Skip to content

How to install Arachni, Nikto, and Wapiti for OpenVAS on Ubuntu 14.04 LTS

If you don’t already have OpenVAS installed, click here if you need help installing OpenVAS 8 on Ubuntu 14.04, or click here if you need help installing OpenVAS 7 on CentOS 7. If you have installed OpenVAS 8 (or an older version), you might have noticed some of these peculiar errors in your scan reports.

Vulnerability Detection Result
Arachni could not be found in your system path.
OpenVAS was unable to execute Arachni and to perform the scan you
requested.
Please make sure that Arachni is installed and that arachni is
available in the PATH variable defined for your environment.

Screen Shot 2015-06-05 at 8.41.47 PM

Vulnerability Detection Result
Nikto could not be found in your system path.
OpenVAS was unable to execute Nikto and to perform the scan you
requested.
Please make sure that Nikto is installed and that nikto.pl or nikto is
available in the PATH variable defined for your environment.



Screen Shot 2015-06-05 at 8.42.09 PM

Vulnerability Detection Result
Arachni could not be found in your system path.
OpenVAS was unable to execute Arachni and to perform the scan you
requested.
Please make sure that Arachni is installed and that arachni is
available in the PATH variable defined for your environment.

I was very frustrated when I tried to work through these issues. There is very little actual documentation to help, and the few resources that are available are obscure forum posts and mailing list replies. So, I thought I would compile some clear cut instructions to help the rest of the world fix these issues on other OpenVAS 7 and OpenVAS 8 installations.

Wapiti

This is easiest on Ubuntu, there is a package available.

#  sudo apt-get install wapiti

Nikto

First, download the latest version of Nikto from the Nikto git.

https://github.com/sullo/nikto/archive/master.zip

I suggest, for now, downloading it to /tmp. After it’s downloaded, extract it and create a symbolic link for nikto.pl to /usr/local/bin.

#  cd /tmp
#  wget https://github.com/sullo/nikto/archive/master.zip
#  tar -xvzf master.zip
#  ln -s /tmp/nikto-master/program/nikto.pl /usr/local/bin/nikto.pl

Thats all you need to do for Nikto. No more errors.

Arachni

There are a handful of different methods out there for Arachni installation. I prefer the method listed on their website. First, download the latest version for Linux from their website.

http://www.arachni-scanner.com/download/

You will need a few dependencies before installation.

#  sudo apt-get install build-essential curl libcurl3 libcurl4-openssl-dev ruby ruby-dev

Now, install the Arachni gem. You may or may not need to use sudo. If you get a permissions error, use sudo.

#  gem install arachni

Next we’ll install the source. If you get permissions errors, use sudo.

#  git clone git://github.com/Arachni/arachni.git
#  cd arachni
#  gem install bundler
#  bundle install --without prof
#  rake install     

There you go. That’s how you get Arachni, Nikto and Wapiti working with OpenVAS on Ubuntu 14.04. If you run into any problems, feel free to ask for help in the comments below. Thanks!