Thursday, January 10, 2013

Configuring OpenVas on BackTrack 5 R3

BackTrack is a pentest linux distribution, download live cd from here, it contains the open source security scanner OpenVAS.
Below are the configuration steps required after booting BackTrack 5 R3 to get OpenVAS running.

At any stage of the configuration you can always run this script to check what is missing: /pentest/misc/openvas/openvas-check-setup

Assuming you have configured network configuration with internet access.

Start by running openvas-mkcert and follow the instruction

Then sync the NVTs: openvas-nvt-sync

Next create an admin account: openvasad -c 'add_user' -n ayman -r Admin

Configure access for the OpenVas Manager: openvas-mkcert-client -n om -i

Start the scanner (this will take some time after the NVTs has been sync'd) : openvassd

Finally rebuild the database and run the services:

openvasmd --rebuild
openvasmd -p 9390
openvasad -p 9393
gsad --http-only -p 9392

Now browse to port 9392 on your machine and login with the account you created

OPTIONAL: By default OpenVas will be unable to run other additonal scanners, to enable it to use them do the following

Install Arachni: apt-get update; apt-get install arachni
Create the following symbolic links:

ln -s /pentest/web/dirb/dirb /usr/local/bin
ln -s /pentest/web/wapiti/ /usr/local/bin
ln -s /pentest/web/nikto/ /usr/local/bin

Edit /pentest/web/nikto/, modify the configfile variable line to be
$VARIABLES{'configfile'} = /pentest/web/nikto/nikto.conf"

Edit /pentest/web/nikto/nikto.conf and set EXECDIR to /pentest/web/nikto


  1. I am still trying to determine what is so special about Backtrack other than it has all of this stuff in one box. You still have to build a lot of it just like IKEA
    Good on ya to find that you have all those links to make it work.