This is the write up for the room OpenVAS on Tryhackme and it is part of the Tryhackme Cyber Defense Path
Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment
TASKS OpenVas
Task 1
Read all that is in the task and press Complete
Task 2
Read all that is in the task and press Complete
Task 3
Install OpenVas by entering the following commands
apt install docker.io
docker run -d -p 443:443 --name openvas mikesplain/openvas
docker start openvasBrowse to 127.0.0.1
username: admin
password: admin
I had to wait a couple of minutes before logging in
Task 4
Click on scan then task and start a scan on 127.0.0.1 or any other system in your network
Task 5
Start the machine connected to this task
Once started on openVas click on scan -> task then create a new task
Click on the Icon next to scan targets and fill in the IP of the target machine
Click create then again on create. Click on the play icon next to the scan we just created to start the scan. The status will go to Requested
You can now click on the scan to open the report and see the status. Below we see it has done 36%
Task 6
Follow allong with the task. It is very good written once done press complete
Task 7
All answers are in the given report
7.1 When did the scan start in Case 001?
Answer: Feb 28, 00:04:46
7.2 When did the scan end in Case 001?
Answer: Feb 28, 00:21:02
7.3 How many ports are open in Case 001?
Answer: 3
7.4 How many total vulnerabilities were found in Case 001?
Answer: 5
7.5 What is the highest severity vulnerability found? (MSxx-xxx)
Answer: MS17-010
7.6 What is the first affected OS to this vulnerability?
Answer: Microsoft Windows 10 x32/x64 Edition
7.7 What is the recommended vulnerability detection method?
Answer: Send the crafted SMB transaction request with fid = 0 and check the response to confirm the vulnerability.
Task 8
You can find the Greenbone Technology Documentation, here
