{"id":145,"date":"2021-02-25T22:51:48","date_gmt":"2021-02-25T22:51:48","guid":{"rendered":"https:\/\/cas.cybercop-training.ch\/?page_id=145"},"modified":"2021-05-31T14:22:56","modified_gmt":"2021-05-31T14:22:56","slug":"openvas-vulnerability-scanning","status":"publish","type":"page","link":"https:\/\/cas.cybercop-training.ch\/index.php\/openvas-vulnerability-scanning\/","title":{"rendered":"OpenVAS Vulnerability Scanning"},"content":{"rendered":"<h1>1. Introduction<\/h1>\n<blockquote>\n<p>In 2005, the developers of the vulnerability scanner Nessus decided to discontinue the work under<br \/>\nOpen Source licenses and switch to a proprietary business model. The open source tool was called<br \/>\nOpenVAS. In late 2008, the company Greenbone Networks GmbH, based in Osnabr\u00fcck, Germany<br \/>\nwas founded to push forward OpenVAS. The year 2017 marked the beginning of a new era:<br \/>\nGreenbone became visible as the driving force behind OpenVAS, reducing the brand confusion. This<br \/>\nincluded several activities, the most essential one the renaming of the &quot;OpenVAS framework&quot; to<br \/>\n&quot;Greenbone Vulnerability Management&quot; (GVM), of which the OpenVAS Scanner is one of many<br \/>\nmodules.<\/p>\n<\/blockquote>\n<p>After setting up the Hackinglab VPN Connection, please perform a vulnerability scan with OpenVAS against<br \/>\nthe following networks:<\/p>\n<blockquote>\n<p>&gt;<br \/>\n192.168.200.0\/24<br \/>\n192.168.202.0\/24<\/p>\n<\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/vpn_01.png\" alt=\"\" \/><\/p>\n<p>May you want to start with some single ip addresses (otherwise it take a very long time)<br \/>\nPlease submit a ZIP file containing your own pdf report and html scan results.<\/p>\n<ol>\n<li>Describe this task<\/li>\n<li>Describe your methodology<\/li>\n<li>Describe your lesson learned<\/li>\n<li>Attach the vulnerability report from your scan (html)<\/li>\n<\/ol>\n<h2>2. Answers and Solution<\/h2>\n<ol>\n<li>See description above<\/li>\n<li>This is the active part of reconnaissance. Using OpenVAS, an opensource vulnerability scanner for gathering useful information about the targets networks and any possible exploits and vulnerabilities.<\/li>\n<li>This exercise gave me really headache, because the setup was very time consuming and there was a problem with updating the signatures. Finally I got it to work, but decided to scan a single host instead<br \/>\nof the whole ip range. I got the signature update (<code>greenbone-nvt-sync<\/code>) only to work, by starting the docker setup witout the <code>nvt-sync<\/code> container.<\/li>\n<\/ol>\n<p><img decoding=\"async\" src=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/openvas_update4.png\" alt=\"\" \/><\/p>\n<p><code>docker -execute -it c5fd91baa386 bash<\/code><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/openvas_update2.png\" alt=\"\" \/><\/p>\n<p>After setting up the update command greenbone-nvt-sync and openvas-u the VTS list got loaded!<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/openvas_update1.png\" alt=\"\" \/><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/openvas_5.png\" alt=\"\" \/><\/p>\n<p>Attached, please find my results:<\/p>\n<p><a href=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/open_vas.zip\" class=\"mtli_attachment mtli_zip\" title=\"open_vas\">open_vas<\/a><\/p>\n<p>There was no option to export a html report. A pdf export gave me a 0byte document. Maybe there&#8217;s a dependency missing?<\/p>\n<p><a href=\"https:\/\/gist.github.com\/rain1024\/98dd5e2c6c8c28f9ea9d\">https:\/\/gist.github.com\/rain1024\/98dd5e2c6c8c28f9ea9d<\/a><\/p>\n<p>PDF Report:<br \/>\n<a href=\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/open_vas1.pdf\" class=\"mtli_attachment mtli_pdf\" title=\"open_vas#1\">open_vas#1<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>1. Introduction In 2005, the developers of the vulnerability scanner Nessus decided to discontinue the work under Open Source licenses and switch to a proprietary business model. The open source tool was called OpenVAS. In late 2008, the company Greenbone Networks GmbH, based in Osnabr\u00fcck, Germany was founded to push forward OpenVAS. The year 2017 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-145","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/pages\/145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/comments?post=145"}],"version-history":[{"count":3,"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/pages\/145\/revisions"}],"predecessor-version":[{"id":1344,"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/pages\/145\/revisions\/1344"}],"wp:attachment":[{"href":"https:\/\/cas.cybercop-training.ch\/index.php\/wp-json\/wp\/v2\/media?parent=145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}