Vulnerability Scanner Setup and Configuration of OpenVAS Part 1

00:00

everyone. Welcome back to the course. In the last video, we talked about our tool called core impact for vulnerability skinning. We also talked about why we even care about vulnerability. Scanning as a penetration tester

00:11

in this video, where to cover a tool called open Vaasa will go ahead and watch it set it up, configure it on. Then we'll run a scan with it and take a look at the results.

00:20

So be sure to lock it in separate website, which again, if you're watching this course, you should be already loved in unless you're taking it out on underground forum. In which case please log in to Cyberia just so you can go ahead and follow along with the laps.

00:33

All right, so once you loved in the cyber website in the search box, you'll go ahead type invulnerability skin or set up in configuration on specifically, you're looking for the one that says part two on it so you could type all of this out if you want to. But generally speaking of you, just type in vulnerability scanner and then start typing set up. It will show you the couple of options with that and the title.

00:53

And then you will choose the one that says

00:55

PT Period two on it. So part two on it.

00:58

Once you've done that, go ahead and click the launch button. It will more than likely tell you you need to launch the lab in a separate window. If it does, I just click on the launch item button and that will actually launched the LAPD for you. Now it takes roughly about anywhere from 40 seconds to a minute or so. I put 1 to 2 minutes on here just cause that's the longest I've seen ago

01:17

before. Launches the lab, but in most cases about 40 seconds or so

01:21

and it should launch everything for you.

01:23

Once it launches the lab for you, you'll see the puppet box which you'll see in the background there a little bit

01:27

to close that outward is gonna click on it and we'll sleep. Select the next button on they just click the okay button and that'll close that out for us. It'll take us to the calendar next log in screen in this particular case,

01:38

and we're just gonna go ahead and get loved. And now the longing here is actually gonna be towards student all over case. So student for our user name and then student for our password.

01:49

I'm gonna go ahead and get us loved into Callie here.

01:53

All right, so it's go ahead. It's gonna log in, and I take just a moment or so here. The next step we're gonna do is launch a terminal window. So here, in step six, the way we do that as we just click on this black colored box on the far left Here,

02:07

click on that. It'll open up the terminal window for you.

02:12

Let's go back to our lab document. No.

02:14

So the first thing we're gonna actually do is we're gonna create a file on in the fire. We're gonna put a bunch of I P addresses. So when we get to step nine, you just want to make sure your type of men just like this we're here. Step eight now. So let's go ahead and use a tool. A command called Nano, which will allow us to create this particular file on. And then we can put our data inside of that particular file.

02:34

Let's go and do that. Now it's We're just type in Nano All over. Case

02:38

the scanning.

02:38

Underscore target

02:42

underscore list. So once you've taught that in nano scanning underscore Target on the score list, just go ahead and press enter new keyboard. You'll notice that it'll open up that particular file for us.

02:52

Now, if you want to pause the video and jot down these I p addresses, you're welcome to here in step nine because that's our next step here. If you just want O positive video as you go through these and make sure you put him in, that's perfectly fine as well. I'm just going to go ahead and read them off as I type them in and try to go slow enough so you can just type them with me,

03:10

All right, so just go ahead and start typing now,

03:14

and I do want to mention also on your keyboard the number key.

03:16

Uh, the number lock may not work in this particular virtual environment, so you may have to type it regular or use a virtual keyboard that's inside of here. So I'm gonna choose my regular keyboard, but again, I won't use the keypad portion something because it's not going to work for this particular lap.

03:34

So our first I p addresses gonna All of these are gonna be one attitude of 168.0. That something

03:39

eso eso just keep that in mind all of them. It would be 102.168 dot zero this first wannabe 00.10 the next one B 20 etcetera, etcetera all the way up until 200.50.

03:50

So let's go and type of man one of the time here.

03:52

So 1 92

03:53

not 168

03:55

got zero dark 10 that will put a comma space and then 1 92

04:00

0.168 dot 0.20

04:04

comma space.

04:05

One attitude I won't succeed.

04:09

That's 0.30

04:11

com space. Now you could also just copy and paste sees. I just like to do the manual stuff sometimes just cause it builds up muscle memory. So the next one here is one huge out 168.0 dot 40 And then finally we wrap up with 1 92.168 dot 0.50

04:28

All right, so once you've typed that in there, you're gonna on your keyboard. Gonna hold down the control button, and then while you're holding down the control button, you press the letter X. And if you notice that the very bottom left of command prompt there or the terminal window Excuse me, you'll notice that the exit is the option we're actually selecting here. So controlling that X will exit out of that portion,

04:46

it's gonna ask us, Do you want to save the changes? Were just gonna type of why in there,

04:50

since we want to say yes, we want to save the changes. We want to save our I P addresses on then our last step here. Once we're back at this particular screen, we're just gonna press the enter key on your keyboard to save that particular file.

05:02

All right, you'll see. Once we do that, it takes us back to our command prompt.

05:06

So let's go back to our lab document

05:09

and feel free to pause this video. If you're still working on that first portion, there

05:14

are you have gone through all these steps here is we've gone through step nine when ahead, intention or I always i p addresses

05:19

with ending control X

05:23

To back out of that we then got a problem saying, Hey, do you want to save this? We said, yes, we do, by taking why.

05:29

And then we finally saved our file by just pressing the enter key on the keyboard

05:33

are. So now we're gonna go ahead and actually launch our tool. Now that we've credit our file, we loaded it with I P addresses. Now we've got some things to scan, right? So let's go ahead and launch open Voss. The way we do that here is unless your route user like on your own machine. But in this case, where a student user us we're different user than roots. So we need to type and pseudo

05:53

space open. Voss Dash start.

05:56

So let's go and do that. Now you want to type in pseudo

06:00

so we can change ourselves to root for this particular command and then open voss

06:04

and then dash, start and then just press enter into keyboard here.

06:10

You know, it's gonna ask you for a password again. That's the one we just used to log into. Callie. So that's a student all over case, and it's not gonna show you down the screen there, But once you type it in distress Internet keyboard, and it's gonna go ahead and start open Voss Force. Now, it may take some time to launch, hoping Voss could take up to five minutes.

06:27

Most cases, it was taken about 23 minutes for me.

06:30

But I'm gonna go ahead and pause the video here once it opens open Voss and launches everything is actually gonna open your Firefox browser and take you to the green bone security assistant Log unpaid. So once you see that, you know you're at the right step on. That would be a step 16 and then we'll be ready for step 17. But again, I'm gonna go ahead and pause the video here,