Scanning vulnerabilities on Ubuntu 16.04

Created:

Introduction

Vuls is an opensource vulnerability scanner made with go language. The most import feature of vuls is that is has an agentless architecture, this means that the scanner uses ssh to scan other hosts. It also has email and slack notification.

Requirements

Installing GO on Ubuntu 16.04

Installation

Next we need to create some log directories. change user_for_scanner with an user of your system.

sudo mkdir /var/log/vuls
sudo chown user_for_scanner /var/log/vuls
sudo chmod 700 /var/log/vuls

Now we are going to install a vulnerabilities database.

mkdir -p $GOPATH/src/github.com/kotakanbe
cd $GOPATH/src/github.com/kotakanbe
git clone https://github.com/kotakanbe/go-cve-dictionary.git
cd go-cve-dictionary
make install

To download the database execute:

for i in {2002..2016}; do go-cve-dictionary fetchnvd -years $i; done

We are ready to install vuls

mkdir -p $GOPATH/src/github.com/future-architect
cd $GOPATH/src/github.com/future-architect
git clone https://github.com/future-architect/vuls.git
cd vuls
make install

Using vulns

Now that everthing was installed we are going to show you how to use vulns. First we are going to create a config file in the $HOME called "config.toml":

cd $HOME
touch config.toml

Then add the following content:

[servers]

[servers.localhost]
host         = "localhost"
port        = "local"

the execute vulns with :

vuls scan

If something fails try to execute vuls configtest to check that the config file is correct.

You can create reports with:

vuls report -format-one-line-text -cvedb-path=$PWD/cve.sqlite3

Appendix

Solving Error: cannot find package "github.com/mattn/go-sqlite3" in any of:

if for some reason you get this error:

main.go:9:2: cannot find package "github.com/google/subcommands" in any of:
        /usr/local/go/src/github.com/google/subcommands (from $GOROOT)
        /home/leonardo/go/src/github.com/google/subcommands (from $GOPATH)
main.go:10:2: cannot find package "github.com/kotakanbe/go-cve-dictionary/commands" in any of:
        /usr/local/go/src/github.com/kotakanbe/go-cve-dictionary/commands (from $GOROOT)
        /home/leonardo/go/src/github.com/kotakanbe/go-cve-dictionary/commands (from $GOPATH)
main.go:12:2: cannot find package "github.com/mattn/go-sqlite3" in any of:
        /usr/local/go/src/github.com/mattn/go-sqlite3 (from $GOROOT)
        /home/leonardo/go/src/github.com/mattn/go-sqlite3 (from $GOPATH)

try this to solve the problem

go get github.com/google/subcommands
go get github.com/kotakanbe/go-cve-dictionary
go get github.com/mattn/go-sqlite3
make install