refer to:
(看这个就可以了,其他的千万别看)https://greenbone.github.io/docs/latest/22.4/container/index.html
官网:https://github.com/greenbone/
(别看了)https://www.geeksforgeeks.org/installing-openvas-on-kali-linux/
(别看了)https://www.ceos3c.com/security/install-openvas-kali-linux/
openvas 是一款漏洞扫描软件,现在是收费的。 有社区版。 据说扫描很快,扫描的规则有5000多个。是nessus的一个分支.(fork)
免费版叫做 greenbone openvas
最新的名字叫做 gvm greenbone vulnerability manager
gvmd: greenbone vulnerability manager database 数据库后端
总结:
1. 必须用docker安装
2. 使用挺简单的。
3. sniper1 仅支持openvas <7, 而目前(2023-08-19) 的最新版本是22
安装
直接用docker-compose: 参考 https://greenbone.github.io/docs/latest/22.4/container/index.html
docker-compose.yml 文件内容:
services:
vulnerability-tests:
image: greenbone/vulnerability-tests
environment:
STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
volumes:
- vt_data_vol:/mnt
notus-data:
image: greenbone/notus-data
volumes:
- notus_data_vol:/mnt
scap-data:
image: greenbone/scap-data
volumes:
- scap_data_vol:/mnt
cert-bund-data:
image: greenbone/cert-bund-data
volumes:
- cert_data_vol:/mnt
dfn-cert-data:
image: greenbone/dfn-cert-data
volumes:
- cert_data_vol:/mnt
depends_on:
- cert-bund-data
data-objects:
image: greenbone/data-objects
volumes:
- data_objects_vol:/mnt
report-formats:
image: greenbone/report-formats
volumes:
- data_objects_vol:/mnt
depends_on:
- data-objects
gpg-data:
image: greenbone/gpg-data
volumes:
- gpg_data_vol:/mnt
redis-server:
image: greenbone/redis-server
restart: on-failure
volumes:
- redis_socket_vol:/run/redis/
pg-gvm:
image: greenbone/pg-gvm:stable
restart: on-failure
volumes:
- psql_data_vol:/var/lib/postgresql
- psql_socket_vol:/var/run/postgresql
gvmd:
image: greenbone/gvmd:stable
restart: on-failure
volumes:
- gvmd_data_vol:/var/lib/gvm
- scap_data_vol:/var/lib/gvm/scap-data/
- cert_data_vol:/var/lib/gvm/cert-data
- data_objects_vol:/var/lib/gvm/data-objects/gvmd
- vt_data_vol:/var/lib/openvas/plugins
- psql_data_vol:/var/lib/postgresql
- gvmd_socket_vol:/run/gvmd
- ospd_openvas_socket_vol:/run/ospd
- psql_socket_vol:/var/run/postgresql
depends_on:
pg-gvm:
condition: service_started
scap-data:
condition: service_completed_successfully
cert-bund-data:
condition: service_completed_successfully
dfn-cert-data:
condition: service_completed_successfully
data-objects:
condition: service_completed_successfully
report-formats:
condition: service_completed_successfully
gsa:
image: greenbone/gsa:stable
restart: on-failure
ports:
- 9392:80
volumes:
- gvmd_socket_vol:/run/gvmd
depends_on:
- gvmd
ospd-openvas:
image: greenbone/ospd-openvas:stable
restart: on-failure
init: true
hostname: ospd-openvas.local
cap_add:
- NET_ADMIN # for capturing packages in promiscuous mode
- NET_RAW # for raw sockets e.g. used for the boreas alive detection
security_opt:
- seccomp=unconfined
- apparmor=unconfined
command:
[
"ospd-openvas",
"-f",
"--config",
"/etc/gvm/ospd-openvas.conf",
"--mqtt-broker-address",
"mqtt-broker",
"--notus-feed-dir",
"/var/lib/notus/advisories",
"-m",
"666"
]
volumes:
- gpg_data_vol:/etc/openvas/gnupg
- vt_data_vol:/var/lib/openvas/plugins
- notus_data_vol:/var/lib/notus
- ospd_openvas_socket_vol:/run/ospd
- redis_socket_vol:/run/redis/
depends_on:
redis-server:
condition: service_started
gpg-data:
condition: service_completed_successfully
vulnerability-tests:
condition: service_completed_successfully
mqtt-broker:
restart: on-failure
image: greenbone/mqtt-broker
ports:
- 1883:1883
networks:
default:
aliases:
- mqtt-broker
- broker
notus-scanner:
restart: on-failure
image: greenbone/notus-scanner:stable
volumes:
- notus_data_vol:/var/lib/notus
- gpg_data_vol:/etc/openvas/gnupg
environment:
NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker
NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products
depends_on:
- mqtt-broker
- gpg-data
- vulnerability-tests
gvm-tools:
image: greenbone/gvm-tools
volumes:
- gvmd_socket_vol:/run/gvmd
- ospd_openvas_socket_vol:/run/ospd
depends_on:
- gvmd
- ospd-openvas
volumes:
gpg_data_vol:
scap_data_vol:
cert_data_vol:
data_objects_vol:
gvmd_data_vol:
psql_data_vol:
vt_data_vol:
notus_data_vol:
psql_socket_vol:
gvmd_socket_vol:
ospd_openvas_socket_vol:
redis_socket_vol:
docker-compose.exe -f .\docker-compose.yml -p greenbone-community-edition pull
docker pull好了,就运行:
看到上面的图片,就表示程序运行起来了。
登陆后这样:
使用:
可以使用wizard:
(下面这几个太啰嗦了,是最开始尝试的时候弄的,可以不用看了)
需要先增加 scan config: config -> scan config -> 看一下里面有没有东西。没有的话多点一点。
这里似乎要等一等,第一次打开的是上面的情况,是不对的。
在上面页面点击了提交,页面报错,然后刷新,就看到下图了:
然后scans -> new scan:
新增alert:
架构图 (可以参考理解)
以下的都不要看了
安装 (好吧,问题卡在了这里。建议不要自行编译了,直接使用docker )
参考:
https://greenbone.github.io/docs/latest/22.4/source-build/index.html
2015 sudo useradd -r -M -U -G sudo -s /usr/sbin/nologin gvm
2016 sudo usermod -aG gvm $USER
2017 su $USER
2018 echo $USER
2019 export INSTALL_PREFIX=/usr/local
2020 export PATH=$PATH:$INSTALL_PREFIX/sbin
2021 export SOURCE_DIR=$HOME/source
2022 mkdir -p $SOURCE_DIR
2023 echo $HOME
2024 export BUILD_DIR=$HOME/build
2025 mkdir -p $BUILD_DIR
2026 export INSTALL_DIR=$HOME/install
2027 mkdir -p $INSTALL_DIR
2028 sudo apt install --no-install-recommends --assume-yes build-essential curl cmake pkg-config python3 python3-pip gnupg
2029 curl -f -L https://www.greenbone.net/GBCommunitySigningKey.asc -o /tmp/GBCommunitySigningKey.asc
2030 gpg --import /tmp/GBCommunitySigningKey.asc
2031 echo "8AE4BE429B60A59B311C2E739823FAA60ED1E580:6:" | gpg --import-ownertrust
2032 export GVM_LIBS_VERSION=22.6.3
2033 sudo apt install -y libglib2.0-dev libgpgme-dev libgnutls28-dev uuid-dev libssh-gcrypt-dev libhiredis-dev libxml2-dev libpcap-dev libnet1-dev
如果你的ubuntu 是22, 那么就 apt install libpaho-mqtt-dev
如果你的ubuntu是20, (不是22),那么就需要根据这个文章来安装 libpaho-mqtt-dev
https://siwei.me/blog/posts/ubuntu-ubuntu-20-libpaho-mqtt-dev
继续安装:( gvm libs)
sudo apt install -y \
libldap2-dev \
libradcli-dev
curl -f -L https://github.com/greenbone/gvm-libs/archive/refs/tags/v$GVM_LIBS_VERSION.tar.gz -o $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz
curl -f -L https://github.com/greenbone/gvm-libs/releases/download/v$GVM_LIBS_VERSION/gvm-libs-v$GVM_LIBS_VERSION.tar.gz.asc -o $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz.asc
验证刚才下载的文件:
gpg --verify $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz.asc $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz
tar -C $SOURCE_DIR -xvzf $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz
安装 gvm libs:
tar -C $SOURCE_DIR -xvzf $SOURCE_DIR/gvm-libs-$GVM_LIBS_VERSION.tar.gz
(失败了,由于没有安装成功 mqtt 那个lib )