This tutorial will show you how to install OpenVAS on Kali Linux 2021.x including OpenVAS setup, configuration, and troubleshooting.
OpenVAS does not come pre-installed in Kali Linux. However, the required packages are available on the Kali Linux repositories.
This guide was successfully tested on Kali Linux 2021.1-3.
OpenVAS stands for Open Vulnerabilities Assessment System and is a free, open-source fully-fledged vulnerability scanner with capabilities such as:
- authenticated/unauthenticated testing
- numerous high/low-level Internet and industrial protocols
- performance tuning for large-scale scans, and a versatile internal programming language to execute dedicated vulnerability tests
- a test feed containing over 80,000 up-to-date vulnerability tests
OpenVAS is only available on Linux/UNIX. However, Windows users can install and run OpenVAS in a Windows hypervisor [Hyper-v].
NOTE: OpenVAS replaced all its traditional commands with gvm – one of the reasons why many of you face installation/configuration issues on Kali Linux 2021.x.
Without further ado, let’s get started.
Step 1: Update Kali Linux
As a rule of thumb, before installing anything else, let’s make sure Kali Linux is up-to-date. Open a terminal and type the following command:
sudo apt-get update && sudo apt-get dist-upgrade
Step 2: Install OpenVAS on Kali Linux
As mentioned before, OpenVAS replaced the traditional openvas commands with gvm.
If you encounter the command not found outputs when running the OpenVAS, this is why [Figure 1.2].
To install the latest OpenVAS packages on Kali Linux, type to following command in the terminal:
sudo apt install gvm -y
Once the OpenVAS installation is completed on Kali Linux, proceed to the next step.
Step 3: Setup OpenVAS on Kali Linux
The next step is to set up OpenVAS on Kali Linux. Type the following command in your terminal:
NOTE: the command openvas-setup was replaced with gvm-setup in the latest OpenVAS release [Figure 1.4].
The setup will now proceed with creating the OpenVAS scanner’s certificate files and creating the database. This process will take quite a while. Take a break and come back in 1 hour [not joking].
Step 4: Check OpenVAS setup on Kali Linux
Once the setup is completed, run the following command in the terminal to check if the OpenVAS is correctly installed on your system.
IMPORTANT NOTE: if the OpenVAS installation is not completed, you will receive the following error in the terminal when executing sudo gvm-start command and the browser will show a Page not found message when accessing https://127.0.0.1:9392.
[*] Please wait for the GVM / OpenVAS services to start. [*] You might need to refresh your browser once it opens. [*] Web UI (Greenbone Security Assistant): https://127.0.0.1:9392 Job for gvmd.service failed because a timeout was exceeded. See "systemctl status gvmd.service" and "journalctl -xe" for details.
To fix this error, open a terminal and type the following command [Figure 1.5]:
NOTE: pay attention to Step 5 in the OpenVAS check-setup command output: “Checking Postgresql DB and user error: DB does not exist.”
To fix this error, run the following command in the terminal:
sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database
Step 6: Create the OpenVAS User
OpenVAS requires at least one user to be created to work. To create a new user in OpenVAS, type the following command in the terminal and replace <name> and <password> with your desired username and password [Figure 1.6]:
sudo runuser -u _gvm -- gvmd --create-user=<name> --password=<password>
NOTE: if you use OpenVAS in production, make sure you type a strong password for your username.
Recheck the OpenVAS installation by running the following command in the terminal. The check-setup should now pass all the tests and show the installation is OK message [Figure 1.7]:
Step 7: Launch OpenVAS
Open your browser and type the following in the address field: https://127.0.0.1:9392
You should now see the OpenVAS login window as shown in Figure 1.8 below.
Type the username and password you created earlier in the login window and click the Login button.
Voila! Your OpenVAS is installed on your Kali Linux [Figure 1.9].
Some of you might run into the following PostgreSQL error, especially if you have the habit of updating Kali Linux regularly like me: “the default postgresql version is not 13 required by libgvmd.”
A PostgreSQL conflict most likely causes this error from having two PostgreSQL versions running simultaneously [version 12 and 13]. OpenVAS requires PostgreSQL version 13 to work properly.
Fortunately the fix is quite simple. Open a terminal and type the following command:
sudo nano /etc/postgresql/13/main/postgresql.conf
Scroll down to the Connection and Authentication section, and change the port to 5432 [Figure 1.10].
Now, let’s configure PostgreSQL version 12 to use a different port to avoid conflict. Type in the terminal the following command:
sudo nano /etc/postgresql/12/main/postgresql.conf
Scroll down to the Connection and Authentication section, and change the port to 5433 or any other free port.
Finally, restart the PostgreSQL service by typing the following command in your terminal:
sudo systemctl restart postgresql
Run the gvm-check-setup to validate the OpenVAS installation.
OpenVAS should run without any errors now.
Before You Go
If you are seriously looking into becoming an ethical hacker or penetration tester, you need a isolated lab setup where you can safely learn and practice.
As it happens, I have probably the most comprehensive virtual hacking lab tutorial on the Internet for you. Make sure you check that out.
I hope you found this OpenVAS installation on Kali Linux 2021.x guide useful. If so, do me a favor and share this guide with your friends and colleagues. It really makes a big difference!
Thank you and stay safe.