经历好多次的挫折,找出相互关系。一步步理清其中的设置。现在不能解决的问题,openvas大概历程是,建立扫描服务器,配置端口和密钥,管理设置扫描器和输出管理器gsa和cli。设置任务,开始扫描漏洞
问题1:openvas --rebuild --progress 重建失败,求答案
root@lover:~# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.
openvas主要的构件:
主要组件 openvassd
root@lover:~# openvassd -h
Usage:
openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
-V, --version Display version information
-f, --foreground Do not run in daemon mode but stay in foreground
-a, --listen=<address> Listen on <address>
-p, --port=<number> Use port number <number>
-c, --config-file=<filename> Configuration file
-s, --cfg-specs Print configuration settings
-y, --sysconfdir Print system configuration directory (set at compile time)
-C, --only-cache Exit once the NVT cache has been initialized or updated
--gnutls-priorities=<string> GnuTLS priorities string
--dh-params=<string> Diffie-Hellman parameters file
设置扫描器和用户界面openvasmd
root@lover:~# openvasmd -h
Usage:
openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
--backup Backup the database.
-d, --database=<file/name> Use <file/name> as database for SQLite/Postgres.
--disable-cmds=<commands> Disable comma-separated <commands>.
--disable-encrypted-credentials Do not encrypt or decrypt credentials.
--disable-password-policy Do not restrict passwords to the policy.
--disable-scheduling Disable task scheduling.
--create-user=<username> Create admin user <username> and exit.
--delete-user=<username> Delete user <username> and exit.
--get-users List users and exit.
--create-scanner=<scanner> Create global scanner <scanner> and exit.
--modify-scanner=<scanner-uuid> Modify scanner <scanner-uuid> and exit.
--scanner-name=<name> Name for --modify-scanner.
--scanner-host=<scanner-host> Scanner host for --create-scanner, --rebuild and --update. Default is 127.0.0.1.
--scanner-port=<scanner-port> Scanner port for --create-scanner, --rebuild and --update. Default is 9391.
--scanner-type=<scanner-type> Scanner type for --create-scanner. Either 'OpenVAS' or 'OSP'.
--scanner-ca-pub=<scanner-ca-pub> Scanner CA Certificate path for --[create|modify]-scanner.
--scanner-key-pub=<scanner-key-public> Scanner Certificate path for --[create|modify]-scanner.
--scanner-key-priv=<scanner-key-private> Scanner private key path for --[create|modify]-scanner.
--verify-scanner=<scanner-uuid> Verify scanner <scanner-uuid> and exit.
--delete-scanner=<scanner-uuid> Delete scanner <scanner-uuid> and exit.
--get-scanners List scanners and exit.
-f, --foreground Run in foreground.
-a, --listen=<address> Listen on <address>.
--listen2=<address> Listen also on <address>.
--max-ips-per-target=<number> Maximum number of IPs per target.
--max-email-attachment-size=<number> Maximum size of alert email attachments, in bytes.
--max-email-include-size=<number> Maximum size of inlined content in alert emails, in bytes.
-m, --migrate Migrate the database and exit.
--create-credentials-encryption-key Create a key to encrypt credentials.
--encrypt-all-credentials (Re-)Encrypt all credentials.
--new-password=<password> Modify user's password and exit.
--optimize=<name> Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, rebuild-report-cache or update-report-cache.
-p, --port=<number> Use port number <number>.
--port2=<number> Use port number <number> for address 2.
--progress Display progress during --rebuild and --update.
--rebuild Rebuild the NVT cache and exit.
--role=<role> Role for --create-user and --get-users.
-u, --update Update the NVT cache and exit.
--user=<username> User for --new-password.
--gnutls-priorities=<priorities-string> Sets the GnuTLS priorities for the Manager socket.
--dh-params=<file> Diffie-Hellman parameters file
-v, --verbose Print tracing messages.
--version Print version and exit.
命令行窗口 opencli -omp
root@lover:~# omp --help
用法:
omp [选项...] - OpenVAS OMP Command Line Interface
帮助选项:
-?, --help 显示帮助选项
应用程序选项:
-h, --host=<host> Connect to manager on host <host>
-p, --port=<number> Use port number <number>
-V, --version Print version.
-v, --verbose Verbose messages (WARNING: may reveal passwords).
--use-certs Use client certificates to authenticate.
--client-cert=<cert-file> Client certificate. Default: /usr/local/var/lib/openvas/CA/clientcert.pem
--client-key=<key-file> Client key. Default: /usr/local/var/lib/openvas/private/CA/clientkey.pem
--client-ca-cert=<cert-file> Client CA certificate. Default: /usr/local/var/lib/openvas/CA/cacert.pem
-u, --username=<username> OMP username
-w, --password=<password> OMP password
--config-file=<config-file> Configuration file for connection parameters.
-P, --prompt Prompt to exit.
-O, --get-omp-version Print OMP version.
-n, --name=<name> Name for create-task.
-C, --create-task Create a task.
-m, --comment=<name> Comment for create-task.
-c, --config=<config> Config for create-task.
-t, --target=<target> Target for create-task.
-E, --delete-report Delete one or more reports.
-D, --delete-task Delete one or more tasks.
-R, --get-report Get report of one task.
-F, --get-report-formats Get report formats. (OMP 2.0 only)
-f, --format=<format> Format for get-report.
--filter=<string> Filter string for get-report
-G, --get-tasks Get status of one, many or all tasks.
-g, --get-configs Get configs.
-T, --get-targets Get targets.
-i, --pretty-print In combination with -X, pretty print the response.
-S, --start-task Start one or more tasks.
-M, --modify-task Modify a task.
--ping Ping OMP server
--timeout=<number> Wait <number> seconds for OMP ping response
--file Add text in stdin as file on task.
-X, --xml=<command> XML command (e.g. "<help/>"). "-" to read from stdin.
--send-file=<file> Replace SENDFILE in xml with base64 of file.
--details Enable detailed view.
4843
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
