查看服務有沒有起來

docker ps -a 

Step 5. 在瀏覽器打上 https://192.168.58.119:442 (請注意要更換您設定的IP跟port),帳號密碼預設 admin/admin,另外如果提示:Login failed. Waiting for OMP… 輸入下方程式碼後,重新整理頁面就可以了。

docker exec -it openvas bash
/etc/init.d/openvas-manager start

Step 6. 點選上方的Extra->Feed Status,來看一下弱點測試特徵檔案資料庫。

Step 7. 我寫這篇的時候是邊更新的,所以會看到有些狀態是當前。

Step 8 . 弱點測試特徵檔案資料庫(NVT、Scap、Cert)超過一年沒更新,所以來更新資料庫,回到CentOS 7,輸入以下指令進入OpenVAS 容器內。

docker exec -it openvas bash

Step 9. 輸入以下程式碼

greenbone-nvt-sync 
greenbone-certdata-sync 
greenbone-scapdata-sync 
systemctl start openvas-scanner 
systemctl start openvas-manager 
openvasmd –update –verbose –progress

更新時間有點久,慢慢等歐!

Step 10. 更新完成後回到瀏覽器。

終於可以開始弱掃了(笑),點選Configuration -> target

Step 11. 點左上星星

Step 12. 創建掃描任務 Scans -> Tasks

Step 13. 點星星來創建任務

Step 14. 創建後就開始執行吧!

Step 15. 可以從Scans->Reports來看報告歐

討論

利用 Docker 安裝 openVAS,可以提高安裝成功率(openVAS裝失敗機率挺高的),但最近也有針對docker的攻擊,每一個新技術的到來,防禦能力也必須得到提升才可以呢!

免責聲明

未經事先雙方同意,使用工具攻擊目標是非法的。請遵守當地法律規範。開發者與本作者對此工具不承擔任何責任,也不對任何濫用或損壞負責。

This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period. 

Back To Top
error: 內容被保護 !!
Buy Me A Coffee
歡迎贊助 sectools.tw 讓這個網站更好~!