After having using Tenable Nessus years ago, I decided to give OpenVAS a spin. Open VAS, like Nessus, is a vulnerability scanner. Unlike Nessus, OpenVAS is open source and free to download and use. I was surprised when I saw that it wasn’t included with the base installation image of Kali Linux, although after performing an install I now realize why. The total installation requires over 1 gigabyte of drive space, which is around 33% of the total Kali ISO image. Not a big deal though, installation is easy.
OpenVAS Installation and Setup
The first step is to download and install OpenVAS from repositories. Our Kali machine will obviously need an Internet connection for this. Also note that parts of the download may fail if we’re in an environment where any sort of Internet filtering for security takes place, as parts of the download can be flagged as “hacking tools” and the installation will fail.
Kicking off the install is as easy as a single command.
apt-get update && apt-get install openvas
The only interaction required is a quick Y and Enter confirmation after we’re presented with the size of the package from the repository.
Once the system tells us that the installation is complete, we’ll need to complete the install by running setup.
openvas-setup
This step will take slightly longer as a bunch of information will be directly downloaded from Greenbone Networks. On my installation, this included over a gigabyte of data as of November 2018. I assume that over time this number will grow. This part of the installation takes a while, so get cozy and let the installation take time to finish.
When the installation is complete, we’re presented with the password to the default administrator account. You’ll want to copy this and keep it somewhere safe for a minute.
The installer on my machine also opened up a web browser and directed it to https://127.0.0.1:9392, which is the default URL to OpenVAS on our Kali machine. From here we’ll log in to the web GUI with the username admin and the password provided in the output above. It’ll probably make things easier if we let the browser save the password for our OpenVAS web console.
At this point we should be all set to start scanning!
It should be noted that when the OpenVAS engine is running, even when we aren’t actively scanning with it, it does consume resources. Depending on how many resources you have available (for example, low resources due to running Kali inside a VM) you might want to disable the OpenVAS services when you aren’t using them. The services can be easily stopped and started with a single command for each action.
openvas-stop openvas-start
Troubleshooting
Unfortunately for me, when I first tried to run the openvas-setup script, I was on a network that was running web filtering and it would not let me download any data from Greenbone Networks. This meant I had no databases and no vulnerability definitions or anything installed, yet the web console would still launch and I could log in. Upon login though, I got an error on the web console warning me that databases were missing.
After connecting to a network without any filtering, I ran the following two commands:
greenbone-scapdata-sync greenbone-certdata-sync
These commands will attempt to re-download that data and properly create the appropriate databases. If you run in to this or any other error you should be able to run this command to perform a check on your OpenVAS install and have it report to you the health of the installation, and if there’s anything wrong, suggest appropriate fixes:
openvas-check-setup
If you forget the administrator password that was provided via setup, or you just want to change it, you can do that with this command:
openvasmd --user=admin --new-password=newpassword123
where newpassword123 is your super secret desired password.
Conclusion
I can see why OpenVAS isn’t included on the Kali image by default. A full install is fairly large. Lucky for us, installation and setup is very easy and takes hardly any time at all. I hope you found this short tutorial useful.