一、前期准备
环境准备:kali-2021.4 虚拟机需要通外网
1、修改yum源
vim /etc/apt/sources.list
#kali官方源
deb Index of / moto main non-free contrib
deb-src Index of / moto main non-free contrib
deb http://security.kali.org/ moto/updates main contrib non-free
deb-src http://security.kali.org/ moto/updates main contrib non-free
#中科大kali源
deb Index of /kali/ kali main non-free contrib
deb-src Index of /kali/ kali main non-free contrib
deb http://mirrors.ustc.edu.cn/kali-security kali/updates main contrib non-free
#新加坡kali源
deb http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb-src http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb http://security.kali.org/kali-security kali/updates main contrib non-free
deb http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free
deb-src http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free
#阿里云kali源
deb http://mirrors.aliyun.com/kali kali main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali main non-free contrib
deb http://mirrors.aliyun.com/kali-security kali/updates main contrib non-free
#163 Kali源
deb http://mirrors.163.com/debian wheezy main non-free contrib
deb-src http://mirrors.163.com/debian wheezy main non-free contrib
deb http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163.com/debian-security wheezy/updates main non-free contrib
deb http://mirrors.163.com/debian-security wheezy/updates main non-free contrib
#中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
2、升级kali系统
apt-get update
apt-get upgrade
apt-get dist-upgrade
apt-get clean
3、查看postgres数据库端口
把端口5432改为5433 (我用的是postgres14)
vim /etc/postgresql/(版本号)/main/postgresql.conf
修改完之后,重启服务
systemctl start postgresql
二、开始安装openvas
1、下载
apt-get install openvas
2、安装(安装过程很久,2到4个小时,耐心等待)
#安装
gvm-setup
#启动
gvm-start
#检查
gvm-check-setup
安装完之后可以先执行gvm-check-setup检查一下,有错误就根据提示修改
三、openvas使用
1、修改密码(默认密码是空的)
runuser -u _gvm -- gvmd --user=admin --new-password=admin
2、登录控制台
在浏览器中输入https://localhost:9392 如果是在物理机打开,localhost就需要替换kali的IP地址
会提示不安全,跳过就好了
3、快速扫描
点击
task wizard
填入需要扫描的地址
最后点击start scan
最后就可以使用了
后期需要升级特征库
gvm-feed-update
唠一唠:个人觉得这个漏扫工具做实验还可以,直接应用是不推荐,毕竟都是英文,对英语不太好的兄弟姐妹不太友好,个人电脑也用不上,有安全软件保护,一般不会有太大问题。
这个文章是参考weixin_42451330这位博主
若有侵权,请联系我删文。
参考文章链接:kali上安装 OpenVas (避坑版)_weixin_42451330的博客-CSDN博客_kali openvas