I have openvas installed on my Raspberry Pi 4 using apt get and I’m not sure how to do an authenticated scan on my Windows 10 PC to check for installed software vulnerabilities. I created a local account on the Windows machine, added those credentials to openvas and specified to use those credentials in the task with the PC’s IP but I’m not seeing any software vulnerabilities. I only see this result below. What do I need to do to show outdated versions with vulnerabilities of chrome browser, adobe, etc ?
0.0 (Log)
80% 10.10.10.41 general/tcp Add NoteAdd Override
Summary
This script consolidates various technical information about authenticated scans via SMB for Windows targets.
Vulnerability Detection Result
Description (Knowledge base entry) Value/Content
Access to the registry possible (SMB/registry_access) : FALSE
Access via WMI possible (WMI/access_successful) : FALSE
Architecture of the OS (SMB/Windows/Arch) : Empty/None
Build number of the OS (SMB/WindowsBuild) : Empty/None
Disable file search via WMI on Windows (win/lsc/disable_wmi_search) : FALSE
Disable the usage of win_cmd_exec for remote commands on Windows (win/lsc/disable_win_cmd_exec) : FALSE
Domain used for authenciated scans (kb_smb_domain()) : Empty/None
Enable Detection of Portable Apps on Windows (win/lsc/search_portable_apps) : FALSE
Enable NTLMSSP (SMB/NTLMSSP) : TRUE
Extended SMB support available via openvas-smb module (Tools/Present/smb) : FALSE
Extended WMI support available via openvas-smb module (Tools/Present/wmi) : FALSE
Login via SMB failed (login/SMB/failed) : FALSE
Login via SMB successful (login/SMB/success) : TRUE
Missing access permissions to the registry (SMB/registry_access_missing_permissions) : FALSE
Name of the most recent service pack installed (SMB/CSDVersion) : Empty/None
Never send SMB credentials in clear text (SMB/dont_send_in_cleartext) : TRUE
Only use NTLMv2 (SMB/dont_send_ntlmv1) : FALSE
Path to the OS SystemRoot (smb_get_systemroot()) : Empty/None
Path to the OS SystemRoot for 32bit (smb_get_system32root()) : Empty/None
Port configured for authenciated scans (kb_smb_transport()) : 445/tcp
Port used for the successful login via SMB : 445/tcp
Product name of the OS (SMB/WindowsName) : Empty/None
SMB name used for authenciated scans (kb_smb_name()) : 10.10.10.41
User used for authenciated scans (kb_smb_login()) : openvas
Version number of the OS (SMB/WindowsVersion) : Empty/None
Workgroup of the SMB server (SMB/workgroup) : HOMENET
It was not possible to connect to the PIPE\winreg on the remote host. If you intend to use the Scanner to perform registry-based checks, the registry checks will not work because the ‘Remote Registry’ service is not running or has been disabled on the remote host.
Please either:
- configure the ‘Startup Type’ of the ‘Remote Registry’ service on the target host to ‘Automatic’.
- configure the NVT ‘Windows Services Start’ (OID: 1.3.6.1.4.1.25623.1.0.804786) to start this service automatically.