1. Introduction
In 2005, the developers of the vulnerability scanner Nessus decided to discontinue the work under
Open Source licenses and switch to a proprietary business model. The open source tool was called
OpenVAS. In late 2008, the company Greenbone Networks GmbH, based in Osnabrück, Germany
was founded to push forward OpenVAS. The year 2017 marked the beginning of a new era:
Greenbone became visible as the driving force behind OpenVAS, reducing the brand confusion. This
included several activities, the most essential one the renaming of the "OpenVAS framework" to
"Greenbone Vulnerability Management" (GVM), of which the OpenVAS Scanner is one of many
modules.
After setting up the Hackinglab VPN Connection, please perform a vulnerability scan with OpenVAS against
the following networks:
>
192.168.200.0/24
192.168.202.0/24
May you want to start with some single ip addresses (otherwise it take a very long time)
Please submit a ZIP file containing your own pdf report and html scan results.
- Describe this task
- Describe your methodology
- Describe your lesson learned
- Attach the vulnerability report from your scan (html)
2. Answers and Solution
- See description above
- This is the active part of reconnaissance. Using OpenVAS, an opensource vulnerability scanner for gathering useful information about the targets networks and any possible exploits and vulnerabilities.
- This exercise gave me really headache, because the setup was very time consuming and there was a problem with updating the signatures. Finally I got it to work, but decided to scan a single host instead
of the whole ip range. I got the signature update (greenbone-nvt-sync) only to work, by starting the docker setup witout thenvt-synccontainer.
docker -execute -it c5fd91baa386 bash
After setting up the update command greenbone-nvt-sync and openvas-u the VTS list got loaded!
Attached, please find my results:
There was no option to export a html report. A pdf export gave me a 0byte document. Maybe there’s a dependency missing?
https://gist.github.com/rain1024/98dd5e2c6c8c28f9ea9d
PDF Report:
open_vas#1