openvas-sandbox

Travis (.com) branch:

Deploy openVAS on kali linux

>vagrant init --template scripts/Vagrantfile.erb
>vagrant up vg-kali-02
>vagrant ssh vg-kali-02


apt-get update -y
apt-get upgrade -y
apt-get install -yq gvm
gvm-setup
gvm-start

browse the local host 
“https://127.0.0.1:9392”

>vagrant destroy -f vg-kali-02
>del Vagrantfile

>vagrant init --template scripts/Vagrantfile.erb
>vagrant up "vg-openvas-01"

Login with admin and the password in the script output

total size is 63,121,109  speedup is 1.00
/usr/sbin/openvasmd

ExecStart=/usr/sbin/gsad --foreground --listen=0.0.0.0 --port=9392 --mlisten=0.0.0.0 --mport=9390 --allow-header-host 192.168.22.12

User created with password 'b124cb71-220b-4f0b-8308-005187a3828b'.

check that gsad is running and listening
# netstat -apn | grep LISTEN
# netstat -anp | grep gsad

vagrant@vg-openvas-02:~$ sudo netstat -apn | grep LISTEN
tcp        0      0 127.0.0.1:9390          0.0.0.0:*               LISTEN      889/openvasmd
tcp        0      0 127.0.0.1:9392          0.0.0.0:*               LISTEN      737/gsad
tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN      900/gsad

vagrant@vg-openvas-02:~$ sudo netstat -anp | grep gsad
tcp        0      0 127.0.0.1:9392          0.0.0.0:*               LISTEN      737/gsad
tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN      900/gsad
unix  3      [ ]         STREAM     CONNECTED     18405    737/gsad

vagrant@vg-openvas-02:~$ sudo netstat -anp | grep openvas
tcp        0      0 127.0.0.1:9390          0.0.0.0:*               LISTEN      889/openvasmd
unix  2      [ ACC ]     STREAM     LISTENING     23023    1488/openvassd: Wai  /var/run/openvassd.sock
unix  2      [ ACC ]     STREAM     LISTENING     21878    863/redis-server 12  /var/run/redis-openvas/redis-server.sock
unix  3      [ ]         STREAM     CONNECTED     28186    863/redis-server 12  /var/run/redis-openvas/redis-server.sock
unix  3      [ ]         STREAM     CONNECTED     25910    1488/openvassd: Wai
unix  3      [ ]         STREAM     CONNECTED     20133    889/openvasmd

wget -p http://192.168.22.12
--2019-11-27 16:26:54--  http://192.168.22.12/
Connecting to 192.168.22.12:80... connected.
HTTP request sent, awaiting response... 303 See Other
Location: https://192.168.22.12:9392/login/login.html [following]
--2019-11-27 16:26:54--  https://192.168.22.12:9392/login/login.html
Connecting to 192.168.22.12:9392... connected.
ERROR: cannot verify 192.168.22.12's certificate, issued by ‘C=DE,L=Osnabrueck,O=OpenVAS Users,OU=Certificate Authority for vg-openvas-01’:
 Unable to locally verify the issuer's authority.
   ERROR: certificate common name ‘vg-openvas-01’ doesn't match requested host name ‘192.168.22.12’.
To connect to 192.168.22.12 insecurely, use `--no-check-certificate'.

https://192.168.22.12:9392/login/login.html

# vi /lib/systemd/system/greenbone-security-assistant.service

# systemctl daemon-reload
vagrant@vg-openvas-01:~$ sudo systemctl restart greenbone-security-assistant.service
vagrant@vg-openvas-01:~$ sudo systemctl status greenbone-security-assistant.service

# omp --help

password change
vg-openvas-01:~$ sudo openvasmd --user=admin --new-password=admin

$ sudo openvas-stop
Stopping OpenVas Services
$ sudo openvas-start
Starting OpenVas Services

Web UI
Menu - Configuration - Targets
Menu - Scans - Tasks


Network Targets
    Single IPv4 address: 192.168.300.10
    IPv4 address range in short format: 192.168.200.100-11
    IPv4 address range in long format: 192.168.200.100-192.168.200.110
    IPv4 address range in CIDR notation: 192.168.100.0/24

https://github.com/greenbone/openvas