A few days ago I finally finished my 2 week journey into trying to get OpenVas to work properly. You all may have noticed that you can't just click the setup openvas in kali and have it working properly.
I scoured the Web till my finger's bled and I no longer had fingernails using this fix and that fix and yet when I clicked "check openvas setup" I was greeted with a list of new things to fix.
Alas I am stubborn and refused to give up the challenge. My bandwidth allocation diminishing and with cramps beginning to form in my fingers, (not to mention carpal tunnel flaring up) I finally found the fix that worked.
I would love to give credit but I honestly cant find the site I got the script from. I think it was blackmoreops. Anyways open your terminal and cut and paste THE ENTIRE CODE into your terminal. Not one line at a time but THE ENTIRE CODE BELOW. I will warn you this will take quite sometime to complete as it will download all the data and also setup your data base.
test -e /var/lib/openvas/CA/cacert.pem || openvas-mkcert -q
test -e /var/lib/openvas/users/om || openvas-mkcert-client -n om -i
service openvas-manager stop
service openvas-scanner stop
test -e /var/lib/openvas/users/admin || openvasad -c adduser -n admin -r Admin
service openvas-scanner start
service openvas-manager start
service openvas-administrator restart
service greenbone-security-assistant restart
It will ask you a few questions as you move along the installation process so be prepared.
Please note, you do not have to use the above script again.
Now in in terminal type openvas-check-setup
You should get something like this,
Once the above is complete you will want to update and open Openvas properly. Openvas is really quite a delicate and finicky little Bi### but thanks to Afterburn we have a nice little script that does this. Cut and paste the below into your favorite editor and save it.
## Script by AfterBurn @ NetSecNow GNU License
echo -e "Script by AfterBurn @ NetSecNow.\n"
##Setting up nvt sync
echo "Syncing NVT Database..."
echo "Updating SCAP Data Feed"
echo "Updating CERT Feed.."
## Starting Services
echo "Starting OpenVAS Services..."
echo -e "Services Started!\nPlease Login via the Web UI @ https://127.0.0.1:9392 and confirm the secuity exception.\nFollow the prompts and login with your username/password.\nUsername default is admin and the password is the one you created during setup.\n"
echo -e "Launching Iceweasel with the WebUI :-)\n"
echo -e "Having issues? Visit https://sourceforge.net/users/netsecnow."
It does take a few minutes longer to load using the above but me, personally, if I am going to take the time to scan a site I want all the updated information I can have.
I will be looking into setting up Nexprose next. I am really confused why rapid 7 did not include it in Kali as Kali is pretty much wrapped around Metaploit I would think they would try to seamlessly incorporate Nexprose.
Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.
Other worthwhile deals to check out: