这篇文章上次修改于 911 天前,可能其部分内容已经发生变化,如有疑问可询问作者。

0x0说明

镜像来自immauss作者的docker镜像,基于GVM 20.08.1,这个版本自己也在ubuntu下安装过,所含组件:

gvmd - Greenbone 漏洞管理守护进程
openvas Scanner - GVM 的扫描仪组件
ospd - openvas 扫描器协议守护进程
postgresql - 扫描仪和 gvm 的数据库后端
redis - gvmd 使用的内存数据库存储
用于从 GVM 发送电子邮件通知的 postfix 邮件服务器
基线数据馈送和相关数据库的副本
从现有的 postgresql 数据库转储中恢复的选项
启动时跳过数据同步的选项
在容器停止时正确关闭数据库以防止数据库损坏。(这是>在 20.08.04.4 中添加的)

0x2安装部署

如果是kali或者ubuntu,可以使用docker.io包

apt install docker.io

或者使用一键安装脚本:

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun

docker pull immauss/openvas

#默认端口9392
docker run -p 9392:9392 -d immauss/openvas

作者给的拉取和运行步骤:

#如果不用持久存储卷的话
docker run --detach --publish 8080:9392 -e PASSWORD="Your admin password here" --name openvas immauss/openvas

使用持久存储卷
docker volume create openvas
docker run --detach --publish 8080:9392 -e PASSWORD="Your admin password here" --volume openvas:/data --name openvas immauss/openvas


#数据库备份
docker exec -it <container name> su -c "/usr/lib/postgresql/12/bin/pg_dumpall" postgres > db-backup-file.sql

#数据库恢复
docker run -it -e RESTORE=true -v <path to backupfile>:/usr/lib/db-backup.sql --rm -v openvas:/data immauss/openvas

启动后,NVT等插件库全部自动更新完成后,即可访问:

md manage:   INFO:2022-04-08 06h52.42 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/c/oval.xml
md manage:   INFO:2022-04-08 06h52.43 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/m/oval.xml
md manage:   INFO:2022-04-08 06h52.43 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/ios.xml
md manage:   INFO:2022-04-08 06h52.43 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/pixos.xml
md manage:   INFO:2022-04-08 06h52.43 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/p/oval.xml
md manage:   INFO:2022-04-08 06h54.05 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/i/oval.xml
md manage:   INFO:2022-04-08 06h54.07 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/macos.xml
md manage:   INFO:2022-04-08 06h54.07 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/unix.xml
md manage:   INFO:2022-04-08 06h54.11 UTC:395: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/windows.xml
md manage:   INFO:2022-04-08 06h54.16 UTC:395: Updating user OVAL definitions.
md manage:   INFO:2022-04-08 06h54.16 UTC:395: Updating CVSS scores and CVE counts for CPEs
md manage:   INFO:2022-04-08 06h55.29 UTC:395: Updating CVSS scores for OVAL definitions
md manage:   INFO:2022-04-08 06h55.30 UTC:395: Updating placeholder CPEs
md manage:   INFO:2022-04-08 06h55.49 UTC:395: Updating Max CVSS for DFN-CERT
md manage:   INFO:2022-04-08 06h55.52 UTC:395: Updating DFN-CERT CVSS max succeeded.
md manage:   INFO:2022-04-08 06h55.52 UTC:395: Updating Max CVSS for CERT-Bund
md manage:   INFO:2022-04-08 06h55.53 UTC:395: Updating CERT-Bund CVSS max succeeded.
md manage:   INFO:2022-04-08 06h55.55 UTC:395: update_scap_end: Updating SCAP info succeeded
md manage:   INFO:2022-04-08 06h56.06 UTC:713: OSP service has different VT status (version 202204071010) from database (version 202203281001, 96256 VTs). Starting update ...
md manage:   INFO:2022-04-08 06h57.43 utc:713: Updating VTs in database ... 210 new VTs, 2808 changed VTs
md manage:WARNING:2022-04-08 06h57.44 utc:713: update_nvts_from_vts: SHA-256 hash of the VTs in the database (ed7829e944f3599328a80cac75b5bd836a6edc3042441c6094045b9ae2c9e587) does not match the one from the scanner (e92cdb879c654e32e97d1c9da041ec87e0624deaf690ad7c30ba28fdb88550c0).
md   main:MESSAGE:2022-04-08 06h57.44 utc:713: Rebuilding all NVTs because of a hash value mismatch
md manage:   INFO:2022-04-08 07h05.17 utc:713: Updating VTs in database ... 96579 new VTs, 0 changed VTs
md manage:   INFO:2022-04-08 07h05.19 utc:713: Updating VTs in database ... done (96579 VTs).
md   main:MESSAGE:2022-04-08 07h06.00 utc:713: update_nvt_cache_retry: rebuild successful

green.PNG

捕获.PNG