How to install free Openvas vulnerability scanner using docker and how to perform a scan
Update at 06.11.2023
Please note, when I wrote this blog, that time I did not know that this docker repo was decommissioned. You can still follow along to learn but I will very soon post my new writeup regarding new docker container of openvas and post the link here. Thanks.
Update link:
Let’s first see how we can up and running openvas very quickly using docker within 5–7 minutes in my kali machine. Although the repo is old and they are recommending not to use it but this is a great start for learning purpose. I will be covering soon the same with the latest docker image.
You just need to give the follwing commands one by one and wait to finish. Root access is required.
apt-get update && apt-get upgrade -y
apt-get install docker.io -y
docker run -d -p 443:443 --name openvas mikesplain/openvas
Once done then you will see something similar to the above image.
Now on the kali browser, type https://127.0.0.1
Default creds are admin:admin
Now you need to update the vulnerability database. Run the following commands one by one:
docker exec -it openvas bash
## inside container
export FEED=feed.community.greenbone.net
export COMMUNITY_NVT_RSYNC_FEED=rsync://$FEED:/nvt-feed
export COMMUNITY_CERT_RSYNC_FEED=rsync://$FEED:/cert-data
export COMMUNITY_SCAP_RSYNC_FEED=rsync://$FEED:/scap-data
greenbone-nvt-sync
openvasmd --rebuild --progress
greenbone-certdata-sync
greenbone-scapdata-sync
openvasmd --update --verbose --progress
/etc/init.d/openvas-manager restart
/etc/init.d/openvas-scanner restartgreenbone-scapdata-syncI found the above one command not working properly inside docker container. This could be because the repo is too old and they don’t care to fix it.
It will take almost around <2 hours to complete. Be patient.
How to perform a scan:
I have already performed a scan that’s why you can see some results on the dashboard. From the Scans menu, click on Tasks.
Now click on the start button where arrow is pointing. Then click on New Task.
Now click here where arrow is pointing to set your scan target, ip address of the target and credentials for authentication scan. And in the Name field, give a name for the scan. i.e. I gave sansforensics.
Again give a name of your target i.e. sansforensics. Then provide the ip address of the target. Now come to the Credentials for authenticated checks part and click on the star icon where arrow is pointing. Mention the port correctly.
Give a name again :)
And provide the credentials of your target host. Then click on Create. Leave rest of the settings as it is.
It will take you to the Task’s page. Now from here you need to click on the play or start button to start your scan. Once the scan is finish then from Scans menu, you need to click on Reports or Results to view the findings.
Troubleshooting:
Sometimes you may encounter a problem like you are hitting https://127.0.0.1 but the page is not coming. You need to check then your docker instance is running or not.
docker ps -a
docker start <container id>Thanks. I hope this blog will help you to perform VA using openvas tool. If you find this helpful please consider to subscribe below.
LinkedIn:
https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/
YouTube:
