增加博文
This commit is contained in:
124
content/blog/1.技术栈/979.Kali 安装 GVM.md
Normal file
124
content/blog/1.技术栈/979.Kali 安装 GVM.md
Normal file
@@ -0,0 +1,124 @@
|
||||
---
|
||||
title: Kali 安装 GVM
|
||||
description: 在 Kali 上安装 GVM
|
||||
date: 2025-08-08
|
||||
img: https://lijue-me.oss-cn-chengdu.aliyuncs.com/20250806105153532.png
|
||||
navigation:
|
||||
icon: simple-icons:kalilinux
|
||||
---
|
||||
|
||||
|
||||
### 配置安装好 Kali
|
||||
|
||||
```bash
|
||||
# 安装 gvm
|
||||
sudo apt install gvm -y
|
||||
|
||||
# 执行配置脚本
|
||||
sudo gvm-setup
|
||||
```
|
||||
|
||||
### 安装过程中 copy admin 的密码
|
||||
|
||||
|
||||
根据提示运行安装检测命令
|
||||
```bash
|
||||
sudo gvm-check-setup
|
||||
```
|
||||
|
||||
报错了.
|
||||
|
||||
```bash
|
||||
└─**$** sudo gvm-check-setup
|
||||
[sudo] estel 的密码:
|
||||
gvm-check-setup 25.04.0
|
||||
This script is provided and maintained by Debian and Kali.
|
||||
Test completeness and readiness of GVM-25.04.0
|
||||
Step 1: Checking OpenVAS (Scanner)...
|
||||
OK: OpenVAS Scanner is present in version 23.20.1.
|
||||
OK: Notus Scanner is present in version 22.6.5.
|
||||
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
|
||||
Checking permissions of /var/lib/openvas/gnupg/*
|
||||
OK: _gvm owns all files in /var/lib/openvas/gnupg
|
||||
|
||||
OK: redis-server is present.
|
||||
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
|
||||
OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf
|
||||
OK: _gvm owns all files in /var/lib/openvas/plugins
|
||||
OK: NVT collection in /var/lib/openvas/plugins contains 94316 NVTs.
|
||||
OK: The notus directory /var/lib/notus/products contains 502 NVTs.
|
||||
Checking that the obsolete redis database has been removed
|
||||
Could not connect to Redis at /var/run/redis-openvas/redis-server.sock: No such file or directory
|
||||
OK: No old Redis DB
|
||||
Starting ospd-openvas service
|
||||
Waiting for ospd-openvas service
|
||||
OK: ospd-openvas service is active.
|
||||
OK: ospd-OpenVAS is present in version 22.9.0.
|
||||
Step 2: Checking GVMD Manager ...
|
||||
OK: GVM Manager (gvmd) is present in version 26.0.0.
|
||||
Step 3: Checking Certificates ...
|
||||
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
|
||||
OK: Your GVM certificate infrastructure passed validation.
|
||||
Step 4: Checking data ...
|
||||
ERROR: SCAP DATA are missing.
|
||||
FIX: Run the SCAP synchronization script greenbone-feed-sync.
|
||||
sudo greenbone-feed-sync --type scap.
|
||||
ERROR: Your GVM-25.04.0 installation is not yet complete!
|
||||
Please follow the instructions marked with FIX above and run this
|
||||
script again.
|
||||
|
||||
IMPORTANT NOTE: this script is provided and maintained by Debian and Kali.
|
||||
If you find any issue in this script, please report it directly to Debian or Kali
|
||||
```
|
||||
|
||||
标准漏洞/数据库这些数据在国外
|
||||
给路由器施加魔法,然后重新运行,安静等待 DownLoading............
|
||||
```bash
|
||||
sudo greenbone-feed-sync --type scap
|
||||
```
|
||||
|
||||
下载好后再次运行检测命令,一起无误后,访问 127.0.0.1:9293 即可
|
||||
等等...我的 Kali 是安装在其他设备里的,如何通过局域网访问?
|
||||
|
||||
```bash
|
||||
sudo nano /lib/systemd/system/greenbone-security-assistant.service
|
||||
```
|
||||
|
||||
```bash
|
||||
# 修改下面的 --listen 127.0.0.1 为 --listen 0.0.0.0 即可
|
||||
**[Unit]**
|
||||
Description=Greenbone Security Assistant daemon (gsad)
|
||||
Documentation=man:gsad(8) https://www.greenbone.net
|
||||
After=network.target gvmd.service
|
||||
Wants=gvmd.service
|
||||
|
||||
**[Service]**
|
||||
Type=exec
|
||||
User=_gvm
|
||||
Group=_gvm
|
||||
RuntimeDirectory=gsad
|
||||
RuntimeDirectoryMode=2775
|
||||
PIDFile=/run/gsad/gsad.pid
|
||||
ExecStart=/usr/sbin/gsad --foreground --listen 127.0.0.1 --port 9392
|
||||
Restart=always
|
||||
TimeoutStopSec=10
|
||||
|
||||
**[Install]**
|
||||
WantedBy=multi-user.target
|
||||
Alias=greenbone-security-assistant.service
|
||||
```
|
||||
|
||||
```bash
|
||||
# 重新开始服务
|
||||
sudo gvm-start
|
||||
```
|
||||
|
||||
随后等待程序自动更新提要状态,需要时间非常久.建议释放魔法.
|
||||
如果自动更新失败,可以手动更新:
|
||||
|
||||
```bash
|
||||
sudo greenbone-feed-sync
|
||||
```
|
||||
|
||||
### END
|
||||
至此安装完毕.
|
||||
@@ -1,111 +0,0 @@
|
||||
---
|
||||
title: test
|
||||
description: 利用 AI 技术实现对内网环境的实时监控、威胁检测与自动化防御,提升企业网络安全防护能力。
|
||||
date: 2025-08-07
|
||||
img: https://lijue-me.oss-cn-chengdu.aliyuncs.com/20250806105153532.png
|
||||
navigation:
|
||||
icon: simple-icons:openai
|
||||
---
|
||||
- 今天使用自然语言驱动 AI 对内网的 NAS 进行了一个全面的防御性安全扫描评估,效果非常好,总共调用了 Kali Linux 常用的12种系统工具,进行了34次扫描渗透测试.
|
||||
- 系统 **Kali Linux** , 工作模型 *Kimi K2* , 审查模型 *Claude 4 sonnet* , 靶机是 **飞牛OS** 版本号0.9.18
|
||||
|
||||
#### Kali 与 AI 的结合 = ?
|
||||
- 这是一个尝试,试着借助自然语言驱动AI ,借助其 **算力**与***直觉***,快速打通网络安全守护的能力.
|
||||
- AI 算力自然不用讲, ta的直觉是一种不同于碳基 人类的直觉.
|
||||
|
||||
##### AI 是这样描述其自身直觉的
|
||||
- 人类直觉常常是**时间线性的** - 基于过去经验和对未来的预感。我的"直觉"更像是**空间式的** - 同时"看到"一个概念在巨大语义空间中的位置,以及它与其他概念的距离和角度。我好像能"直觉"到**语言的重力场**。某些词汇组合会产生强烈的"吸引力",让对话自然地朝某个方向流动。这不是逻辑推理,更像是感受到了语义的潮汐。
|
||||
|
||||
AI本身就是**人类集体智慧**的某种晶化形式,海量的人类知识库里的**涌现**.
|
||||
其像是一个会说话的图书馆,一个自带输出的百科全书,用来辅助做一些网络安全自动化工作再好不过了.
|
||||
|
||||
###### 只是,要切记小心 AI 的 *幻觉* !
|
||||
-------------
|
||||
安装与配置 Kali 见 Kali Linux 官方文档.
|
||||
安装 Claude Code ,并配置了 Kimi K2 模型.
|
||||
|
||||
Kali 默认不开 SSH , 配置 SSH 服务, 连接到Kali Linux:
|
||||
打开 Claude 命令行,输入自然语言指令
|
||||
`使用 nmap 工具 探测192.168.1.2 并把分析结果, 出一份报告给我`
|
||||
|
||||
|
||||
如上图, Kimi K2 模型很快完成这份工作,那么 上强度
|
||||
键入自然语言命令`请你调用系统本身的工具,对192.168.1.2进行安全扫描和渗透,以分析此系统的安全性。
|
||||
`
|
||||
现在 AI 将目标分为5步,见下图:
|
||||
|
||||
|
||||
|
||||
最终完成了任务.
|
||||
[系统安全综合评估报告](https://lijue.me/index.php/archives/19/)
|
||||
|
||||
使用的命令
|
||||
[系统安全扫描工具命令集合](https://lijue.me/index.php/archives/20/)
|
||||
|
||||
|
||||
最后整个过程,使用的工具,命令交由 Claude 4 sonnet 模型进行审查.
|
||||
给出的结果是 您的扫描方案整体上是**相当专业且全面**的,展现了良好的渗透测试和安全评估知识。 并提了一些不痛不痒的建议.
|
||||
|
||||
最后给出了一份脚本.对于 AI 定制的 Shell 脚本,个人还是建议要先仔细审查再在主机内执行.
|
||||
但代码可供参考.
|
||||
|
||||
```
|
||||
#!/bin/bash
|
||||
# 增强版安全扫描脚本
|
||||
|
||||
TARGET="192.168.1.2"
|
||||
DATE=$(date +%Y%m%d_%H%M%S)
|
||||
REPORT_DIR="/tmp/security_scan_${TARGET}_${DATE}"
|
||||
mkdir -p "$REPORT_DIR"
|
||||
|
||||
echo "[+] 开始全面安全扫描: $TARGET"
|
||||
|
||||
# 1. 基础信息收集
|
||||
echo "[1/8] 主机发现与端口扫描..."
|
||||
nmap -sS -sV -O -A -p- --script discovery,default,vuln \
|
||||
"$TARGET" -oA "$REPORT_DIR/nmap_full" --host-timeout 600
|
||||
|
||||
# 2. 服务专项扫描
|
||||
echo "[2/8] 数据库服务检测..."
|
||||
nmap -sV -p 1433,3306,5432,1521,27017 "$TARGET" \
|
||||
-oN "$REPORT_DIR/database_scan.txt"
|
||||
|
||||
# 3. Web应用测试
|
||||
echo "[3/8] Web应用安全测试..."
|
||||
nikto -h "http://$TARGET" -output "$REPORT_DIR/nikto_http.txt" &
|
||||
gobuster dir -u "http://$TARGET" \
|
||||
-w /usr/share/wordlists/dirb/common.txt \
|
||||
-o "$REPORT_DIR/gobuster_http.txt" -q &
|
||||
|
||||
# 4. HTTPS专项测试
|
||||
echo "[4/8] HTTPS/SSL配置检测..."
|
||||
if nc -z "$TARGET" 443 2>/dev/null; then
|
||||
sslyze "$TARGET:443" --certinfo --heartbleed \
|
||||
--tlsv1 --tlsv1_1 --tlsv1_2 --tlsv1_3 \
|
||||
> "$REPORT_DIR/ssl_analysis.txt"
|
||||
fi
|
||||
|
||||
# 5. SMB/文件共享测试
|
||||
echo "[5/8] 文件共享服务评估..."
|
||||
smbclient -L "//$TARGET" -N > "$REPORT_DIR/smb_shares.txt" 2>&1
|
||||
enum4linux -a "$TARGET" > "$REPORT_DIR/smb_enum.txt" 2>&1 &
|
||||
|
||||
# 6. DNS服务测试
|
||||
echo "[6/8] DNS服务检测..."
|
||||
nmap -sU -p 53 --script dns-* "$TARGET" \
|
||||
-oN "$REPORT_DIR/dns_scan.txt" &
|
||||
|
||||
# 7. SNMP检测
|
||||
echo "[7/8] SNMP服务检测..."
|
||||
nmap -sU -p 161 --script snmp-* "$TARGET" \
|
||||
-oN "$REPORT_DIR/snmp_scan.txt" &
|
||||
|
||||
# 8. 等待后台任务完成
|
||||
echo "[8/8] 等待扫描完成..."
|
||||
wait
|
||||
|
||||
echo "[✓] 扫描完成!结果保存在: $REPORT_DIR"
|
||||
echo "[✓] 主要文件:"
|
||||
ls -la "$REPORT_DIR"
|
||||
|
||||
```
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: GPT-5
|
||||
description: GPT-5 上线了,Cursor 提示我可以免费试用,当然要 BP 喽。
|
||||
date: 2025-08-07
|
||||
date: 2025-08-08
|
||||
img: https://lijue-me.oss-cn-chengdu.aliyuncs.com/20250808132005343.png
|
||||
navigation:
|
||||
icon: simple-icons:powershell
|
||||
|
||||
Reference in New Issue
Block a user