Install and use Greenbone Vulnerability Manager with the Kali Linux distribution

Last updated: Jun 14, 2024

Greenbone Vulnerability Manager is a software framework that includes several tools (OpenVas, WebUI…) to perform vulnerability scans.

Indeed, with this software framework we will be able to scan a complete network or a single host to see if it is prone to known vulnerabilities.

Historically Greenbone Vulnerability Manager is a fork of the Nessus scanning tool which is now a proprietary software.

Key features:
- Vulnerability scan
- Nessus fork
- Able to track security holes in a computer network

Kali Linux Release: 2024.2

Install GVM

Install

Upgrade packages:

kali@kali:~$ sudo apt update && sudo apt dist-upgrade

Install necesserary paquages:

kali@kali:~$ sudo apt install gvm postgresql nsis

Run setup script:
- Which will:
  - Start services and create PostgreSQL database
  - Create GVM certificate files
  - Apply needed permissions
  - Update vulnerabilities databases
  - Create and set admin account

kali@kali:~$ sudo gvm-setup

[…]
[*] Please note the password for the admin user
[*] User created with password 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx'.

[>] You can now run gvm-check-setup to make sure everything is correctly configured

Please note the password of the user admin.

Start gvmd and gsad services:

kali@kali:~$ sudo systemctl start gvmd.service && sudo systemctl start gsad.service

Run check script:

kali@kali:~$ sudo gvm-check-setup
[…]
It seems like your GVM-23.11.0 installation is OK.

Check gvmd service is running:

kali@kali:~$ sudo systemctl status gvmd.service

Check WebUI is waiting for a connection:

kali@kali:~$ sudo ss -ltn4p
State         Recv-Q        Send-Q                Local Address:Port                 Peer Address:Port        Process                                                          
LISTEN        0             4096                         127.0.0.1:9392                       0.0.0.0:*            users:(("gsad",pid=2243,fd=10))

Add default admin user the right to create tasks:

kali@kali:~$ sudo gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value admin

Now, you should be able to connect to the https://127.0.0.1:9392 address using the admin login and the associated password (use the one previously printed during the gvm-setup phase):

Kali Linux | Greenbone Vulnerability Manager > Sign in to you account Web Page

Change listening interface (Optional)

In its default configuration Greenbone Security Assistant (GSA) (WebUI) is only reachable through local address (127.0.0.1). To be able to connect to the WebUI interface from others hosts we need to modify systemctl configuration.

Edit /usr/lib/systemd/system/gvmd.service:

[Unit]
Description=Greenbone Vulnerability Manager daemon (gvmd)
After=network.target networking.service postgresql.service ospd-openvas.service
Wants=postgresql.service ospd-openvas.service
Documentation=man:gvmd(8)
ConditionKernelCommandLine=!recovery

[Service]
Type=forking
User=_gvm
Group=_gvm
PIDFile=/run/gvmd/gvmd.pid
RuntimeDirectory=gvmd
RuntimeDirectoryMode=2775
#ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock --listen-group=_gvm
ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock -a 0.0.0.0
Restart=always
TimeoutStopSec=10

[Install]
WantedBy=multi-user.target

Edit /usr/lib/systemd/system/gsad.service:

[Unit]
Description=Greenbone Security Assistant daemon (gsad)
Documentation=man:gsad(8) https://www.greenbone.net
After=network.target gvmd.service
Wants=gvmd.service

[Service]
Type=forking
User=_gvm
Group=_gvm
RuntimeDirectory=gsad
RuntimeDirectoryMode=2775
PIDFile=/run/gsad/gsad.pid
#ExecStart=/usr/sbin/gsad --listen 127.0.0.1 --port 9392
ExecStart=/usr/sbin/gsad --mlisten=KALI_IP_ADDRESS --listen 0.0.0.0 --port 9392
Restart=always
TimeoutStopSec=10

[Install]
WantedBy=multi-user.target
Alias=greenbone-security-assistant.service

kali@kali:~$ sudo systemctl daemon-reload kali@kali:~$ sudo systemctl restart gvmd.service kali@kali:~$ sudo systemctl restart gsad.service

Useful commands

Update Network Vulnerability Tests:

kali@kali:~$ sudo -u _gvm greenbone-nvt-sync

Keeping the feeds up-to-date:

kali@kali:~$ sudo greenbone-feed-sync --type CERT
kali@kali:~$ sudo greenbone-feed-sync --type SCAP
kali@kali:~$ sudo greenbone-feed-sync --type GVMD_DATA

Create an gvadmin user:

kali@kali:~$ sudo runuser -u _gvm -- gvmd --create-user=gvadmin --password=stPassw0rd --disable-password-policy

Get UUIDs of all created users:

kali@kali:~$ sudo runuser -u _gvm -- gvmd --get-users

Change user password:

kali@kali:~$ sudo runuser -u _gvm -- gvmd --user=gvadmin --new-password=gvadmin

Using GVM

We will see here how to perform our first vulnerability scan of a predetermined host.

Create target

Go to Targets:

Kali Linux | Greenbone Vulnerability Manager > Configuration > Targets

Click New Target link:

Define the Target to scan by setting the ip address and giving it a Name:

Create task

Open Tasks:

Kali Linux | Greenbone Vulnerability Manager > Scans > Tasks

Click New Task icon:

Define the New Task by setting the Name, associate the Target and by checking Schedule Once:

Click Play button to Start the task:

Kali Linux | Greenbone Vulnerability Manager Start Task

After some minutes the task end, click to the Last Report link to access scan vulnerabilities report:

Kali Linux | Greenbone Vulnerability Manager, task end

You will have a complete report:

Kali Linux | Greenbone Vulnerability Manager, vulnerabilities report

Computing

Music

Misc