Metasploit + OpenVAS 연동 (using Docker)
메모해둘겸 작성합니다. 예전엔 직접 하나하나 해야해서 귀찮았지만 이젠 Docker로 편하게 설치합시다.
docker run -d \
-p 443:443 \
-p 9390:9390 \
--name openvas mikesplain/openvas
docker ip의 9390 포트로 접근 시 관리 페이지 확인이 가능합니다. Metasploit에 연동해서 사용하면 아주 편리하죠.
Command Description
------- -----------
openvas_config_list Quickly display list of configs
openvas_connect Connect to an OpenVAS manager using OMP
openvas_debug Enable/Disable debugging
openvas_disconnect Disconnect from OpenVAS manager
openvas_format_list Display list of available report formats
openvas_help Displays help
openvas_report_delete Delete a report specified by ID
openvas_report_download Save a report to disk
openvas_report_import Import report specified by ID into framework
openvas_report_list Display a list of available report formats
openvas_target_create Create target (name, hosts, comment)
openvas_target_delete Delete target by ID
openvas_target_list Display list of targets
openvas_task_create Create a task (name, comment, target, config)
openvas_task_delete Delete task by ID
openvas_task_list Display list of tasks
openvas_task_pause Pause task by ID
openvas_task_resume Resume task by ID
openvas_task_resume_or_start Resume task or start task by ID
openvas_task_start Start task by ID
openvas_task_stop Stop task by ID
openvas_version Display the version of the OpenVAS server
HAHWUL > openvas_connect admin admin 172.16.0.4 9390 ok
[*] Connecting to OpenVAS instance at 172.16.0.4:9390 with username admin...
[+] OpenVAS connection successful
HAHWUL > openvas_target_create
[*] Usage: openvas_target_create <name> <hosts> <comment>
HAHWUL > openvas_target_create "test" www.hahwul.com "test comment!"
[*] a248577e-b232-4935-a046-98255a08f193
[+] OpenVAS list of targets
ID Name Hosts Max Hosts In Use Comment
-- ---- ----- --------- ------ -------
a248577e-b232-4935-a046-98255a08f193 test www.hahwul.com 1 0 test comment!
HAHWUL > openvas_target_list
[+] OpenVAS list of targets
ID Name Hosts Max Hosts In Use Comment
-- ---- ----- --------- ------ -------
a248577e-b232-4935-a046-98255a08f193 test www.hahwul.com 1 0 test comment!
HAHWUL > openvas_config_list
[+] OpenVAS list of configs
ID Name
-- ----
085569ce-73ed-11df-83c3-002264764cea empty
2d3f051c-55ba-11e3-bf43-406186ea4fc5 Host Discovery
698f691e-7489-11df-9d8c-002264764cea Full and fast ultimate
708f25c4-7489-11df-8094-002264764cea Full and very deep
74db13d6-7489-11df-91b9-002264764cea Full and very deep ultimate
8715c877-47a0-438d-98a3-27c7a6ab2196 Discovery
bbca7412-a950-11e3-9109-406186ea4fc5 System Discovery
daba56c8-73ec-11df-a475-002264764cea Full and fast
HAHWUL > openvas_task_create scan1 scan 2d3f051c-55ba-11e3-bf43-406186ea4fc5 a248577e-b232-4935-a046-98255a08f193
[*] 5fc7c069-124b-46fb-90cd-362ce11a552f
[+] OpenVAS list of tasks
ID Name Comment Status Progress
-- ---- ------- ------ --------
5fc7c069-124b-46fb-90cd-362ce11a552f scan1 scan New -1
HAHWUL >