Little Tweaks for OpenVas in Kali

Installing and using OpenVas in Kali is fairly simple, and is well described here: https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/

I found a couple issues with the installation, though they are fairly easy to resolve.

Issue 1: creating new credentials produces a 500 server error. This is caused by the fact that folder where OpenVas is storing GNUPG encrypted credentials doesn’t exist, here’s the easy fix:

mkdir /var/lib/openvas/gnupg

(resolution taken from: https://forums.kali.org/showthread.php?25750-OpenVAS-8-Internal-error-while-creating-credentials)

Note that creating the first set of credentials takes some time (OpenVAS generates keys for credential encryption).

Issue 2: doing a scan on a host that doesn’t respond to PING gives Internal Error status for the task. This is a known issue that has been fixed, but not yet included in Kali (as of 20 May 2016). Solution:

sqlite3 /var/lib/openvas/mgr/tasks.dbCREATE TABLE IF NOT EXISTS current_credentials (id INTEGER PRIMARY KEY, uuid text UNIQUE NOT NULL);

Taken from:

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store