What is default 'admin' password after installing openVAS

**burger** · 2014-10-16

kali-linux-1.0.9a-amd64.iso
VMWare Workstation 9
(have also tried on virtualbox)

All of the instructionals I have seen with regard to setting up openVas state that you will be prompted to enter a password for 'admin' at the tail-end of the installation. What I see however is password being auto-generated.

How I am running the openVAS installation: applications -> Kali Linux -> Vulnerability Analysis -> OpenVAS -> OpenVas initial setup

it rolls through the entire setup, but at the end states "user created with password 'b2273996-450c-40f8-b0ef-1c9d8a76f3c4'. So it looks like it is kicking back the uuid of an auto-generated password..

I tried admin, admin
tried the root password, root login and password and every combination therein.

Has anyone come across this before?
Thx
------------------

Some more details:

following initial install of Kali -

apt-get update
apt-get upgrade

installed vmware tools

root@kali:/proc# cat version
Linux version 3.14-kali1-amd64 ([email protected]) (gcc version 4.7.2 (Debian 4.7.2-5) ) #1 SMP Debian 3.14.5-1kali1 (2014-06-07)

halt

upon reboot, Applications -> Kali Linux -> Vulnerability Analysis -> OpenVAS -> openvas initial setup

tail-end of installation reads as:
-----------
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
localityName :PRINTABLE:'Berlin'
commonName :PRINTABLE:'om'
Certificate is to be certified until Oct 17 21:34:44 2015 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
Stopping OpenVAS Manager: openvasmd.
Stopping OpenVAS Scanner: openvassd.
Starting OpenVAS Scanner: openvassd.
Starting OpenVAS Manager: openvasmd.
Restarting Greenbone Security Assistant: gsad.
User created with password 'b2273996-450c-40f8-b0ef-1c9d8a76f3c4'.
-----------
doing a search for 'user' in the installation log, the last two entries:
Line 73793: [i] No user data directory '/var/lib/openvas/scap-data/private' found.
Line 73888: User created with password 'b2273996-450c-40f8-b0ef-1c9d8a76f3c4'
-----------

glancing in /var/lib/openvas/scap-data/private:

root@kali:/var/lib/openvas/scap-data# ls
COPYING nvdcve-2.0-2010.xml.asc
COPYING.asc nvdcve-2.0-2011.xml
nvdcve-2.0-2002.xml nvdcve-2.0-2011.xml.asc
nvdcve-2.0-2002.xml.asc nvdcve-2.0-2012.xml
nvdcve-2.0-2003.xml nvdcve-2.0-2012.xml.asc
nvdcve-2.0-2003.xml.asc nvdcve-2.0-2013.xml
nvdcve-2.0-2004.xml nvdcve-2.0-2013.xml.asc
nvdcve-2.0-2004.xml.asc nvdcve-2.0-2014.xml
nvdcve-2.0-2005.xml nvdcve-2.0-2014.xml.asc
nvdcve-2.0-2005.xml.asc official-cpe-dictionary_v2.2.xml
nvdcve-2.0-2006.xml official-cpe-dictionary_v2.2.xml.asc
nvdcve-2.0-2006.xml.asc oval
nvdcve-2.0-2007.xml scap.db
nvdcve-2.0-2007.xml.asc sha1sums
nvdcve-2.0-2008.xml status
nvdcve-2.0-2008.xml.asc status.asc
nvdcve-2.0-2009.xml timestamp
nvdcve-2.0-2009.xml.asc timestamp.asc
nvdcve-2.0-2010.xml

(oval is the only directory)
---------
Cannot add user via cli (i.e. openvasad -c 'add_user' -n openvasadmin -r Admin)

Any help appreciated. Thx

**k-cyanide** · 2014-10-17

ok. Firstly get the feed update of Openvas and run Openvas Check Setup. that will give u possible shortfalls of the installation.
as you dont have the initial passwd it would be advisable to add another admin user to OpenVas from console.
enter the following command: openvasad -c add_user -u your_new_login_here -r Admin
after you hit enter, the openvas will generate a new passwd (a big long one) and just copy that passwd and login using that credentials. It will work.
and after you log in the openvas just go to administration and change the passwd if you like.
Hope this helps.
Regards

**burger** · 2014-10-18

Thanks k-cyanide

the openvasad command no-worky for me (may be version-specific?)

But the issue appears to be permissions-related with the tasks.db file.

Here is how I got around it:

root@kali:/var/lib/openvas/mgr# openvasmd --rebuild
root@kali:/var/lib/openvas/mgr# ls -al
total 65548
drwxr-xr-x 2 root root 4096 Oct 18 08:20 .
drwxr-xr-x 10 root root 4096 Oct 15 20:14 ..
-rw------- 1 root root 67108864 Oct 18 08:20 tasks.db
root@kali:/var/lib/openvas/mgr# chmod 755 tasks.db
root@kali:/var/lib/openvas/mgr# ls -al
total 65548
drwxr-xr-x 2 root root 4096 Oct 18 08:21 .
drwxr-xr-x 10 root root 4096 Oct 15 20:14 ..
-rwxr-xr-x 1 root root 67108864 Oct 18 08:20 tasks.db
----------

then run the check-setup:

<a lot of output..>

[i] Updating Max CVSS for DFN-CERT
Stopping OpenVAS Manager: openvasmd.
Stopping OpenVAS Scanner: openvassd.
Starting OpenVAS Scanner: openvassd.
Starting OpenVAS Manager: openvasmd.
Restarting Greenbone Security Assistant: gsad.
User created with password '5b46de80-f035-4581-8c8d-d1be80172378'.
---------

the string that resembles a uuid is the actual password for 'admin' -

upon initial setup, there appears to be a permissions-restriction preventing access to tasks.db, but once permissions is opened up on this file, the produced password allows for access with admin user via the gui.

(this a bug? Or did I perform the setup incorrectly?)

**burger** · 2014-10-18

veto my last (currently being moderated) comment. Permissions always revert to 600, so I was chasing a red herring. Not sure how I got that password to work before, but it is possible to create a new user simply enough: openvasmd --create-user <user id>

The produced password WILL allow you in via the gui using the created userid.

It still baffles me why the produced password for admin fails.

have tried:
rm tasks.db
openvasmd --rebuild

then re-running the initial setup, which produces new password. Fails. Every fricken time. (but worked once)

No issues using the openvas .ova btw - this phenomenon only occurs in Kali

Oh well, as long as I can get in and run scans..

Thanks again k-cyanide

**PePeLeGal** · 2014-10-22

To change admin password:
openvasmd --user=admin --new-password=letmein

Then logon using admin:letmein

**clone** · 2014-10-30

you can pretty easily cause more problems for yourself by thrashing around trying to get it working; and very quickly end up with it in a pretty wicked loop of demands. most posted tutorials I checked out, including a few which are quoted here; include typos and deprecated commands, etc. (such as openvasad). sometimes google isn't your best friend.

the easiest fix is to rm /var/lib/openvas/mgr/tasks.db, then do openvasmd --rebuild. next, root@kali:~# openvasmd --create-user admin
User created with password '21afd717-[snip] for any user you wish to add. the role assigned to that user and the password can be modified once the web interface can be accessed or you can use the --new-password=<password> option.

**PePeLeGal** · 2014-10-31

Possible solution here: https://forums.kali.org/showthread.p...9183#post39183

**pemantao** · 2015-02-05

I had the same issue, what I did just create a new user
openvasmd --create-user [my-new-user]

and it would create the user with a generated password.
Login to the webui using the credential and found out another user 'admim' which the password is the one generated on setup.

**VampireS** · 2015-02-16

To change admin password:
openvasmd --user=admin --new-password=youpass

Thread: What is default 'admin' password after installing openVAS

Thread Tools

Search Thread

Display

What is default 'admin' password after installing openVAS

Similar Threads

kali admin password

Posting Permissions