• Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Facebook Twitter Instagram
Trending
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Facebook Twitter YouTube Tumblr Instagram Pinterest
Hacking Tutorials
  • Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Hacking Tutorials
You are at:Home » Scanning Tutorials » Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Vulnerability Scanning with OpenVAS 9.0 part 2

Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning

9
By Hacking Tutorials on May 9, 2018 Scanning Tutorials

Is the previous tutorial Vulnerability Scanning with OpenVAS 9.0 part 1 we’ve gone through the installation process of OpenVAS on Kali Linux and the installation of the virtual appliance. In this tutorial we will learn how to configure and run a vulnerability scan. For demonstration purposes we’ve also installed a virtual machine with Metasploitable 2 which we’ll target with OpenVAS. If you don’t know how to install Metasploitable you can check out the installation tutorial for Metasploitable 2 (scroll down a bit) or Metasploitable 3.

Before we can actually start vulnerability scanning with OpenVAS 9, we have to complete the following tasks:

  1. Create and configure a target.
  2. Create and configure a scan task.
  3. Run the scan.

At this point of the tutorial you need to have OpenVAS 9.0 installed and configured. If you haven’t done this at this point I recommend to follow part 1 of vulnerability scanning with OpenVAS first. To follow along it is also recommended to have a vulnerable Metasploitable machine up and running that is accessible from the OpenVAS appliance or the Kali Linux VM you’ve installed OpenVAS on. The lab setup used for this tutorial looks as follows:

  • Host machine with VMWare Workstation Pro 12.
  • Kali Linux 2018.2 VM with OpenVAS 9.0 installed (192.168.65.128).
  • Metasploitable 2 VM (192.168.65.137).

All virtual machines use the NAT network which can be configured in the network settings on the network adapter. Now that we’ve got everything up and running, let’s start with configuring a target and a scan task.

Tip: Did you forgot to write down or change your OpenVAS admin password? Check out the installation tutorial to find out how to reset the admin password.

Vulnerability Scanning with OpenVAS 9 Tutorials

  • Vulnerability Scanning with OpenVAS 9 part 1: Installation & Setup
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

1 Creating a target in OpenVAS

The first step is to create and configure a target using the OpenVAS/Greenbone Security Assistant web interface. This newly created target is selected in the following step where we configure a scanning task.

To create a target, we need to follow 2 steps:

  1. Go to ‘Configuration’ in the top menu and select ’Targets’.
  2. Click the blue icon in the top left corner to create a new target.
Vulnerability scanning
Click configuration and then new target.

After hitting the new target button, a dialog screen appears where we have to enter the following information:

  1. Target name, we’ll name it Metasploitable 2.
  2. The target IP host which is the IP address for our Metasploitable 2 lab machine.

Keep all other settings default and click the ‘Create’ button.

02 Create a target-2
Enter the target name, IP and click create.

The newly created target will now appear in the list of available targets:

03 Create a target-3
Newly created target.

Now that we’ve got our target all set up, let’s continue with creating a scan task that will scan the Metasploitable 2 target for vulnerabilities.

2 Configuring a scanning task in OpenVAS

In this section of the tutorial we will create a new scanning task. A scanning task defines which targets will be scanned and also the scanning options such as a schedule, scanning configuration and concurrently scanned targets and NVTs per host. In this tutorial we will just create a scan task and use default scan configurations. In Vulnerability Scanning with OpenVAS 9.0 part 3 (Will be published on: May 25 2018) we will have a more detailed look into scanning configurations.

To create a new scan task, we have to perform the following steps:

  1. Go to ‘Scans’ in the top menu and select ’Tasks’.
  2. Point to the blue icon in the top left corner and select ‘New Task’.
04 Create a scan task-1
Click scans -> Tasks and then new task.

After clicking the new scan option, a dialog screen appears where we have to enter the following information:

  1. Task name, we’ll name it ‘Scan Metasploitable 2’.
  2. Make sure that the Metasploitable 2 target we’ve created earlier is selected.
  3. Tick the schedule once checkbox.
  4. Keep all other settings default and click the ‘Create’ button to create the new task.
05 Create a scan task-2
Enter the task name, target and schedule the task only once.

The newly created task will now appear in the task list as follows:

06 Create a scan task-3
Newly created scan task.

There’s also a few other options to create scan tasks. We can use the scan task wizard to instantly scan a target and also the advanced scan task wizard which gives a few more options to configure. For demonstration purposes we’ll stick with the task we’ve just created.

Now that we’ve configured the scan task and added the Metasploitable 2 machine to the target list, all that remains is to run the task and wait for the results.

3 Running the OpenVAS vulnerability scan

To run the newly created task we just have to click the green start button as follows:

Run the scan task.

The scan task will now execute against the selected target. Please note that full scan may take a while to complete. When you refresh the tasks page you will be able to check the progress for the executed task:

  1. Reload the page.
  2. Check task status/progress.
08 Run scan task-2
Vulnerability scan in progress…

After waiting a while the scan task is finished and the status changes to ‘Done’:

Vulnerability scan finished
Vulnerability scan finished

As expected we can see that OpenVAS found a number of severe vulnerabilities. Let’s have a look at the details of the results.

4 Interpreting the scan results

Now that the vulnerability scan is finished we can browse to ‘Scans -> Reports’ in the top menu. On the reports page we can find the report for the completed scanning task:

Vulnerability scanning report
Vulnerability scanning report

By clicking the report name we can get an overview of all discovered vulnerabilities on the Metasploitable 2 machine, which is a lot as already expected. The results are ordered on severity rate by default:

Discovered vulnerabilities.
Discovered vulnerabilities.

When we click on the vulnerability name we can get an overview of the details regarding the vulnerability. The following details apply to a backdoor vulnerability in Unreal IRCD we’ve covered in an earlier tutorial:

Vulnerability details
Vulnerability details.

Finally, we can also export the report in a variety of formats, such as: XML, HTML and PDF. WE can do this by selecting the desired format from the drop-down menu and click the green export icon as follows:

Export vulnerability report to PDF
Export vulnerability report to PDF.

For now, this will conclude part 2 of the vulnerability scanning with OpenVAS tutorial. In the next and final part, we will be focusing on custom scanning configurations to fine tune our scanning needs. Part 3 of vulnerability scanning with OpenVAS will be published on May 25.

Virtual Hacking Labs - Penetration testing lab

Hacking Courses on Udemy


Bug Bounty – An Advanced Guide to Finding Good Bugs

Real World Bug Bounty Techniques

Website Hacking / Penetration Testing & Bug Bounty Hunting

Become a bug bounty hunter! Hack websites & web applications like black hat hackers and secure them like experts.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleVulnerability Scanning with OpenVAS 9 part 1: Installation & Setup
Next Article Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network

Related Posts

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network

Vulnerability Scanning with OpenVAS 9 part 1: Installation & Setup

9 Comments

  1. Kadesh on May 10, 2018 11:40 am

    Great tutorial thanks!

    But where is part 3, “In the next and final part, we will be focusing on custom scanning configurations to fine tune our scanning needs.” ?

    Reply
    • Hacking Tutorials on May 11, 2018 7:07 am

      Great to hear that you liked the tutorial!

      Part 3 is scheduled to be published in about 2 weeks.

      Reply
  2. bob on May 29, 2018 10:05 pm

    Good tutorials guys, I await part 3 as I am putting together a master-slave config and wanted to see if you touched upon that. Any update to the release date available?

    Reply
    • Hacking Tutorials on May 30, 2018 4:40 pm

      Hi,

      Thanks! I’m working on part 3 now which will be published next week.

      Best regards,
      Hacking Tutorials

      Reply
      • bob on May 30, 2018 6:51 pm

        That’s good to hear, well I successfully deployed remote scanning architecture with OpenVAS 9 using OMP slave config. I’ll check back next week anyways since the other tutorials were so good. Let me know if you want some input for remote features.

        Reply
        • Hacking Tutorials on June 1, 2018 11:17 am

          Sounds good! What remote features would you recommend to cover in the next tutorial?

          Reply
  3. Eduardo JOSEPH Snape on June 5, 2018 2:39 am

    Nice work with part No. 1 and Part No. 2 looking fordward to read part No. 3

    Reply
    • Hacking Tutorials on June 5, 2018 6:56 am

      Thank you! Working on it.

      Reply
  4. eduardo snape on June 5, 2018 2:13 pm

    There is any way to access to command line in the Openvas Virtual appliance version

    Reply

Leave A Reply Cancel Reply

Top Tutorials
By Hacking TutorialsOctober 29, 20220

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

By Hacking TutorialsJanuary 10, 20220

Installing Rogue-jndi on Kali Linux

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

By Hacking TutorialsSeptember 27, 20210

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

By Hacking TutorialsFebruary 4, 20200

CVE-2019-19781: Citrix ADC RCE vulnerability

By Hacking TutorialsNovember 1, 20188

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Subscribe

Enter your email address to subscribe to Hacking Tutorials and receive notifications of new tutorials by email.

Join 828 other subscribers
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
Virtual Hacking Labs
Penetration Testin Course and Hacking Labs
Categories
  • Digital Forensics
  • Exploit tutorials
  • General Tutorials
  • Hacking Books
  • Hacking Courses
  • Malware Analysis Tutorials
  • Metasploit Tutorials
  • Networking
  • Pentesting Exchange
  • Scanning Tutorials
  • Web Applications
  • Wifi Hacking Tutorials
Downloads
  • directory_scanner.py (120601 downloads)
  • PEiD-0.95-20081103.zip (111453 downloads)
  • wifi_jammer.py (138197 downloads)
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
Popular Tutorials
By Hacking TutorialsSeptember 1, 2016115

Review: Offensive Security Certified Professional (OSCP)

By Hacking TutorialsApril 18, 201738

Exploiting Eternalblue for shell with Empire & Msfconsole

By Hacking TutorialsMarch 17, 201637

Installing VPN on Kali Linux 2016 Rolling

Featured Downloads
  • directory_scanner.py (120601 downloads)
  • PEiD-0.95-20081103.zip (111453 downloads)
  • wifi_jammer.py (138197 downloads)
© Hacking Tutorials 2022

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version