Little Tweaks for OpenVas in Kali

Installing and using OpenVas in Kali is fairly simple, and is well described here: https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/

I found a couple issues with the installation, though they are fairly easy to resolve.

Issue 1: creating new credentials produces a 500 server error. This is caused by the fact that folder where OpenVas is storing GNUPG encrypted credentials doesn’t exist, here’s the easy fix:

mkdir /var/lib/openvas/gnupg

(resolution taken from: https://forums.kali.org/showthread.php?25750-OpenVAS-8-Internal-error-while-creating-credentials)

Note that creating the first set of credentials takes some time (OpenVAS generates keys for credential encryption).

Issue 2: doing a scan on a host that doesn’t respond to PING gives Internal Error status for the task. This is a known issue that has been fixed, but not yet included in Kali (as of 20 May 2016). Solution:

sqlite3 /var/lib/openvas/mgr/tasks.dbCREATE TABLE IF NOT EXISTS current_credentials (id INTEGER PRIMARY KEY, uuid text UNIQUE NOT NULL);

Taken from:

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.