Changes between Version 1 and Version 2 of netsec2018pentest
- Timestamp:
- Jun 6, 2018, 1:21:02 PM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
netsec2018pentest
v1 v2 7 7 Default user name passwords are root and toor. 8 8 9 Once logged in open your terminal and issue an `apt-get update`command9 Once logged in open your terminal and issue an '''apt-get update''' command 10 10 11 Using Open-VAS as Vulnerability Scanner. 11 == Using Open-VAS as Vulnerability Scanner == 12 12 13 13 The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools. The core of this SSL-secured service-oriented architecture is the OpenVAS Scanner. The scanner very efficiently executes the actual Network Vulnerability Tests (NVTs) which are served via the OpenVAS NVT Feed or via a commercial feed service. (more: www.openvas.org) … … 17 17 18 18 To install OpenVAS on kali, 19 {{{ 20 apt-get install open-vas 21 }}} 19 22 20 apt-get install open-vas 21 22 once the installation is finished, type `openvas-setup’ on terminal to do the initial setup. At the end of the setup it will give you a long password for the default user ‘admin’. Please note it somewhere. 23 once the installation is finished, type '''openvas-setup''' on terminal to do the initial setup. At the end of the setup it will give you a long password for the default user ‘admin’. '''Please note it somewhere'''. 23 24 24 25 When the OpenVAS setup process is finished the OpenVAS manager, scanner and services are listening on port 9390, 9391, 9392 and on port 80. You can use the following netstat command to check if these services are listening: 25 26 {{{ 26 27 netstat –antp 28 }}} 27 29 28 30 Netstat –antp command Explained 31 {{{ 29 32 -a all 30 33 -n show ip instead of host names 31 34 -t show only tcp connections 32 35 -p show process id/name 36 }}} 33 37 34 38 If the OpenVAS services are not running than use the following command to start these services: 39 {{{ 40 openvas-start 41 }}} 35 42 36 openvas-start 43 and open '''https://127.0.0.1:9392''' using your default browser. 37 44 38 and open https://127.0.0.1:9392 using your default browser. 39 40 Log in to ‘Greenbone Security Assistant’ using the username admin and the password from the previous step. 45 Log in to '''Greenbone Security Assistant''' using the username admin and the password from the previous step. 41 46 42 47 The default dashboard will show you a collection of scans, hosts etc.
