OpenVAS and Nessus Tutorial

Enviroment

Attack Machine

OS: NTUT-IFM-Kali-2021-custom
IP: 10.99.154.46
AC: kali/kali

Victim Machine

OS: Metasploitable3
IP: 10.99.154.47
AC: vagrant/vagrant

Prepare

Install

sudo apt install docker.io

sudo usermod -aG docker kali

可以用docker version 檢查,如果出現Cannot connect to the Docker daemo. Is the docker daemon running on this host?
這是因為沒有把當下的使用者加入docker群組導致(確認第二個步驟有做到)

OpenVAS

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

三大弱點測試特徵檔案資料庫(NVT、Scap、Cert)

Github

https://github.com/grafana/openvas-docker

Install

sudo docker run -d -p 80:80 --name openvas grafana/openvas

or create Volume

docker volume create openvas

docker run -d -p 80:80 -v openvas:/var/lib/gvm --name openvas grafana/openvas

–detach 在背景執行
–publish 將容器的埠發佈到主機,把主機的8080通訊埠所有流量轉發到web這個Container的9392通訊埠
–name Container名稱
-v 參數,使得 Container 裡面的檔案路徑Mapping 到實體主機的檔案路徑

Update (Option)

sudo docker -it openvas bash

ne-nvt-sync 
greenbone-certdata-sync 
greenbone-scapdata-sync 
systemctl start openvas-scanner 
systemctl start openvas-manager 
openvasmd –update –verbose –progress

How To Use

  1. 先確認STATUS有Up docker ps -al
  2. Firefox登入 127.0.0.1 (admin/admin)
  3. Administration -> Feed Status -> 檢查特徵庫更新
  4. SecInfo -> 確認NVT、CPE、CVE是否有資料
  5. Scans -> Task Wizard (快速魔法棒) or New Task
  6. New Task
  7. Actions -> Play
  8. Click Reports
  9. Download PDF or TXT

Nessus

Nessus is a proprietary vulnerability scanner developed by Tenable, Inc. Tenable.io is a subscription-based service.

Prepare

  1. https://zh-tw.tenable.com/products/nessus/nessus-essentials
  2. Get the Activation Code

Install

docker run --name "container name" -d -p 8834:8834  -e ACTIVATION_CODE=<activation code> -e USERNAME=<username> -e PASSWORD=<password> tenableofficial/nessus 

How To Use

  1. Login https://127.0.0.1:8843
  2. All Scans -> New Scan
  3. Advance Scan
  4. Setting
    • Basic
      • General
        • Name
        • Targets
      • Schedule
      • Notifcations
    • Discovery
      • Host Discovery
      • Port Scanning
        • Fragile Devices
      • Service Discovery
        • SSL/TLS
        • DTLS(資料包傳輸層協定)
    • Assessment
    • Report
    • Advanced
  5. Check Report -> Report PDF

Back To Top
error: 內容被保護 !!