openvas in msf

1. 创建管理员
    root@kali:~# openvasad -c 'add_user' -n admin -r 'Admin'
    Enter password:
    ad   main:MESSAGE:4246:2014-08-10 02h39.54 UTC: No rules file      provided, the new user will have no restrictions.
    ad   main:MESSAGE:4246:2014-08-10 02h39.54 UTC: User admin has been successfully created.
2. openvas-nvt-sync更新plugins
3. 在menu中选择Kali Linux => Vulnerability Analysis => OpenVas中选择         openvas start
    Starting OpenVas Services
    Starting Greenbone Security Assistant: gsad.
    Starting OpenVAS Scanner: openvassd.
    Starting OpenVAS Administrator: openvasad.
    Starting OpenVAS Manager: openvasmd.
4. 启动msf
5. load openvas
6. 连接到openvas服务
    msf > load openvas
   

Welcome to OpenVAS integration by kost and averagesecurityguy.

   

   

OpenVAS integration requires a database connection. Once the

   

database is ready, connect to the OpenVAS server using openvas_connect.

   

For additional commands use openvas_help.

   

   

Successfully loaded plugin: OpenVAS

7. 然后可以使用openvas_help
8. openvas_connect admin admin localhost 9390 ok
9. 创建一个target
    openvas_target_create ubuntu 192.168.59.134 111
10. 创建一个task
    openvas_task_create scan scan 0 2
11. 启动一个task
    openvas_task_start 1
12. 查看task的状态
    msf > openvas_task_list
    [+] OpenVAS list of tasks

    ID  Name  Comment  Status  Progress
    --  ----  -------  ------  --------
    0   1~~   xxoo     Done    -1
    1   scan  scan     Done    -1
13. 列出报告format
    msf > openvas_format_list
    [+] OpenVAS list of report formats

    ID  Name   Extension  Summary
    --  ----   ---------  -------
    0   ARF    xml        Asset Reporting Format v1.0.0.
    1   CPE    csv        Common Product Enumeration CSV table.
    2   HTML   html       Single page HTML report.
    3   ITG    csv        German "IT-Grundschutz-Kataloge" report.
    4   LaTeX  tex        LaTeX source file.
    5   NBE    nbe        Legacy OpenVAS report.
    6   PDF    pdf        Portable Document Format report.
    7   TXT    txt        Plain text report.
    8   XML    xml        Raw XML report.
14. download报告
    msf > openvas_report_download 2 1 /root/ openvas.html

15. 还可以使用openvas的gsd观察进度

16. 连接数据库（如何创建，连接数据库及常见错误情况前一篇blog）
    db_connect postgres:111111@127.0.0.1/pentest
17. 将report 导入数据库
    msf > openvas_report_import 3 8
   

Importing report to database.

openvas只支持导入NBE 和 XML格式

18. 查看结果
    msf > hosts

    Hosts
    =====

    address         mac  name  os_name  os_flavor  os_sp  purpose  info  comments
    -------         ---  ----  -------  ---------  -----  -------  ----  --------
    192.168.59.134             Unknown                    device