PDA

View Full Version : Open Vas Issue



newbie14
08-16-2013, 07:41 AM
Hi all I am very new to kali. I want to use open vas so I first setup and got set the admin password. Next I try to go into web login https://localhost:9392/login/login.html it keep circling. Only once I managed to in and after that never able to go in. So I gone in and run the setup below is what I can see. So what is the best solution here? I have tried to add user but does not work either ?


[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured NVT rsync feed: rsync://feed.openvas.org:/nvt-feed
OpenVAS feed server - http://openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report problems to admin@intevation.de

receiving incremental file list

sent 37 bytes received 1225852 bytes 70050.80 bytes/sec
total size is 168653701 speedup is 137.58
[i] Checking dir: ok
[i] Checking MD5 checksum: ok
Stopping OpenVAS Manager: openvasmd.
Stopping OpenVAS Scanner: openvassd.
All plugins loaded
Starting OpenVAS Scanner: openvassd.
Starting OpenVAS Manager: openvasmd.
Restarting OpenVAS Administrator: openvasad.
Restarting Greenbone Security Assistant: gsad.

zimmaro
08-16-2013, 02:27 PM
hi:)
if this "can help" ?
I 'm try to "test" the "setup-script-openvas"(default) and then loggin in ""web-gui" && ""gsd-gui"" into my kali1.04-live.. everything seems to work!
http://vimeo.com/72486158

newbie14
08-16-2013, 03:21 PM
Dear Zimmaro,
I followed your steps everything is ok. The problem now the web-gui open and I key in my username admin and my password it keep circling and never get to the page. That is my problem.

So I guess each time to run I must press the openvas-setup. I notice now when I start and key in and I saw the terminal shows this


Error: received handshake message out of context
Failed to receive data : A TLS fatal alert has been received.
Error: received handshake message out of context
Failed to send data:sucess

zimmaro
08-16-2013, 05:46 PM
Dear Zimmaro,
I followed your steps everything is ok. The problem now the web-gui open and I key in my username admin and my password it keep circling and never get to the page. That is my problem.

So I guess each time to run I must press the openvas-setup. I notice now when I start and key in and I saw the terminal shows this

sorry but i'm not expert :-(
your " run-setup" is make in ROOT?
if don't solve try to reinstall openvas(--reinstall) & repeat setup-script in root
bye

newbie14
08-16-2013, 06:15 PM
I dont get you when you say run-setup ? What is that and how to run the command, yes all my setup is in root ? I tried openvas --reinstall but gives me openvas:command not found

zimmaro
08-16-2013, 08:00 PM
root = ""root-access"" NO-simple-USER
apt-get install --reinstall openvas #####to reinstall openvas### i don't know if this RESOLVE your problem....try
run setup = click icon openvas-setup
go-away.............

another ACTIVE thread of openvas was here:
http://forums.kali.org/showthread.php?3109-Openvas-Greenbone-Web-Hangs&highlight=openvas
FIRST look this ...maybe ...solved your problem!!!

newbie14
08-17-2013, 04:10 PM
Unfortunately I tried to it say openvas is already the newest version. I even tried the link but when last I tried openvassd start it say the bind() failed : Address already in use. Kind of lost any other thing I should do or help?

uwnthesis
09-01-2013, 12:19 PM
Dear Zimmaro,
I followed your steps everything is ok. The problem now the web-gui open and I key in my username admin and my password it keep circling and never get to the page. That is my problem.

So I guess each time to run I must press the openvas-setup. I notice now when I start and key in and I saw the terminal shows this

Hi Newbie,
I'm stuck at the same point.. and have tried several "fixes" to no avail.

Here's what I've tried... it hasn't helped me, but it may help others diagnose our problem.

Stopping OpenVas Services
Stopping Greenbone Security Assistant: gsad.
Stopping OpenVAS Scanner: openvassd.
Stopping OpenVAS Administrator: openvasad.
Stopping OpenVAS Manager: openvasmd.
root@BVevIKgC:~# /etc/init.d/openvas-scanner start
Starting OpenVAS Scanner: openvassd.
root@BVevIKgC:~# /etc/init.d/openvas-manager start
Starting OpenVAS Manager: openvasmd.
root@BVevIKgC:~# /etc/init.d/openvas-administrator restart
Restarting OpenVAS Administrator: openvasad.
root@BVevIKgC:~# /etc/init.d/greenbone-security-assistant restart
Restarting Greenbone Security Assistant: gsad.
root@BVevIKgC:~# netstat -lnp |grep :9392
tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 7442/gsad
root@BVevIKgC:~# Failed to receive data: A TLS fatal alert has been received.
^C


****
What I see
1. Openvas loads the task - the status goes to orange - states "requested" but the task never runs.
2. when i click on the secinfo management tab i get this errorInternal error: get_many:900 (GSA 4.0.0)

An internal error occurred while getting the filter list. The current list of filters is not available. Diagnostics: Failure to receive response from manager daemon

*****

Have tried this to fix the manager daemon & sync feeds
root@BVevIKgC:~# openvasmd --rebuild
root@BVevIKgC:~# openvasmd --update
root@BVevIKgC:~# openvas-nvt-sync

****
So it looks like the TLS key is the "key" to the problem... bad pun I know.

Does anyone have any workarounds or better still, a fix for our little hiccup?

newbie14
09-01-2013, 12:49 PM
Hi uwnthesis,
Yes hoping someone either from kali can help us and I just stucked and cant move further too bad hope we can help each other but to no avail either.

uwnthesis
09-02-2013, 07:51 AM
Hi Newbie,

I went to Places and put the current openvas in the wastebasket!

Found these instructions from Openvas

*****

Step 1: Configure OBS Repository
(as user root, only once)

echo "deb http://download.opensuse.org/repositories/security:/OpenVAS:/UNSTABLE:/v6/Debian_7.0/ ./" >> /etc/apt/sources.list
wget http://download.opensuse.org/repositories/security:/OpenVAS:/UNSTABLE:/v6/Debian_7.0/Release.key
apt-key add ./Release.key
sudo apt-get update
Step 2: Quick-Install OpenVAS
(as user root, only once)
apt-get -y install greenbone-security-assistant openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc rsync
To install support packages for report generation (downloads around 30 MB of additional packages):
apt-get -y install texlive-latex-base texlive-latex-extra texlive-latex-recommended htmldoc
To install support for autogenerated LSC credential packages:
apt-get -y install alien rpm nsis fakeroot
Step 3: Quick-Start OpenVAS
(copy and paste whole block as user root, during first time you will be asked to set a password for user "admin")
test -e /var/lib/openvas/CA/cacert.pem || openvas-mkcert -q
openvas-nvt-sync
test -e /var/lib/openvas/users/om || openvas-mkcert-client -n om -i
/etc/init.d/openvas-manager stop
/etc/init.d/openvas-scanner stop
openvassd
openvasmd --rebuild
openvas-scapdata-sync
openvas-certdata-sync
test -e /var/lib/openvas/users/admin || openvasad -c add_user -n admin -r Admin
killall openvassd
sleep 15
/etc/init.d/openvas-scanner start
/etc/init.d/openvas-manager start
/etc/init.d/openvas-administrator restart
/etc/init.d/greenbone-security-assistant restart
Step 4: Log into OpenVAS as "admin"
Open https://localhost:9392/.

http://www.openvas.org/install-packages.html#openvas_debian_obs



*****
Step 4 didn't work due to SSL certs errors - Again!!

I can't find any reference as to how to recreate this users and the SSL certs.
Documentation is lacking on the SSL issues.

So resorted to a brand new install.
In order to recreate "admin" the default user and set a password

*****

Kali > Vulnerability > OpenVAS > Initial setup.
This will check that the install is okay.

****

Kali > vulnerability > OpenVas > OpenVAS GSD
Login in here...
127.0.0.1
admin
(your password)

******
Set a new scan against say your router IP.
TASK > New > Config = Click on the Blue Star - now you can select scan config such as "Full and Fast"

Run it - it will probably work in the Desktop version.
Wait for it to complete - to make sure the install is working.

When I went over to iceweasel - after running 2 scans... the security advisor (Hermonine Granger) was running, with all the latest scans. (Confused yet??)

****

This isnt a great solution, it's not elegant, but a full install to regenerate the admin user - in order to reissue the SSL cert is the only solution I could come up with.

Openvas need to publish more documentation on SSL and Certs errors - and fixes. We really need those fixes.

Have fun!

Hcl4Tune
09-02-2013, 11:48 AM
https://localhost:9392/login/login.html never worked for me either, instead i just use https:localhost

Here what I did

openvas-mkcert


openvas-nvt-sync


openvas-mkcert-client -n om -i



openvassd
openvasmd --rebuild



openvas-scapdata-sync

Now, next step might not be nessesery, since you already run openvas-setup


openvasad -c 'add_user' -n your_usename --role=Admin

Start the OpenVAS Daemons



openvassd - this time it might run already, but next time after you reboot your system, you will have to run it, unless you enable launch at startup.
openvasmd
openvasad
gsad


After that run


openvas-check-setup

And just follow the guidlines, example: you might have to run openvas-certdata-sync

That should be it
run
https://localhost

I suppose everything should be done by openvas-setup, but I just didn't want to risk it, since there was several post about script not working.

The only problem I have I cannot locate 2 files
openvassd.conf, for signature checking of NVT's, which is not enabled by default
openvassd.rules, which is not there by default either

Did anyone ever try to set the up?

newbie14
09-02-2013, 12:44 PM
Dear uwnthesis & Hcl4Tune,
I guess all of us are just trying every other method to make it work well I guess for the benefit of the rest this should be the way. It should be following some proper working guidelines right. I hope some action will be taken else pitty the rest of them. I am gonna try both your method and see. Do you guys thing eash time we start kali we need to run the openvas-setup is it? I notice if I dont do this I can even get the login page ?

uwnthesis
09-02-2013, 01:10 PM
Dear uwnthesis & Hcl4Tune,
Do you guys thing eash time we start kali we need to run the openvas-setup is it? I notice if I dont do this I can even get the login page ?

Hi Newbie,

I'm using the lazy kali script.
Just added a visual guide for it... it's awesome AND has Openvas roll back and Openvas start up options :)
Option 3 = Openvas


http://uwnthesis.files.wordpress.com/2013/07/lz-main-menu.png?w=497 (http://uwnthesis.files.wordpress.com/2013/07/lz-main-menu.png)


If openvas won't start in your browser, then use
Openvas > Openvas GDK

You'll get the desktop version... not as slick as the browser :(

Visual guide to Lazykali
http://forums.kali.org/showthread.php?3631-Script-for-installing-extras-like-java-pwnstar-ettercap-and-more
Page 3

newbie14
09-02-2013, 01:14 PM
Dear Uwnthesis,
Sorry I am lost here. Ok let me share with you what I want to do is penetration tests into my servers. So what is your idea to use open-vas or anything else. What is this lazy kali is it a shell script ? Will my open kali have the openvas ->gdk ? Another thing I want to know each time I come into kali must I do the setup ? Did you wrote this script?

uwnthesis
09-02-2013, 01:20 PM
https://localhost:9392/login/login.html never worked for me either, instead i just use https:localhost

The only problem I have I cannot locate 2 files
openvassd.conf, for signature checking of NVT's, which is not enabled by default
openvassd.rules, which is not there by default either

Did anyone ever try to set the up?

Hi Hcl4

Have you tried out openvas > openvas gsd ?
That should open a desktop link for you.

The lazykali script can roll back our openvas options... so that openvas gsd works.

The odd things is, that after using openvas gsd, the browser security assistant will often start working.. and shows all the gsd scans.
Talk about bizarre!

So I'm guessing the lazyscript, might just save our sanity :)
It's a superb script, worth it's weight in gold to be honest.. just because it gets openvas scanning again :)

newbie14
09-02-2013, 01:26 PM
Dear Uwnthesis,
Help me here I am kind of lost. So now in my current situation what is best recommendation ? Which path to go now? Should I follow your previous steps or go with lazy kali script?

uwnthesis
09-02-2013, 01:32 PM
Dear Uwnthesis,
Sorry I am lost here. Ok let me share with you what I want to do is penetration tests into my servers. So what is your idea to use open-vas or anything else. What is this lazy kali is it a shell script ? Will my open kali have the openvas ->gdk ? Another thing I want to know each time I come into kali must I do the setup ? Did you wrote this script?

Lazyscript was written here on the kali forum with offensive security.
It's a little goldmine :) The history is here :
http://forums.kali.org/showthread.php?3631-Script-for-installing-extras-like-java-pwnstar-ettercap-and-more

It's a script that automates all the updates for various applications...
Yes, your Kali should have the gdk option
Applications > Kali > vulnerability analysis > openvas > 3rd option down... openvas gsd

No to the intial setup, but yes you have to start the services etc.

Hi HCL,

There's a link here, that might have some commands that will help you out.
some of the download links have moved.. but the commands should be valid.
http://cyberforensics.et.byu.edu/wiki/OpenVAS_on_Kali_Linux_1.0.3

d. Start the scanner and rebuild the database
openvassd
openvasmd --rebuild
e. Sync the SCAP database (learn about SCAP here[4] (http://scap.nist.gov/)). Note this will take some time!!!!
openvas-scapdata-sync


To be honest, lazykali, looks the easy way to go :)

uwnthesis
09-02-2013, 01:33 PM
Dear Uwnthesis,
Help me here I am kind of lost. So now in my current situation what is best recommendation ? Which path to go now? Should I follow your previous steps or go with lazy kali script?

LazyKali is so simple.

go with the simple and easiest solution first :)

and it offers so many more advantages - it's priceless.

newbie14
09-02-2013, 01:40 PM
Dear Uwnthesis,
I went here now https://code.google.com/p/lazykali/downloads/list. So which one to download the one .sh ?

uwnthesis
09-02-2013, 02:11 PM
Dear Uwnthesis,
So which one to download the one .sh ?

1. Download the Lazy Kali Script into it’s own directory

Root terminal

mkdir lazykali

*******
http://code.google.com/p/lazykali/
Downloads Tab > LazyKali

http://uwnthesis.files.wordpress.com/2013/07/lazykali.png?w=497 (http://uwnthesis.files.wordpress.com/2013/07/lazykali.png)http://uwnthesis.files.wordpress.com/2013/07/lazikali2.png?w=497 (http://uwnthesis.files.wordpress.com/2013/07/lazikali2.png)

*******Downloading***
You run lazykali from the directory where it was downloaded.

Save File

http://uwnthesis.files.wordpress.com/2013/07/root1.png?w=497 (http://uwnthesis.files.wordpress.com/2013/07/root1.png)


****Make the Script executable*****

chmod +x lazykali.sh


All the rest of the steps are here:
(all pretty pictures) :)
http://forums.kali.org/showthread.php?3631-Script-for-installing-extras-like-java-pwnstar-ettercap-and-more/page3

Hcl4Tune
09-02-2013, 04:21 PM
... Do you guys thing eash time we start kali we need to run the openvas-setup is it? I notice if I dont do this I can even get the login page ?

No you don't have to run openvas-setup, Just start these 4 services every time you restart system, unless you enable them to launch at start.


openvassd
openvasmd
openvasad
gsad

newbie14
09-03-2013, 09:23 AM
Dear All,
I want to thank you guys especially uwnthesis the lazykali really works. So I go in press 3 and ask to start the open vas service. Thereafter I can login into open-vas web. Actually I want to learn further what actually is the script doing? Have you guys used open vas what is best mechanism to do the penetration tests?

uwnthesis
09-04-2013, 01:39 PM
Hi Newbie,

I think I can help you out - I have a little visual guide that can start off your first Open Vas Scan.

Step 3 – OpenVAS Login Box http://uwnthesis.files.wordpress.com/2013/08/openvas4-greenbone-login-screen.png?w=497&h=259 (http://uwnthesis.files.wordpress.com/2013/08/openvas4-greenbone-login-screen.png)Default username = admin
Password (whatever you entered during setup)
******
OpenVAS Security Assistant screen (Hermione Granger wizard appears) http://uwnthesis.files.wordpress.com/2013/08/openvas5-security-asst-screen.png?w=497&h=261 (http://uwnthesis.files.wordpress.com/2013/08/openvas5-security-asst-screen.png)******
Step 4 – Update your Vulnerability Database Feeds Administration > NVT Feed > Synchronise with Feed Now http://uwnthesis.files.wordpress.com/2013/08/nvt-feed.png?w=497&h=259 (http://uwnthesis.files.wordpress.com/2013/08/nvt-feed.png)This step is critical. if you do not update the vulnerability database feeds, it will generate errors later on.
Administration > NVT Feed
Administration > SCAP Database Feed (these are xml files for the reports)
Administration > Cert Feed
*******

uwnthesis
09-04-2013, 01:40 PM
Add Users Administration > Users Add Users http://uwnthesis.files.wordpress.com/2013/08/add-users.png?w=497&h=279 (http://uwnthesis.files.wordpress.com/2013/08/add-users.png)
*******
Step 5 – Set Targets to Scan Configuration > Targets Localhost will be there by default.
Add your router as a target eg 192.168.1.1 or 192.168.1.254
http://uwnthesis.files.wordpress.com/2013/08/configure-targets.png?w=497&h=180 (http://uwnthesis.files.wordpress.com/2013/08/configure-targets.png)
Look for the Blue box with a White star – click the star White star = New Target http://uwnthesis.files.wordpress.com/2013/08/star.png?w=497 (http://uwnthesis.files.wordpress.com/2013/08/star.png)
Viola…
http://uwnthesis.files.wordpress.com/2013/08/new-target.png?w=497&h=211 (http://uwnthesis.files.wordpress.com/2013/08/new-target.png)

uwnthesis
09-04-2013, 01:40 PM
Enter IP of Router, and port options (eg all TCP) Create Target Button http://uwnthesis.files.wordpress.com/2013/08/router-scan.png?w=497&h=259 (http://uwnthesis.files.wordpress.com/2013/08/router-scan.png)http://uwnthesis.files.wordpress.com/2013/08/scan-set.png?w=497&h=83 (http://uwnthesis.files.wordpress.com/2013/08/scan-set.png)
*****
Step 6 – Create a Task Scan Management > New Task http://uwnthesis.files.wordpress.com/2013/08/new-task.png?w=497&h=288 (http://uwnthesis.files.wordpress.com/2013/08/new-task.png)
Home Router scan Create Task Button Scan Config = Full and Fast
http://uwnthesis.files.wordpress.com/2013/08/new-task-completed.png?w=497&h=280 (http://uwnthesis.files.wordpress.com/2013/08/new-task-completed.png)

uwnthesis
09-04-2013, 01:46 PM
Dear All,
I want to thank you guys especially uwnthesis the lazykali really works. So I go in press 3 and ask to start the open vas service. Thereafter I can login into open-vas web. Actually I want to learn further what actually is the script doing? Have you guys used open vas what is best mechanism to do the penetration tests?

Hi Newbie,

A critical stage is step 4 to update the NVT, CVE databases before we start.

OpenVas is like Nessus - its scanning the network for open ports.
The type of scan can select TCP, UDP or both. If you're only scanning one target, you can do a deeper scan. If you're scanning a large number of hosts, you might have to decide to only scan privileged tcp/udp ports to save time.

I like OpenVas.. really like it :)

newbie14
09-04-2013, 04:07 PM
Dear Uwnthesis,
Ok before you wrote to me I actually started one full and fast scanning. I was worried for long time nearly one hour the percentage just stayed at 1%. Nevermind I will repeat the step as what you have wrote. I also want to know what is that the lazykali script did to make it work ?

Hcl4Tune
09-04-2013, 07:33 PM
Dear Uwnthesis,
Ok before you wrote to me I actually started one full and fast scanning. I was worried for long time nearly one hour the percentage just stayed at 1%. Nevermind I will repeat the step as what you have wrote. I also want to know what is that the lazykali script did to make it work ?

Just refresh the page, it's fine

uwnthesis
09-06-2013, 03:24 PM
Dear All,
Actually I want to learn further what actually is the script doing? Have you guys used open vas what is best mechanism to do the penetration tests?



Dear All,
Actually I want to learn further what actually is the script doing? Have you guys used open vas what is best mechanism to do the penetration tests?

Hi Newbie,

The answer to that is quite long. Basically you can select which ports to scan..... it's then checking if the ports are open or filtered.
It also checks if a default password has been left on a router, or if there's a null logon for an FTP server. It looking for known vulnerabilities... and the risk factor.


Pinched this from their website:
The OpenVAS project maintains a public feed of Network Vulnerability Tests (NVTs). It contains more than 30,000 NVTs (April 2013), growing on a daily basis. This feed is configured as the default for OpenVAS.

For online-synchronisation use the command openvas-nvt-sync to update your local NVTs with the newest ones from the feed service.

I've used nessus and Openvas.. though I'm not sure what you mean by "best mechanism" to do a pen test.

If you want a checklist of things to do on a pen test, then the EC Council books could give you this in a step by step format.
http://www.amazon.co.uk/Network-Testing-EC-Council-Certified-Security/dp/1435483707/ref=sr_1_3?ie=UTF8&qid=1378479907&sr=8-3&keywords=ec+council+penetration+testing
If you view the index of the books on Amazon, you'll see the steps listed for you :)

Some of the best training I've ever seen is actually the Offensive Security courses, by the guys that run this forum. It might sound like I'm grovelling, but I'm not, it's an honest appraisal from what I've seen of the content.

Is that what you meant?

newbie14
09-06-2013, 04:49 PM
Dear Uwnthesis,
Thank you for also sharing your personal experiences with the kali linux people. So in my case I am running a web server and also java based socket communication server. So for this sort of servers what best pen-test should I run is open-vas suitable our any other tools ? Another thing I dont find these options in my web gui Administration > SCAP Database Feed (these are xml files for the reports) and Administration > Cert Feed ? Any idea why these two are missing ?

newbie14
09-07-2013, 04:42 AM
Dear Uwnthesis,
I press the Synchronise with Feed Now and left it for nearly an hour and I just press the Learn About the consequences of feed synchronisation it says my session ended and I log in again I got to press the Synchronise with Feed Now. I think something is wrong here right?

uwnthesis
09-14-2013, 06:04 PM
Dear Uwnthesis,
So for this sort of servers what best pen-test should I run is open-vas suitable our any other tools ? Another thing I dont find these options in my web gui Administration > SCAP Database Feed (these are xml files for the reports) and Administration > Cert Feed ? Any idea why these two are missing ?

Hi Newbie,

The SCAP Database feed has to be updated, and the Cert feed. It's the first thing that has to happen when we set up Openvas.

I've found this advice from OpenVas, which may help trigger the feeds to synchronise for you.
http://www.openvas.org/install-packages.html#openvas_debian_obs


Step 3: Quick-Start OpenVAS
(copy and paste whole block as user root, during first time you will be asked to set a password for user "admin")
test -e /var/lib/openvas/CA/cacert.pem || openvas-mkcert -q
openvas-nvt-sync
test -e /var/lib/openvas/users/om || openvas-mkcert-client -n om -i
/etc/init.d/openvas-manager stop
/etc/init.d/openvas-scanner stop
openvassd
openvasmd --rebuild
openvas-scapdata-sync
openvas-certdata-sync
test -e /var/lib/openvas/users/admin || openvasad -c add_user -n admin -r Admin
killall openvassd
sleep 15
/etc/init.d/openvas-scanner start
/etc/init.d/openvas-manager start
/etc/init.d/openvas-administrator restart
/etc/init.d/greenbone-security-assistant restart

newbie14
09-14-2013, 06:22 PM
Dear Uwnthesis,
I just need to run the Step 1: Configure OBS Repository right. The following steps from the website is not needed right. So is that why when I try to run open vas it get stuck at 1%?

uwnthesis
09-16-2013, 03:32 PM
Dear Uwnthesis,
I just need to run the Step 1: Configure OBS Repository right. The following steps from the website is not needed right. So is that why when I try to run open vas it get stuck at 1%?

I've searched for Openvas at 1% - it seems to be a common hiccup.

One interesting comment - that might explain why OpenVas is getting stuck is here:

Sometimes when I an having scanning issues it helps me to see where it hangs by running

ps ax |grep openvas

You can see there which NASL is running in real time and which is hanging

from there you could always "kill" the hanging process too and the scan will continue as normal.

http://forums.alienvault.com/discussion/457/scan-hangs-at-1-and-launching-scan

This might just work for you :)

newbie14
09-18-2013, 02:24 PM
Dear Uwnthesis,
I ran each command line by line all was ok except this openvas-certdata-sync it say bash openvas-certdata-sync command not found. At the end when I ran all the command and tried to go into web page again the same old problem could not login. I had to go back into lazykali script and it run. So will this list off command effect the lazykali script?

newbie14
09-18-2013, 02:34 PM
Dear Uwnthesis,
Ok I ran this command ps ax |grep openvas first I saw this /var/lib/opevas/pluglins/nmap.nasl then next I saw is this and the moment I do this kill the process id next when I refresh it say is done. I think some thing is wrong right?

mime
09-19-2013, 11:44 AM
Ok I ran this command ps ax |grep openvas first I saw this /var/lib/opevas/pluglins/nmap.nasl then next I saw is this and the moment I do this kill the process id next when I refresh it say is done. I think some thing is wrong right?

It's really not a god idea to kill the nmap process. ;) Which port range did you use? Note that a UDP port scan can take a very long time. Stuck at 1% means nearly always "Scanner is in port scan phase". Maybe run https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup to be sure anything in your installation is ok.

newbie14
09-23-2013, 12:40 PM
Dear Mime,
I have ran the script. Below is the results. To be very frank I am very lost at this stage cause if you follow the through this thread before I ran the lazykali script open vas could never run so I could only run via the lazykali. So I dont know what to do next from here?



./openvas-check-setup.sh
openvas-check-setup 2.2.3
Test completeness and readiness of OpenVAS-6
(add '--v4', '--v5' or '--v7'
if you want to check for another OpenVAS version)

Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
ERROR: OpenVAS Scanner too old or too new: 3.3.1
FIX: Please install OpenVAS Scanner 3.4.

ERROR: Your OpenVAS-6 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

mime
09-23-2013, 02:17 PM
You have to add the '--v5' switch...

newbie14
09-23-2013, 05:16 PM
Dear Mime,
Here is the results. So what I did is that via the lazykali script update the kali first then I updated openvas. Why does the kaliupdate takes few hours ? So what is your guide from here? After the update I am running the openvas and again stuck at the nmap.


ps ax | grep openvas
31274 ? Ss 0:00 openvassd: waiting for incoming connections
31282 pts/0 S+ 0:00 openvasmd -p 9390 -a 127.0.0.1
31284 pts/0 S+ 0:00 openvasad -a 127.0.0.1 -p 9393
31325 ? Ss 0:08 openvassd: serving 127.0.0.1
31326 pts/0 S+ 0:03 openvasmd -p 9390 -a 127.0.0.1
31340 ? S 0:00 openvassd: testing **************
31521 ? S 0:00 openvassd: testing ********* (/var/lib/openvas/plugins/nmap.nasl)
31792 pts/2 S+ 0:00 grep openvas



./openvas-check-setup.sh -v5
openvas-check-setup 2.2.3
Test completeness and readiness of OpenVAS-6
(add '--v4', '--v5' or '--v7'
if you want to check for another OpenVAS version)

Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
ERROR: OpenVAS Scanner too old or too new: 3.3.1
FIX: Please install OpenVAS Scanner 3.4.

ERROR: Your OpenVAS-6 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

root@kali:~/Desktop/lazykali# ./openvas-check-setup.sh --v5
openvas-check-setup 2.2.3
Test completeness and readiness of OpenVAS-5

Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.3.1.
OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /var/lib/openvas/plugins contains 32480 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /var/cache/openvas contains 32480 files for 32480 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 3.0.4.
OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 56.
OK: OpenVAS Manager expects database at revision 56.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 32480 NVTs.
ERROR: No OpenVAS SCAP database found. (Tried: /var/lib/openvas/scap-data/scap.db)
FIX: Run a SCAP synchronization script like openvas-scapdata-sync or greenbone-scapdata-sync.

ERROR: Your OpenVAS-5 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

mime
09-24-2013, 07:32 AM
FIX: Run a SCAP synchronization script like openvas-scapdata-sync or greenbone-scapdata-sync.


So far it looks good. The only "problem" is, that you didn't run 'openvas-scapdata-sync'. But that is not that important now...



31521 ? S 0:00 openvassd: testing ********* (/var/lib/openvas/plugins/nmap.nasl)


Again: Which port range did you use? Did the port range contains UDP ports? What kind of target is that? Firewalled? How long take nmap standalone against this host?

newbie14
09-25-2013, 03:48 PM
Dear Mime,
I have this openvas-scapdata-sync but its taking very long is ok let it run. Back to the port range I selected all ports. The target is web and db server. No firewall just iptables. How to check nmap standalone I am not sure on that?

mime
09-25-2013, 04:17 PM
Dear Mime,
I have this openvas-scapdata-sync but its taking very long is ok let it run.


Yes, the initial run takes some time.



Back to the port range I selected all ports.


Even all UDP ports?



The target is web and db server. No firewall just iptables. How to check nmap standalone I am not sure on that?

Just run 'nmap -p 1-65535 <target ip>' for the moment. Please run also a new scan against localhost to see if that scan also get stuck at 1%.

newbie14
09-26-2013, 03:02 PM
Dear Mime,
I tried run this 'nmap -p 1-65535 <target ip>' on localhost is fast but on the the ip is slow its now been 30 minutes yet not complete. Ok can you help me solve my other confusion why still my openvas does not run without the lazykali script.

mime
09-27-2013, 10:08 AM
Ok can you help me solve my other confusion why still my openvas does not run without the lazykali script.

I've downloaded kali-linux-1.0.5-i386.iso and installed it in VirtualBox. Next i run 'openvas-setup' and when this has finished anything works as expected and i'm able to login into the GSA.

Albonite
02-01-2014, 06:44 PM
Hi.

Someone can help me ? I have tried a lot of things but openvas won't work.

I use kali linux 1.0.6.
I have deleted openvas in the menu and i don't know how to reinstall it but this is not the main problem.

I can go to localhost:9392 but i stay stuck in 1% or i cant acces a new task. error500_gettoomany.


How can i delete all the crap and reinstall ?

Thank you for your help and your time.

Forgive my english please :)

mime
02-03-2014, 08:58 AM
I can go to localhost:9392 but i stay stuck in 1%

Sounds like the cert for the user 'om' is expired. Please run "openvas-mkcert-client -n om -i" and try again.

Skeletonkey
02-18-2014, 05:51 AM
The rev of OpenVas is broken in Kali as it was in Backtrack. Your best uninstalling OpenVAS rev from Kali and download the actual installable from OpenVas and install it.
You will need to make changes to the openvas and greenbone modules in /etc/default/ , http://www.openvas.org/install-packages.html#openvas_debian_obs
Then there is a certain order the Openvas module start up. If I find my build notes I will post them here, should take me a day to find them.

arthurcameron
02-18-2014, 06:57 PM
hi:)
if this "can help" ?
I 'm try to "test" the "setup-script-openvas"(default) and then loggin in ""web-gui" && ""gsd-gui"" into my kali1.04-live.. everything seems to work!
http://vimeo.com/72486158

I think is helpful :)
http://moviediablo.com/kaylila/upload/30/wso.jpg

Arvandor
06-24-2014, 09:33 PM
Alright, I think I'll necro this thread instead of starting a new one, especially since I've used so much of this one for help.

I intially tried to set up OpenVAS using the Kali > Vuln > OpenVAS > setup tool, which got me logged into the web interface, but the web interface syncing didn't work. After fighting with the various syncs, and getting rsync to work on the scap database, it wouldn't let me log back in, would say the connection reset. I've spent all day googling, reading, reinstalling, and trying to make it work. I've gotten to the point where the check-setup script says my install of v6 is fine, I can start all the services, do an lsof -i and see that gsad is listening on localhost:9392 (and the other services are listening on nearby ports... I don't know if that's a problem or not?) But it still won't let me into the web interface. It'll say the connection is untrusted, just like before, I add it as an exception, and instead of taking me to the logon page, it just says "Unable to connect" or "the connection was reset."

Any idea on what gives, or what I can do from here to figure out what's going on?

Also, as a sidenote, all the instructions I saw say to install xsltproc, which doesn't seem to exist anymore. I do appear to have the libxslt version of it or whatever, but I had some errors about it at some point during the setup process. Same with htmldoc, rpm, and a couple others listed from the debian instructions at hxxp://www.openvas.org/install-packages-v6.html#openvas_debian_obs

Edit: Finally got it working! I ended up completely reinstalling Kali on my Kali box, running the openvas_setup through the GUI Menu, and THEN using the LazyKali script to kill and start the processes (which even then, only worked after a complete reboot.) But it seems to be good now. I wish you could dump the report into a CSV file, and that it had a public exploit line the way Nessus does, but it's a VERY cool tool still. I'll have to see if I can come up with a python script to parse the XML report into something more useful for a kind of weekly comparison and maybe graph over time if I start feeling fancy ;)

jyatcb
07-23-2014, 05:05 PM
@ Arvandor,

I had the same problem and had to do a complete uninstall and db purge before reinstalling. I'm glad that it's up and working for you now.