Hello, Sure, I'll share what I did to get my install to work. First, I had several problems running openvas on this version of ubuntu. The gsad doesn't work with SSL and drives the cpu up to 100% and the service doesn't respond over a browser. In my experience, Greenbone Security Assistant will only work over HTTP on ubuntu 11.10. As far as wapiti and the other plugins, this is more of a hack than an actual solution because I don't think openvas currently obeys any $PATH definition on Ubuntu. I searched through this list and several others and the problem appears to be the same for a lot of people. I don't think it's possible to modify $PATH and have openvas recognize it but if somebody knows a way to do it please share.., I found that you can only work around the existing $PATH definition - /usr/bin:/usr/local/bin... etc. Also, to add, it's not working flawlessly but I do get results back from these plugins.
I'm running the following: ubuntu 11.10 openvas 3.2.5-1 openvas-manager 2.0.4-1 openvas-cli 1.1.4-1 openvas-administrator 1.1.2-1 greenbone security assistant 2.0.1 I run the plugins under (dirb/wapiti/nikto/arachni) under /usr/local/dirb,/usr/local/wapiti/,/usr/local/arachni... etc. When I initially tried to run scans openvas was reporting that it couldn't find any of the plugins in my $PATH. I tried updating .bashrc, /etc/environment, etc but I could not find a way to modify $PATH and have the app obey it. What I did is I symlinked under /usr/bin/ to my plugins & plugin directories. Adding the following links under /usr/bin/ got the plugins partially working for me: /usr/bin/arachni -> /usr/local/arachni dirb -> /usr/local/dirb/bin/dirb nikto -> /usr/local/nikto/nikto.pl also: /etc/nikto.conf -> /usr/local/nikto/nikto.conf /usr/bin/wapiti - this is an actual script not a link and it contains the following: #!/bin/sh cd /usr/local/wapiti/src/ ./wapiti.py $* Add this stuff and restart the service and you should at least get it to recognize the plugins. Beyond that you will need to work with the tools to get them to output the things you need. Wapiti is still not working very well for me over SSL through openvas. It works for HTTP sites but HTTPS is returning a message saying the wapiti report is empty. I'm not sure how to fix this yet but at least the plugins are recognized and executing during a scan. That's what I had to do to get it to recognize the plugins. I could not modify the path in any way to get openvas to obey the changes so I just linked under a dir i knew would always be in $PATH... hope this helps... Miguel On Thu, Apr 5, 2012 at 3:15 AM, Shane Duignan <[email protected]> wrote: > Hello Miguel, > > On which OS/Linux distro did you get Wapiti integrated into Openvas with? > > I am having some trouble trying to get the Wapiti scan to run during an > Openvas scan (On Ubuntu 10.04). > > Can you be verbose on your description of your $PATH setup and also the > directory location/permissions/owner? > > Thanks > Shane > > > From: [email protected] > > Subject: Openvas-discuss Digest, Vol 63, Issue 3 > > To: [email protected] > > Date: Thu, 5 Apr 2012 12:00:03 +0200 > > > > Send Openvas-discuss mailing list submissions to > > [email protected] > > > > To subscribe or unsubscribe via the World Wide Web, visit > > > http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > or, via email, send a message with subject or body 'help' to > > [email protected] > > > > You can reach the person managing the list at > > [email protected] > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of Openvas-discuss digest..." > > > > > > Today's Topics: > > > > 1. Help automating dirb + wapiti scanning! (Miguel Lucero) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Wed, 4 Apr 2012 13:42:09 -0700 > > From: Miguel Lucero <[email protected]> > > To: [email protected] > > Subject: [Openvas-discuss] Help automating dirb + wapiti scanning! > > Message-ID: > > <ca+vmgx3baqskmidgkghh-xdebxtn30yb6udsfady7vrfrga...@mail.gmail.com> > > Content-Type: text/plain; charset="iso-8859-1" > > > > After fighting with the $PATH in my install I was finally able to get > > wapiti and dirb scanning.., I'm now interested in getting some useful > > output from these two plugins... > > > > I would like to have dirb create a set of URLs to feed into wapiti for > > scanning but I'm not sure how to go about this within openvas. I'd very > > much like to get this into a scheduled scan inside openvas but I don't > see > > a way to get it to work because the nasl wrappers don't show anything > > beyond a timeout value. Is there a way within openvas to generate a URI > > list using dirb or something similar and pass that into wapiti and have > the > > list scanned? > > > > I can automate it manually but I'd like to include it in openvas' > > scheduling and reporting... > > > > Any guidance would be appreciated... thanks! > > > > Miguel > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120404/28676644/attachment-0001.html > > > > > > ------------------------------ > > > > _______________________________________________ > > Openvas-discuss mailing list > > [email protected] > > > http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > End of Openvas-discuss Digest, Vol 63, Issue 3 > > ********************************************** >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
