Just another technical day

OpenVas for Kali Linux on the Raspberry Pi

By K4Paul May 11, 2013 March 23, 2017 7 Kali, Vulnerability Scanner Install, OpenVAS, Pi, Raspberry Pi, Security Platform

I’m working on creating a semi-portable security platform. I decided to experiment with installing and using the armel version of Kali Linux (the new backtrack OS) on the raspberry pi. Initially, I faced a lot of problems getting OpenVAS to work on the device. This is one of the very few if only open source armel vulnerability scanners I could find. The following steps cover my successful attempt to setting up OpenVAS for anyone else interested in working with this tool in Kali on a Pi. Be prepared to spend a good amount of time waiting for the plugins to install and the database to update.

Downloaded and installed a fresh armel image of Kali (http://www.kali.org/downloads/). I used this image (Username: root, password: toor).
Use a disk imager to image a SD card with the Kali image to run on the Pi. I used Win32 Disk Imager.
Insert the SD card into the pi and power it up.
You may want to expand the partition created by the disk imager, a tutorial on how to expand an active partition can be found here.

Set the correct date if needed:

date <month><day><hour><minute><year>.<second>

Create the openVAS certificate:
```
openvas-mkcert
```
Create the openVAS client certificate:
```
openvas-mkcert-client -n om -i
```
Download the openVAS NVT’s (This takes a few minutes):
```
openvas-nvt-sync
```
Start the openVAS scanner (This takes 30+ minutes.):
```
openvassd
```
Build the openVAS database (This can take an hour or more.):
```
openvasmd --rebuild
```

Create an admin account:

openvasad -c 'add_user' -n openvasadmin -r Admin

Update the openVAS database with the latest definition (This can take an hour or more.):
```
openvasmd --update
```
Migrate the database (This can take an hour or more.):
```
openvasmd --migrate
```
Rebuild one last time to be safe (This can take an hour or more.):
```
openvasmd --rebuild
```
Start the openVAS manager on port 9390:
```
openvasmd -p 9390 -a 127.0.0.1
```
Start the openVAS admin:
```
openvasad -a 127.0.0.1 -p 9393
```
Start GSAD, this is the client tool for openVAS:
```
gsad --http-only -p 9392
```
Use the web client to interact with the tool, it can be accessed on http://<IP OF PI>:9392. You can log in with the admin account created earlier.

That’s it! Now you can use this amazing tool to scan machines in a network!

After a reboot or shutdown, openVAS can be started with the commands:

Start the openVAS scanner (This takes a few minutes this time.): openvassd
Start the openVAS manager on port 9390: openvasmd -p 9390 -a 127.0.0.1
Start the openVAS admin: openvasad -a 127.0.0.1 -p 9393
Start GSAD on port 9392, this is the client tool for openVAS: gsad –http-only -p 9392