KALI – How to Install OpenVAS on Kali Debian Linux – The Visual Guide

31/08/2013

OpenVAS is an alternative to the Nessus scanner.

Step 1 – Download the Plugins for OpenVAS

Applications > Kali > Vulnerability Analysis

OpenVAS > Initial Setup

OpenVAS will now download all the plugins required (a few minutes)

openvas1 plugins

The default user id is admin.

Enter a password.

******

Step 2 – Iceweasel Local Host – Port 9392

Iceweasel

https://127.0.0.1:9392

or

https://localhost:9392

I Understand the risks

openvas2 port 9392

Confirm Security Exception

openvas3 add security exceptionNote:

If you can’t connect under local host, then go

Edit > Preferences

Advanced Tab

View Certificates

advanced preferences

Look for the OpenVAS self signed certificate and delete it.  Then go through adding the exception for Openvas 9392.

******

Step 3 – OpenVAS Login Box

openvas4 greenbone login screenDefault username = admin

Password (whatever you entered during setup)

******

OpenVAS Security Assistant screen (Hermione Granger wizard appears)

openvas5 security asst screen******

Step 4 – Update your Vulnerability Database Feeds

Administration > NVT Feed > Synchronise with Feed Now

nvt feedThis step is critical.  if you do not update the vulnerability database feeds, it will generate errors later on.

Administration > NVT Feed

Administration  > SCAP Database Feed (these are xml files for the reports)

Administration > Cert Feed

*******

Add Users

Administration > Users

Add Users

add users

*******

Step 5 – Set Targets to Scan

Configuration > Targets

Localhost will be there by default.

Add your router as a target eg 192.168.1.1 or 192.168.1.254

configure targets

Look for the Blue box with a White star – click the  star

White star = New Target

star

Viola…

new targetEnter IP of Router, and port options (eg all TCP)

Create Target Button

router scanscan set

*****

Step 6 – Create a Task

Scan Management >  New Task

new task

Home Router scan

Create Task Button

Scan Config = Full and Fast

new task completed

NEW STATUS (Green)

tasks set

Green Arrow to Run this new task

actions

******

Step 7 – To watch LIVE

Set No Refresh dropdown box – to 30 seconds

refresh*****

Errors & Solutions

1. Kali > Vulnerability Analysis > OpenVAS > OpenVAS Check Setup  = may report what’s wrong and how to fix it.

2. Login failed. OMP service is down. (Not enough in NVT Feed)

Administration > NVT Feed

openvasmd –rebuild

openvasmd –update

openvasmd –migrate

******

KALI – How to install NESSUS on Kali – The Visual Guide

http://uwnthesis.wordpress.com/2013/07/31/kali-how-to-install-nessus-on-kali/

*****

KALI – How to easily install FLASH, JAVA, NAUTILUS, METASPLOIT, ETTERCAP & OPENVAS- LAZY KALI SCRIPT – The Visual Guide

http://uwnthesis.wordpress.com/2013/07/31/kali-how-to-easily-update-kali-lazy-kali-script/

*****

KALI – How to use SQLMAP for SQL Injection, to find Admin Password

https://uwnthesis.wordpress.com/2014/02/01/kali-linux-how-to-hack-use-sqlmap-for-auto-sql-injection-find-website-admin-password/