Vuls

Vuls

  • Docs
  • Community
  • Blog
  • Languages icon日本語
    • English
  • GitHub
  • vulsdoc

›Misc

Introduction

  • Abstract
  • Main Features
  • Supported OS

Architecture

  • Remote, Local, One-liner scan
  • Remote Scan Mode
  • One-liner scan mode
  • Local Scan Mode
  • architecture
  • Fast Scan
  • Fast-Root Scan
  • Deep Scan
  • CPE Scan

Installation

  • Vulsctl - Quickest Vuls setup
  • Vulsctl - Install on HostOS
  • Install Manually
  • Install with Docker
  • Install with Package
  • Install with Ansible
  • Install with awless

Tutorial

  • Tutorial
  • Scan with Vulsctl
  • Local Scan Mode
  • Remote Scan Mode
  • Scan using Docker
  • Scan Docker Image
  • Scan non OS packages
  • Scan WordPress
  • Scan Port

Usage

  • config.toml
  • Automatic Discovery
  • configtest
  • Scan
  • Report
  • TUI
  • Server

Vulsrepo

  • VulsRepo

Development

  • Contribute
  • Integration Testing

Misc

  • Cron
  • Update Vuls to the latest version
  • go-cve-dictionary
  • goval-dictionary
  • gost
  • go-exploitdb
  • go-msfdb
  • go-kev
  • go-cti
  • Related Projects
  • Tips
Edit

Tips

go getできません

gitを最新バージョンに更新してください。古いバージョンのgitではレポジトリを取得できません。

HTTP プロキシってサポートしてますか?

プロキシ環境下では、--http-proxyオプションを指定してください

go-cve-dictionaryをDaemon化するには?

systemd, upstart, supervisord, daemontools など使ってみて下さい

脆弱性情報の自動更新ってどうやるの?

cronとかのジョブスケジューラを使ってみて下さい( -last2y オプションも併用して)

スキャンを自動化するには?

CRONなどを使い、自動化のためにsudoと、秘密鍵のパスワードなしでも実行可能なようにする

  • スキャン対象サーバの /etc/sudoers に NOPASSWORD を設定する
  • 秘密鍵パスフレーズなしの公開鍵認証か、ssh-agentを使う

SSHの鍵確認をせずにスキャンするには?

StrictHostKeyChecking no を SSH 接続に使用する設定ファイルに書き込みます。 次に、config.toml の sshConfigPath に ssh が使用する設定ファイルに PATH を記述します。 see setting server section, #1005

How to scan with SSH key with passphrase

Vuls calls ssh many times, so you will be asked to type password again and again when vuls scans. If you need to scan a server with ssh-key with password, we recommend using ssh-agent. Specifically you can use ssh-agent beforehand like below.

$ ssh-add ~/.ssh/authorized_keys
Enter passphrase for ~/.ssh/id_rsa:
Identity added: ~/.ssh/id_rsa (~/.ssh/id_rsa)
$ vuls scan ubuntu
... snip ...

One Line Summary
================
ubuntu  ubuntu16.04     30 updatable packages

If you run Vuls in Docker container, you can do below instead of above.

Scan in Docker container

If you need to scan a server with ssh-key with password, you can do 1. or 2. below.

1. Use ssh-agent in the container

$ pwd
/home/vuls/vulsctl/docker
$ docker run -it \
  -v $HOME/.ssh:/root/.ssh:ro \
  -v $PWD:/vuls \
  --entrypoint="/bin/ash" \
  vuls/vuls
/vuls # eval `ssh-agent`
/vuls # ssh-add /root/.ssh/id_rsa
Enter passphrase for /root/.ssh/id_rsa:
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
/vuls # vuls scan -log-dir=/vuls/log -config=/vuls/config.toml

Or you can do it with one-liner like this.

$ docker run -it \
  -v $HOME/.ssh:/root/.ssh:ro \
  -v $PWD:/vuls \
  --entrypoint="/bin/ash" \
  vuls/vuls \
  -c "eval \`ssh-agent\` && ssh-add /root/.ssh/id_rsa && vuls scan  -log-dir=/vuls/log -config=/vuls/config.toml"

2. Use ssh-agent in host machine and share it with the container

$ pwd
/home/vuls/vulsctl/docker
$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /Users/***/.ssh/id_rsa:
Identity added: /Users/***/.ssh/id_rsa (/Users/***/.ssh/id_rsa)
$ docker run -it \
  -v $HOME/.ssh:/root/.ssh:ro \
  -v $PWD:/vuls \
  -v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK \
  -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK \
  vuls/vuls scan \
  -log-dir=/vuls/log \
  -config=/vuls/config.toml \

If you use docker for mac, use it instead.

$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /Users/***/.ssh/id_rsa:
Identity added: /Users/***/.ssh/id_rsa (/Users/***/.ssh/id_rsa)
$ docker run -it \
-v $HOME/.ssh:/root/.ssh:ro \
-v $PWD:/vuls \
-v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock \
-e SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock \
vuls/vuls scan \
-log-dir=/vuls/log \
-config=/vuls/config.toml \

How to cross compile

$ cd /path/to/your/local-git-repository/vuls
$ GOOS=linux GOARCH=amd64 go build -o vuls.amd64 ./cmd/vuls

Logging

Log is under /var/log/vuls/

Debug

Run with --debug, --sql-debug option.

Adjusting Open File Limit

Riak docs is awesome.

Does Vuls accept SSH connections with fish-shell or old zsh as the login shell

No, Vuls needs a user on the server for bash login.
Yes, fixed in #545

Windows

Use Microsoft Baseline Security Analyzer. MBSA

← Related Projects
Vuls
Docs
IntroductionArchitectureTutorial
Community
Join SlackSlackTwitter(English)Twitter(Japanese)
More
BlogGitHub
Copyright © 2022 kotakanbe