------>>>仅测试，勿用于非授权系统<<<------

测试用，均为root直接操作。

环境

Kali为新安装.

└─# uname -a

Linux kali 5.14.0-kali4-amd64 #1 SMP Debian 5.14.16-1kali1 (2021-11-05) x86_64 GNU/Linux

更新软件版本信息

apt-get update && apt-get upgrade

。。。

GVM(Openvas) 安装

apt-get-cache searc gvm

apt-get install gvm -y

。。。

包更新期间是否每次都询问--默认NO

Tab键到ok

。。。

gvm-setup初始化设置，可能失败，多试几次

gvm-setup

...有提示/root权限，不管

[>] Creating PostgreSQL database

could not change directory to "/root": 权限不够

[i] User _gvm already exists in PostgreSQL

could not change directory to "/root": 权限不够

[i] Database gvmd already exists in PostgreSQL

could not change directory to "/root": 权限不够

[i] Role DBA already exists in PostgreSQL

期间会自动启动数据库、建立规则等后开始下载插件

。。

。。

[+] GVM feeds updated

[*] Checking Default scanner

[*] Modifying Default Scanner

Scanner modified.

[+] Done

[*] Please note the password for the admin user

[*] User created with password '0540a076-9beb-4973-9835-82134b2c0be5'.

[>] You can now run gvm-check-setup to make sure everything is correctly configured

Postgresql已启动

netstat -lantp4|grep 5432

tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 10874/postgres

gvm-check-setup命令检查安装情况

#gvm-check-setup

gvm-check-setup 21.4.3

...

WARNING: Your password policy is empty.

SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.

It seems like your GVM-21.4.3 installation is OK.

成功

这时会起9392端口,gsad用：

#netstat -lantp4

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 10874/postgres

tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 11630/gsad

tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 11627/gsad

也自动加了_gvm用户和组：

id _gvm

用户id=135(_gvm) 组id=144(_gvm) 组=144(_gvm),143(redis)

修改口令

修改口令，不用停gvm：

runuser -u _gvm -- gvmd --user=admin --new-password=admin

启动状态

└─# netstat -lantp

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 637/sshd: /usr/sbin

tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 4184/postgres

tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 5218/gsad

tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 5216/gsad

tcp 0 96 192.168.111.123:22 192.168.111.1:54051 ESTABLISHED 779/sshd: root@pts/

tcp 0 0 192.168.111.123:22 192.168.111.1:56128 ESTABLISHED 4316/sshd: root@pts

tcp6 0 0 :::22 :::* LISTEN 637/sshd: /usr/sbin

tcp6 0 0 ::1:5432 :::* LISTEN 4184/postgres

修改远程可访问

先停止gvm-stop，再gvm-start，测试9392端口是否能正常重启动，否则修改后192.168.111.123上的9392端口无法正常启动：

cp -p /lib/systemd/system/greenbone-security-assistant.service /lib/systemd/system/greenbone-security-assistant.service.bk

vi /lib/systemd/system/greenbone-security-assistant.service

[Unit]

。。。

[Service]

Type=forking

User=_gvm

Group=_gvm

ExecStart=/usr/sbin/gsad --listen=192.168.111.123 --port=9392 #原127.0.01 改为当前。

Restart=always

TimeoutStopSec=10

[Install]

WantedBy=multi-user.target

Alias=gsad.service

停止重启gvm

gvm-stop

gvm-start

Gvm执行时会先启动postgresql

https://xxx:9392正常访问：

等待更新完成：

Cpu下降后，gvm-stop重启系统。