Icon

Partager Envoyer

(Document) Vulnerabilities Scanner Vuls

Détection de vulnérabilités avec Vuls

Vuls est un scanner de failles de sécurité (ou vulnérabilités) qui s'appuie sur les dictionnaires existants.

Installer comme suit :

root@local:/usr/local/www/webapp/application # pkg search vuls
vuls-0.4.2.2                   Agentless vulnerability scanner
root@local:/usr/local/www/webapp/application # pkg inst vuls
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
pkg: py34-gobject3 has a missing dependency: py34-cairo
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        vuls: 0.4.2.2
        go-cve-dictionary: 0.1.1.1

Number of packages to be installed: 2

The process will require 28 MiB more space.
8 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/2] Fetching vuls-0.4.2.2.txz: 100%    4 MiB 925.3kB/s    00:05
[2/2] Fetching go-cve-dictionary-0.1.1.1.txz: 100%    3 MiB 837.8kB/s    00:04
Checking integrity... done (0 conflicting)
[1/2] Installing go-cve-dictionary-0.1.1.1...
===> Creating groups.
Creating group 'vuls' with gid '888'.
===> Creating users
Creating user 'vuls' with uid '888'.
[1/2] Extracting go-cve-dictionary-0.1.1.1: 100%
[2/2] Installing vuls-0.4.2.2...
[2/2] Extracting vuls-0.4.2.2: 100%
Message from go-cve-dictionary-0.1.1.1:

===============================================================================
Congratulations, you have installed go-cve-dictionary!

go-cve-dictionary does not ship any CVE database.
To download CVEs from 2002 until present run:

for i in `seq 2002 $(date +"%Y")`; 
    do go-cve-dictionary fetchnvd -years $i; 
    done

After download, set the permissions of the CVE databases:

chown vuls:vuls /var/db/vuls/* /var/log/vuls/*

To enable go-cve-dictionary and start:

sysrc go_cve_dictionary_enable="YES"
service go-cve-dictionary start
===============================================================================
Message from vuls-0.4.2.2:

===============================================================================

Vuls requires the cve.sqlite3 database provided by go-cve-dictionary

===============================================================================
root@local:/usr/local/www/webapp/application #

Comme indiqué sur la sortie, configurer go-cve-dictionnary :

bash

for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i;  done

Créer le fichier config.toml dans $HOME avec le contenu suivant :

[servers]

[servers.localhost]
host = "localhost"
port = "local"

Configurer les permissions :

chown vuls:vuls /var/db/vuls/* /var/log/vuls/*

Lancer au démarrage du système :

sysrc go_cve_dictionary_enable="YES"
service go-cve-dictionary start

Pour l'utiliser :

vuls scan
vuls report

Bases de données complémentaires :

  • oval.sqlite3 : https://github.com/kotakanbe/goval-dictionary#usage
  • gost.sqlite3 (Debian, RHEL CentOS) : https://github.com/knqyf263/gost#fetch-redhat
  • go-exploitdb.sqlite3 : https://github.com/mozqnet/go-exploitdb

 


Ce document a été publié le 2019-02-21 09:15:07. (Dernière mise à jour : 2019-04-24 13:16:05.)

Icon (Sujet) Sujets » Sécurité



This website uses 'cookies' to enhance user experience and provide authentification. You may change which cookies are set at any time by clicking on more info. Accept
x