It’s time to cover some vulnerability scanning! What better way to start this than with the installation of OpenVAS? Today I will show you how to install OpenVAS on Kali Linux in a step-by-step guide for you to follow along.
Table of Contents
- What is OpenVAS?
- Step 1 – Install OpenVAS on Kali Linux
- Step 2 – Configuring OpenVAS
- Step 3 – Running your first Scan
- Finding Exploits with OpenVAS
- Troubleshooting
- PostgreSQL Version Errors v13 and v14
- PostgreSQL Version Errors v14 and v15
- OpenVAS failed to find config
- Conclusion
⚠️ Kali Linux Wiki
➡️ ➡️ Install Kali Linux on VirtualBox
➡️ Install Kali Linux on VMWare Workstation
➡️ Dual Boot Kali Linux with Windows
➡️ Install Kali Linux on WSL 2
➡️ Install Kali Linux on a Laptop
➡️ Install VSCode on Kali Linux➡️ Install OpenVAS on Kali Linux➡️ Install Docker on Kali Linux
➡️ WiFi Adapter for Kali Linux
Install OpenVAS on Kali Linux - Complete Step-by-Step Tutorial
What is OpenVAS?
OpenVAS is an open-source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).
I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).
Of course, tools like Nessus and NeXpose are more feature-rich, but they come with a high price tag too.
For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner works. I also found it very intuitive to work with.
So without further ado, let’s dive right into the installation.
Step 1 – Install OpenVAS on Kali Linux
The first thing we want to do is to make sure that our Kali installation is up-to-date. So open a terminal window and run:
sudo apt update && sudo apt upgrade -y
Code language: Bash (bash)
This will update your repository and upgrade your Kali, the -y
at the end saves you a press of the button “Y” in the process.
The next thing we want to do is to install OpenVAS. Again in the Terminal type:
sudo apt install openvas
Code language: Bash (bash)
Confirm that you are aware that an additional ~1,2 Gigabyte of Disk Space will be used by pressing Y
.
Now this will take a good while. Grab a coffee or prepare some Yerba Mate while we are waiting 🙂
Once that is done we will run another command in the terminal window:
sudo gvm-setup
Code language: Bash (bash)
Note: In case you run into a PostgreSQL error – check out the troubleshooting section at the end of this article.
This is going to take very long.
Phew… That took about 2 hours for me to finish. I still didn’t get why it takes so long, but just go for a long walk and come back later…
After the setup process is finished, don’t forget to note down your password that was generated at the end, you need it to log in for the first time.
Step 2 – Configuring OpenVAS
The installation is now finished. Next, we verify if our installation is working.
sudo gvm-check-setup
Code language: Bash (bash)
I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:
sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP
Code language: Bash (bash)
This fixed my issue.
First, we are starting the OpenVAS Service.
sudo gvm-start
Code language: Bash (bash)
Now your OpenVAS Service should be up and running. OpenVAS listens on the Ports: 9390, 9391, 9392, and on Port 80. Your web browser should automatically open and lead to the OpenVAS Login Page.
If not, open a web browser manually and enter the URL
https://127.0.0.1:9392
Code language: Bash (bash)
The first time you want to open this URL you will get a security warning. Click on Advanced and Add an Exception.
Remember the password you noted down before? Now we are going to need it.
Forgot your Admin Password?
Reset it by typing:sudo gvmd --user=admin --new-password=passwd;
Log in to OpenVAS with admin // your password
First things first – Navigate to To your User Profile / My Settings / Click on Edit and change the password.
This is basically all you need to do. OpenVAS is now running and ready for use.
Step 3 – Running your first Scan
Now it’s time to run our first scan.
As this is just the installation part I won’t go into details, but I will show you quickly how to run your first scan. There will be more articles covering OpenVAS and we will continue looking into all of the different options we have and how to process scan results.
So the easiest way is simply to Navigate to Scans / Tasks and click on the little Magic Wand icon and start the Task Wizard.
Now you can enter either a single IP, a whole subnet, a range of IP Addresses, or a domain.
This will start a default-depth scan. Depending on the scale of the Network you want to scan this can take from a few minutes up to several hours or even days if the network is large enough and you choose a deep scan.
This and more will be covered in the next article for OpenVAS, which is coming soon.
Finding Exploits with OpenVAS
I created a video a while ago on how to find Exploits using OpenVAS, which basically goes through the whole process of scanning and then finding Exploits for your findings. The video is a bit older but still valid. Give it a watch if you want to learn how to use OpenVAS in-depth.
Troubleshooting
There is a lot that can go wrong during the installation of OpenVAS as some of our readers has pointed out, therefore, we decided to create a little extra section here, covering the most common errors.
PostgreSQL Version Errors v13 and v14
There are multiple possible version errors for PostgreSQL. As our reader Tom has pointed out, the first one is:
[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (13) is not 14 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster
Solution:
Open the postgresql.conf
file of version 14 and change the port to 5432:
sudo nano /etc/postgresql/14/main/postgresql.conf
Then open the postgresql.conf
file of version 13 and check if the port is the same as in version 14. If it is the same – change it to 5433:
sudo nano /etc/postgresql/13/main/postgresql.conf
Restart the PostgreSQL service:
sudo systemctl restart postgresql
PostgreSQL Version Errors v14 and v15
During my installation, I got the following error affecting v14 and v15 of PostgreSQL:
[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (14) is not 15 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster
Gladly, the solution to this problem was easier than the one above and might as well work for the problem above:
sudo systemcctl stop postgresql@14-mainsudo /usr/bin/pg_dropcluster --stop 14 main
Code language: CSS (css)
OpenVAS failed to find config
Another common error is the failed to find config ‘long-string-value’ message. There are multiple possible solutions for this issue. The one that worked for me is the following:
sudo runuser -u _gvm – gvmd --get-scanners
Code language: JavaScript (javascript)
Note down the scanner ID.
Then run:
sudo runuser -u _gvm – gvmd --get-users --verbose
Code language: JavaScript (javascript)
This gives you the users, including their IDs. You are probably an admin. To solve the issue, enter:
sudo runuser -u _gvm – gvmd --modify-scanner [scanner id] --value [user id]
Code language: CSS (css)
Conclusion
This is how easy it is to install OpenVAS on Kali Linux and start a basic scan. There is a lot more to learn about OpenVAS, but this should get you up and running in no time!
👀 This Tutorial has some related Articles!
👉 How to get started in Cyber Security – The Complete Guide
👉 How to get started with Bug Bounties
👉 Terminal Customization Series
👉 Best Ethical Hacking Books
👉
👉 Best Ethical Hacking Tools
👉 Install VSCode on Kali Linux
👉 Dual Boot Kali Linux with Windows
👉 Install Kali Linux on VirtualBox – Complete Beginner Guide
👉 Top Things to do after installing Kali Linux
👉 WiFi Adapter for Kali Linux – The Ultimate Guide
👉 Nmap Beginner Guide Series
👉 Metasploit Tutorial Series
👉 Burp Suite Beginner Guide
Author
Stefan
Stefan is the founder & creative head behind Ceos3c.Stefan is a self-taught Software Engineer & Cyber Security professional and he helps other people to learn complicated topics.