TL;DR setting up the free OpenVAS on Kali
Part I: Howto Setup BloodHound
Part II: Howto Setup BlueHound
Part III: Howto Setup OpenVAS
Background
I recently got around to finally setting up OpenVAS on Kali. I should have done it back before I took eJPT. It would have helped, luckily we passed regardless. There was a bit of Googling and trial & error involved so I figured I’d post my notes in case they help anyone else. I’ll probably be reading this myself in a year from now when I forget what I did.
Update Kali & install OpenVAS
sudo apt update -y
sudo apt upgrade -y
sudo apt install openvasUpdate the DB
You may or may not have to do this bit. I was getting weird errors. It turns out that I had to update PostgreSQL from version 14 to 15.
#Show versions
pg_lsclusters
pg_dropcluster --stop 15 main
pg_upgradecluster 14 main
pg_dropcluster --stop 14 mainSetup OpenVAS
Configure OpenVAS via
sudo gvm-setupNote the password shown at the end. In the worst case though you can always reset it via
gvmd --user=admin --new-password=Password\!\!Troubleshooting
This is where things get fun and exciting. Normally you would just
sudo gvm-startHowever I had a couple issues like the below. Luckily OpenVAS includes a check that’ll let you know most of what you need to do.
In my case I had to do the below:
sudo gvm-check-setup
sudo runuser -u _gvm - greenbone-feed-sync - type SCAP
systemctl start redis-server@openvas.service
sudo chmod 666 /var/log/gvm/openvas.logFortunately CW6 Google let me know to make that last change to the log’s file permissions. It would have taken me ages to figure that one out based solely on the errors.
Once everything is good the check will pass.
postgres troublshooting
If you get errors regarding a mismatch when you try to run
sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-databaseThe fix:
sudo -u postgres psql
\l
REINDEX DATABASE postgres;
ALTER DATABASE postgres REFRESH COLLATION VERSION;
\connect template1
REINDEX DATABASE template1;
ALTER DATABASE template1 REFRESH COLLATION VERSION;
sudo runuser -u postgres --/usr/share/gvm/create-postgresql-database
sudo gvm-setup
sudo gvm-check-setup
If you get an error like “Failed to find config ‘daba56c8–73ec-11df-a475–002264764cea’” then check and update your scan configs.
find /var/lib/gvm/data-objects/ -name "*daba56c8-73ec-11df-a475-002264764cea*.xml"
sudo -u gvm greenbone-feed-sync --type gvmd-data
sudo -u gvm greenbone-feed-sync --type nvtGive OpenVAS a few minutes to an hour to update and check under Configuration \ Scan Configs.
Scanning
One can create a new task and upload a target list. Just bear in mind that it has to be a comma separated list. As an example my scan of SlayerLabs looked like the below:
10.65.1.4, 10.65.1.21–43, 10.65.3.40, 10.65.3.90, 10.65.10.91–92, 10.65.20.20–30Once it’s done you will see something like the below.
Personally I prefer to export the scan results to PDF and then view them by host. This makes it easy to see vulnerabilities by host.
Obviously this one jumped out at me. We go over exploiting what OpenVAS found and post exploitation here.
Updating OpenVAS
I had to update OpenVAS on my Kali VM recently while running a TryHackMe room on Vulnerability Management.
This was done via:
#Show versions
pg_lsclusters
pg_dropcluster --stop 16 main
pg_upgradecluster 15 main
pg_dropcluster --stop 15 main
apt install postgresql-16-pg-gvm
sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database
sudo runuser -u _gvm -- gvmd --migrate
sudo gvm-check-setup
sudo gvm-startSummary
Nessus has a trial version, but it’s only good for running X number of scans. This version of OpenVAS is completely free. Like many Linux programs though it can have some dependency issues.
References
PostgreSQL update: https://www.netvizura.com/blog/how-to-upgrade-postgresql-from-13-to-14
OpenVAS setup: https://www.geeksforgeeks.org/installing-openvas-on-kali-linux/#
Fix missing scan configs: https://greenbone.github.io/docs/latest/22.4/source-build/troubleshooting.html#failed-to-find-scan-configuration
postgres version mismatch: https://dba.stackexchange.com/questions/324649/collation-version-mismatch?newreg=7b7f699f20ac4e308466a3aae73dad20
connect to postgres: https://stackoverflow.com/questions/3949876/how-to-switch-databases-in-psql
