When click on cancel at the log in dialog then this exception will thrown:

Traceback (most recent call last):
  File "/bin/gvm-dialog", line 11, in <module>
    load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-dialog')()
  File "/usr/lib/python3.6/site-packages/gmp/clients/gvm_dialog.py", line 146, in main
    gmp.authenticate(credentials[0], credentials[1])
IndexError: list index out of range

Enter an wrong password then another exception will thrown:

Traceback (most recent call last):
  File "/bin/gvm-dialog", line 11, in <module>
    load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-dialog')()
  File "/usr/lib/python3.6/site-packages/gmp/clients/gvm_dialog.py", line 146, in main
    gmp.authenticate(credentials[0], credentials[1])
  File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 220, in authenticate
    return self.read()
  File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 113, in read
    self.checkCommandStatus(response)
  File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 166, in checkCommandStatus
    raise GMPError(status_text)
gmp.gvm_connection.GMPError: Authentication failed

Expected:
That the exceptions will be catched.

The functions

def create_task(self, name, config_id, target_id, scanner_id, comment='')

gvm_tools/gmp/gvm_connection.py

and

def createTaskCommand(self, name, config_id, target_id, scanner_id, comment='')

gvm_tools/gmp/gmp.py

do not allow the usage of an alert_id or alerts in general.

Also I can not recognize regarding its code how to invoke the function
def createAlertCommand(self, name, condition, event, method, filter_id='', copy='', comment='')

gvm_tools/gmp/gmp.py

respectively

def create_alert(self, name, condition, event, method, filter_id='', copy='', comment='')

gvm_tools/gmp/gvm_connection.py

Very often I see python exception using the gvm-cli tool.
Every uncatched exception will trigger an new abrt event.
For example:

sudo -u gvmd gvm-cli socket --socketpath /var/run/greenbone/ospd-openvas.sock --xml ""
Traceback (most recent call last):
File "/bin/gvm-cli", line 11, in
load_entry_point('gvm-tools==2.0.0', 'console_scripts', 'gvm-cli')()
File "/usr/lib/python3.6/site-packages/gvmtools/cli.py", line 127, in main
with protocol_class(connection, transform=transform) as protocol:
File "/usr/lib/python3.6/site-packages/gvm/protocols/gmp.py", line 78, in enter
self.connect()
File "/usr/lib/python3.6/site-packages/gvm/protocols/base.py", line 107, in connect
self._connection.connect()
File "/usr/lib/python3.6/site-packages/gvm/connections.py", line 349, in connect
self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied

The will flood the system abrt log/stack.
It will be much better, when the exception of the gvm python library are catched and printed out as an error message.

Expected behavior

No Errors and Traceback when running the software.

Current behavior

[davidak@ethmoid:~/code/gvm-tools/scripts]$ gvm-script --gmp-username ***** --gmp-password ***** ssh --hostname 192.168.10.157 random-report-gen.gmp
Traceback (most recent call last):
  File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/bin/.gvm-script-wrapped", line 11, in <module>
    sys.exit(main())
  File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/lib/python3.5/site-packages/gvmtools/script.py", line 119, in main
    run_script(args.scriptname, global_vars)
  File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/lib/python3.5/site-packages/gvmtools/helper.py", line 145, in run_script
    exec(file, global_vars)  # pylint: disable=exec-used
  File "<string>", line 451, in <module>
  File "<string>", line 431, in main
TypeError: invalid file: PosixPath('/home/davidak/code/gvm-tools/scripts/default_report_data.json')

It works with python 3.6.

[davidak@ethmoid:~/code/gvm-tools/scripts]$ gvm-script --gmp-username ***** --gmp-password ***** ssh --hostname 192.168.10.157 random-report-gen.gmp

  Generating randomized data(s)...


  Generation done.

Reason: https://stackoverflow.com/a/42694113

Steps to reproduce

1. run command
2. get error

GVM versions

gvm-tools: gvm-cli 2.0.0 (API version 1.0.0)

Environment

Operating system: NixOS 19.09.976.c75de8bc12c (Loris)

Installation method / source: personal package https://github.com/davidak/nixos-config/blob/87228f497b8facbb72a38861e64990e90158b85c/packages/gvm-tools/default.nix

Python 3.5

Works with Python 3.6: davidak/nixos-config@b8104ea

Expected behavior

Script runs without errors.

Current behavior

Script exits with error: "This tool MUST NOT be run as root user."

Why?

In general it might not be a good idea to run random scripts from the internet (as root). But in this case i'm inside a (docker) container, so it can't cause any damage. I see no good reason why this error appears!

Steps to reproduce

1. run script as root
2. see error

GVM versions

gvm-tools: (gvm-cli --version) i even don't get the version as root :(

Environment

Operating system: debian 9 inside docker

Installation method / source: pip

Logfiles

root@e278f02965f2:~/code# /root/.local/bin/gvm-script random-report-gen.gmp 
Traceback (most recent call last):
  File "/root/.local/bin/gvm-script", line 10, in <module>
    sys.exit(main())
  File "/root/.local/lib/python3.5/site-packages/gvmtools/script.py", line 51, in main
    do_not_run_as_root()
  File "/root/.local/lib/python3.5/site-packages/gvmtools/helper.py", line 91, in do_not_run_as_root
    raise RuntimeError('This tool MUST NOT be run as root user.')
RuntimeError: This tool MUST NOT be run as root user.

Expected behavior

Setup using pip works. Install on unsupported python versions should print error.

Current behavior

Setup using pip fails.

Steps to reproduce

Python 2.7

[davidak@ethmoid:~/code/gvm-tools]$ docker run -ti --rm -v $PWD:/root/code python:2.7 bash
root@0b889fd71820:/# cd /root/code/
root@0b889fd71820:~/code# pip install .
Processing /root/code
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-req-build-7ld4Vi/setup.py", line 27, in <module>
        version = __import__('gvmtools').get_version()
      File "gvmtools/__init__.py", line 22, in <module>
        from gvm.utils import get_version_string
    ImportError: No module named gvm.utils
    
    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-req-build-7ld4Vi/

Python 3.4

[davidak@ethmoid:~/code/gvm-tools]$ docker run -ti --rm -v $PWD:/root/code python:3.4 bash
root@cdd0bcd63f62:/# cd /root/code/
root@cdd0bcd63f62:~/code# pip install .
Processing /root/code
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-req-build-nf8a9fgh/setup.py", line 27, in <module>
        version = __import__('gvmtools').get_version()
      File "/tmp/pip-req-build-nf8a9fgh/gvmtools/__init__.py", line 22, in <module>
        from gvm.utils import get_version_string
    ImportError: No module named 'gvm'
    
    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-req-build-nf8a9fgh/

Same on Python 3.5.

GVM versions

gvm-tools: master (0ccb585)

Environment

Operating system: python docker image

Installation method / source: pip using source

In https://github.com/greenbone/gvm-tools/blob/master/gmp/gvm_connection.py#L953

        # Todo: Why does the sleep helps here? Sometimes it will break
        # here because the message is missing some bytes at the end.
        # Same script and with tls or ssh, then it works flawless without
        # "sleep()"

time.sleep(0.000001)

it is already indicated that reading from the unix socket doesn't work reliable. Having to use some sleep timer is always an indicator for flaky behavior.

The Problem with the code here is reading from the socket is aborted if the size of the read data is smaller as the buffer size

if len(data) < BUF_SIZE:
  break

IMHO this code will break if gvm-tools will read the data faster then gvmd will send it to the socket. It will even become more unreliable if the os/interpreter/framework is using some internal buffering. This already happened to me with a nodejs based implementation.

The solution would be to read the first chunk of data from the socket and extract the opening root xml element e.g. <get_tasks_response>. Afterwards the client code must read from the socket until the closing root element arrived e.g. </get_tasks_response>. Also don't forget to add a timer for reading to abort if the server didn't send an answer in time.

From greenbone/gvmd#73

Hi,

Not sure if this should be reported here, but when querying nvt data over socket with tools gvm-cli and gvm-pyshell, I get errors which I suspect are caused by bad xml in nvt data.
Am I right, or is there something missing in my environment?

NB this only happens when querying some nvts from some of the IT-Grundschutz-* families.

$ gvm-cli socket -c --xml "<get_nvts nvt_oid=\"1.3.6.1.4.1.25623.1.0.94018\" details=\"1\" />"
'utf-8' codec can't decode byte 0xc3 in position 1023: unexpected end of data

And inside the gvm-pyshell, I get:

$ gvm-pyshell socket -c -i
badnvt = gmp.get_nvts(nvt_oid="1.3.6.1.4.1.25623.1.0.94018", details="1")
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 525, in get_nvts
    return self.read()
  File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 99, in read
    self.checkCommandStatus(response)
  File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 136, in checkCommandStatus
    status = root.attrib['status']
AttributeError: 'NoneType' object has no attribute 'attrib'

/usr/local/var/log/gvm/gvmd.log:
md main:WARNING:2018-04-15 13h24.00 UTC:10287: read_from_client_unix: failed to read from client: Connection reset by peer

$ gvm-cli --version
gvm-cli 1.3.1

$ gvm-pyshell --version
gvm-pyshell 1.3.1

$ gvmd --version
Greenbone Vulnerability Manager 7.1+beta1
Manager DB revision 190

$ openvassd --version
OpenVAS Scanner 5.2+beta1

$ python3 --version
Python 3.5.2

Expected behavior

scripts/update-task-target.gmp updates target of task given UUID of task and CSV of hosts
NOTE: this is a follow-up to issue 187 fixed in 188

Current behavior

scripts/update-task-target.gmp
errors out with TypeError: create_target() got an unexpected keyword argument 'port_list'

user@host:$ gvm-pyshell tls --hostname 127.0.0.1 --port 9390 --gmp-username foo--gmp-password bar ./update-task-target.gmp ./host_file.csv "1ea79218-95ad-4a90-b933-e1c1a72a0cf9"
Traceback (most recent call last):
File "/usr/local/bin/gvm-pyshell", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 325, in main
load(script_name, global_vars)
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 352, in load
exec(file, global_vars) # pylint: disable=exec-used
File "", line 129, in
File "", line 124, in main
File "", line 100, in create_target_hosts
File "", line 90, in copy_send_target
TypeError: create_target() got an unexpected keyword argument 'port_list'

Steps to reproduce

1. Confirmed I have a valid UUID
2. Confirmed ./host_file.csv exists
3. tried UUID with and without double quotes
4. run command as shown above in "current behaviour"

GVM versions

gsa: (gsad --version)
Greenbone Security Assistant 7.0.3

gvm: (gvmd --version)
OpenVAS Manager 7.0.3

openvas-scanner: (openvassd --version)
OpenVAS Scanner 5.1.3

gvm-libs:
9.0.3-1+b1

gvm-tools: (gvm-cli --version)
gvm-cli 2.0.0.beta1. API version 1.0.0.beta2

Environment

Operating system:
KALI 2019.1a

Installation method / source: (packages, source installation)
Kali repos
GVM via PIP3

Logfiles

Expected behavior

gvm-tools to be installed

Current behavior

Are not installed via various ways

Steps to reproduce

Install thru git clone fails, there's no setup.py in the root.

$cd /opt/gvm/src
$git clone https://github.com/greenbone/gvm-tools.git
$pip install -e /opt/gvm/src/gvm-tools
Directory '/opt/gvm/src/gvm-tools' is not installable. File 'setup.py' not found.

Install thru pip repository fails

$pip install gvm-tools
Collecting gvm-tools
  Could not find a version that satisfies the requirement gvm-tools (from versions: )
No matching distribution found for gvm-tools

https://docs.greenbone.net/GSM-Manual/gos-4/en/tools.html#check-gmp-py

hi,
I successfully installed openvas and gvm-tools.

cd /usr/local/python3.6.5/bin
run
./gvm-cli socket --gmp-username admin --gmp-password 123456 --sockpath /run/redis/redis.sock --xml "<create_target>Suspect Host10.17.2.137</create_target>"

it return , timed out

and find the User Manuals ,
http://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html#activating-the-gmp-protocol
http://docs.greenbone.net/GSM-Manual/gos-4/en/systemadministration.html#gmp

but I cant find the menu

https://gvm-tools.readthedocs.io/en/latest/install.html

The documentation should be improved to explain howto write gmp scripts. It should contain several examples and best practices. It should clarify which global object are available and which information they contain.

Hello,

i need some help, here is my code:

!/usr/bin python3.6
-- coding: utf-8 --

from gvm.connections import UnixSocketConnection
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print

connection = UnixSocketConnection()
transform = EtreeTransform()
gmp = Gmp(connection, transform=transform)

version = gmp.get_version()

pretty_print(version)

and output is:

Traceback (most recent call last):
File "gmp.py", line 4, in
from gvm.connections import UnixSocketConnection
File "/usr/lib/python2.7/site-packages/gvm/connections.py", line 172
def init(self, *, timeout=DEFAULT_TIMEOUT, hostname='127.0.0.1',
^
SyntaxError: invalid syntax
[root@p21210v tianna]# python3 gmp.py
Traceback (most recent call last):
File "gmp.py", line 14, in
version = gmp.get_version()
File "/usr/lib/python3.4/site-packages/gvm/protocols/gmpv7.py", line 3268, in get_version
return self._send_xml_command(XmlCommand('get_version'))
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 77, in _send_xml_command
return self.send_command(xmlcmd.to_string())
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 131, in send_command
raise e
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 127, in send_command
self._send(cmd)
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 62, in _send
self.connect()
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 98, in connect
self._connection.connect()
File "/usr/lib/python3.4/site-packages/gvm/connections.py", line 310, in connect
self._socket.connect(self.path)
FileNotFoundError: [Errno 2] No such file or directory

some env:

ps axu | grep gvmd
root 5082 0.0 0.0 112704 976 pts/2 R+ 19:57 0:00 grep --color=auto gvmd
root 14816 0.0 0.4 422948 75512 ? SL Jun03 0:40 gvmd: Waiting for incoming connections

gvmd.sock is in /run/

THANKS!

I'm having an issue trying to set the "Consider Alive" when creating a target through Python API:

target = gmp.create_target(f"{target_ip}_target", hosts=[target_ip], port_range=target_ports, alive_test="Consider Alive")

I get:

gvm.errors.InvalidArgument: Invalid argument alive_test for create_target

Any ideas ?

Expected behavior

scripts/update-task-target.gmp updates target of task given UUID of task and CSV of hosts

Current behavior

scripts/update-task-target.gmp
errors out with TypeError: get_tasks() got an unexpected keyword argument 'task_id'

user@host$ gvm-pyshell tls --hostname 127.0.0.1 --port 9390 --gmp-username foo --gmp-password bar ./update-task-target.gmp ./host_file.csv "1ea79218-95ad-4a90-b933-e1c1a72a0cf9"
Traceback (most recent call last):
File "/usr/local/bin/gvm-pyshell", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 325, in main
load(script_name, global_vars)
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 352, in load
exec(file, global_vars) # pylint: disable=exec-used
File "", line 129, in
File "", line 121, in main
TypeError: get_tasks() got an unexpected keyword argument 'task_id'

Steps to reproduce

1. Confirmed I have a valid UUID
2. Confirmed ./host_file.csv exists
3. tried UUID with and without double quotes
4. run command as shown above in "current behaviour"

GVM versions

gsa: (gsad --version)
Greenbone Security Assistant 7.0.3

gvm: (gvmd --version)
OpenVAS Manager 7.0.3

openvas-scanner: (openvassd --version)
OpenVAS Scanner 5.1.3

gvm-libs:
9.0.3-1+b1

gvm-tools: (gvm-cli --version)
gvm-cli 2.0.0.beta1. API version 1.0.0.beta2

Environment

Operating system:
KALI 2019.1a

Installation method / source: (packages, source installation)
Kali repos
GVM via PIP3

Logfiles

The implementation of the alerts feature (requested in issue/29) does not allow the usage of multiple alerts for a task yet.

gvm-cli raises an exception right while starting with error invalid syntax

Expected behavior

Starting gvm-cli just starts gvm-cli.

Current behavior

Right while statring gvm-cli gives an exception with error invalid syntax:

# gvm-cli
Traceback (most recent call last):
  File "/usr/local/bin/gvm-cli", line 11, in <module>
    load_entry_point('gvm-tools==2.0.0.dev1', 'console_scripts', 'gvm-cli')()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 487, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
    return ep.load()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2346, in load
    return self.resolve()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2352, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/local/lib/python2.7/dist-packages/gvm_tools-2.0.0.dev1-py2.7.egg/gmp/clients/cli.py", line 212
    '--socketpath instead', file=sys.stderr)
                                ^
SyntaxError: invalid syntax

Steps to reproduce

1. Checkupt sources, then configure, compile and install as adviced.
2. call gvm-cli

GVM versions

gsad:

Greenbone Security Assistant 8.0+beta3
GIT revision 3cd5812d6-master
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gvmd:

Greenbone Vulnerability Manager 8.0+beta2
GIT revision 8bc90781-master
Manager DB revision 200
Copyright (C) 2010-2017 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvassd:

OpenVAS Scanner 6.0+beta3
GIT revision b1d4ca6-master
Most new code since 2005: (C) 2018 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <[email protected]>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

node:

v11.4.0

redis-server:

Redis server v=5.0.2 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=669dbd6bdc6d120c

Environment

Operating system:

Linux gvm10 4.18.0-3-amd64 #1 SMP Debian 4.18.20-2 (2018-11-23) x86_64 GNU/Linux

buster/sid

Installation method / source:

source installation, git checkout

Expected behavior

gmp.conf format is described in the documentation.

$ cat gmp.conf
[Auth]
gmp_username=<username>
gmp_password=<password>

$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"

returns XML with "Full and fast" config information.

Current behavior

$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"

returns ('Error in response. Only commands GET_VERSION and COMMANDS are allowed before AUTHENTICATE', <Element gmp_response at 0x7f9b46711cc8>)

While

$ gvm-cli tls --hostname "127.0.0.1" --gmp-username <username> --gmp-password <password> --xml "<get_configs filter='name=\"Full and fast\"'/>"

returns XML with "Full and fast" config information.

Steps to reproduce

$ cat gmp.conf
[Auth]
gmp_username=<username>
gmp_password=<password>

$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"

$ gvm-cli tls --hostname "127.0.0.1" --gmp-username <username> --gmp-password <password> --xml "<get_configs filter='name=\"Full and fast\"'/>"

GVM versions

gsa: 9.0+alpha~git-7d75f9f24-master

gvm: 8.0+beta3

openvas-scanner: 6.0+beta3

gvm-libs: gvm-libs 1.0.0

Environment

Operating system: Debian 9

Installation method / source: source installation

Logfiles

/usr/local/var/log/gvm/gvmd.log:
Failed to parse client XML: Must authenticate first.

Expected behavior

GitHub, PyPI: 2.0.0b1

Current behavior

GitHub: v2.0.0.beta1
PyPI: 2.0.0b1

gvm-cli doesn't provide issue details in the cli output. Exporting this from the web works and holds the data. Same filters are applied.

The rest of the XML looks fine, it is just missing the detailed information of the issues.

I have tried various outputs, none of them give me the details or the report (pdf holds no base64 either).

This is the command ran: gvm-cli -X '<get_reports report_id="3f9578eb-ae8c-410b-b8ac-212093bda557" filter="apply_overrides=0 levels=hml min_qod=50 first=1 rows=1000 details=1 sort=name ignore_pagination=1" format_id="a994b278-1f62-11e1-96ac-406186ea4fc5"/>'

This is the full output for scanme.nmap.org:

<?xml version="1.0"?> <get_reports_response status="200" status_text="OK"> <report id="3f9578eb-ae8c-410b-b8ac-212093bda557" format_id="a994b278-1f62-11e1-96ac-406186ea4fc5" extension="xml" content_type="text/xml"> <owner> <name>Admin</name> </owner> <name>2020-06-18T13:22:06Z</name> <comment/> <creation_time>2020-06-18T13:22:06Z</creation_time> <modification_time/> <writable>0</writable> <in_use>0</in_use> <task id="f71f45f0-203e-4aca-925e-8c6ff36b120d"> <name>scanme.nmap.org</name> </task> <report_format id="a994b278-1f62-11e1-96ac-406186ea4fc5"> <name>XML</name> </report_format> <report id="3f9578eb-ae8c-410b-b8ac-212093bda557"> <gmp> <version>9.0</version> </gmp> <sort> <field>name<order>ascending</order></field> </sort> <filters id=""> <term>apply_overrides=0 levels=hml min_qod=50 first=1 rows=1000 details=1 sort=name ignore_pagination=1</term> <filter>High</filter> <filter>Medium</filter> <filter>Low</filter> <keywords> <keyword> <column>apply_overrides</column> <relation>=</relation> <value>0</value> </keyword> <keyword> <column>levels</column> <relation>=</relation> <value>hml</value> </keyword> <keyword> <column>min_qod</column> <relation>=</relation> <value>50</value> </keyword> <keyword> <column>first</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>rows</column> <relation>=</relation> <value>1000</value> </keyword> <keyword> <column>details</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>sort</column> <relation>=</relation> <value>name</value> </keyword> <keyword> <column>ignore_pagination</column> <relation>=</relation> <value>1</value> </keyword> </keywords> </filters> <severity_class id="d4c74cda-89e1-11e3-9c29-406186ea4fc5"> <name>nist</name> <full_name>NVD Vulnerability Severity Ratings</full_name> <severity_range> <name>None</name> <min>0.0</min> <max>0.0</max> </severity_range> <severity_range> <name>Low</name> <min>0.1</min> <max>3.9</max> </severity_range> <severity_range> <name>Medium</name> <min>4.0</min> <max>6.9</max> </severity_range> <severity_range> <name>High</name> <min>7.0</min> <max>10.0</max> </severity_range> </severity_class> <scan_run_status>Running</scan_run_status> <hosts> <count>2</count> </hosts> <closed_cves> <count>0</count> </closed_cves> <vulns> <count>8</count> </vulns> <os> <count>0</count> </os> <apps> <count>0</count> </apps> <ssl_certs> <count>0</count> </ssl_certs> <task id="f71f45f0-203e-4aca-925e-8c6ff36b120d"> <name>scanme.nmap.org</name> <comment>scanme.nmap.org</comment> <target id="462b7dba-d980-4211-aad1-e5eb9ea2b39b"> <trash>0</trash> <name>scanme.nmap.org</name> <comment/> </target> <progress>66</progress> </task> <scan> <task/> </scan> <timestamp>2020-06-18T13:21:51Z</timestamp> <scan_start>2020-06-18T13:22:06Z</scan_start> <timezone>Coordinated Universal Time</timezone> <timezone_abbrev>UTC</timezone_abbrev> <result_count>20<full>20</full><filtered>0</filtered><debug><full>0</full><filtered>0</filtered></debug><hole><full>0</full><filtered>0</filtered></hole><info><full>0</full><filtered>0</filtered></info><log><full>18</full><filtered>0</filtered></log><warning><full>2</full><filtered>0</filtered></warning><false_positive><full>0</full><filtered>0</filtered></false_positive></result_count> <severity> <full>5.0</full> <filtered>-99.0</filtered> </severity> <scan_end/> <errors> <count>0</count> </errors> <report_format/> </report> </report> <filters id=""> <term>apply_overrides=0 min_qod=70 first=1 rows=10 sort=name</term> <keywords> <keyword> <column>apply_overrides</column> <relation>=</relation> <value>0</value> </keyword> <keyword> <column>min_qod</column> <relation>=</relation> <value>70</value> </keyword> <keyword> <column>first</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>rows</column> <relation>=</relation> <value>10</value> </keyword> <keyword> <column>sort</column> <relation>=</relation> <value>name</value> </keyword> </keywords> </filters> <sort> <field>name<order>ascending</order></field> </sort> <reports start="1" max="1000"/> <report_count>2<filtered>1</filtered><page>1</page></report_count> </get_reports_response>

Hello,

I've installed the gvm-tools (with pip3) but when I try to run the gvm-pyshell in socket mode I get this error:

gvm.errors.GvmError: Socket /var/run/gvmd.sock does not exist

Any hint about how to fix it?

"/opt/gvm/.local/bin/gvm-pyshell", line 10, in <module> sys.exit(main()) File "/opt/gvm/.local/lib/python3.7/site-packages/gvmtools/pyshell.py", line 134, in main with protocol_class(connection, transform=transform) as protocol: File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py", line 79, in __enter__ self.connect() File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/protocols/base.py", line 107, in connect self._connection.connect() File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/connections.py", line 353, in connect ) from None gvm.errors.GvmError: Socket /var/run/gvmd.sock does not exist

There is no gvmd.sock in the whole system. I can only see the ospd.sock:

root@8b480bba09e3:/# ls -l /opt/gvm/var/run/
total 12

-rw-r--r-- 1 root root 4 Jan  8 15:45 gsad.pid
-rw------- 1 gvm  gvm  0 Jan  2 11:56 gvm-checking
-rw------- 1 gvm  gvm  0 Jan  2 11:56 gvm-create-functions
-rw------- 1 gvm  gvm  0 Jan  2 11:56 gvm-helping
-rw------- 1 gvm  gvm  0 Jan  2 11:56 gvm-migrating
-rw------- 1 gvm  gvm  0 Jan  2 11:57 gvm-serving
-rw------- 1 gvm  gvm  4 Jan  8 15:46 gvmd.pid
-rw-r--r-- 1 gvm  gvm  3 Jan  8 15:45 ospd-openvas.pid
srwx------ 1 gvm  gvm  0 Jan  8 15:47 ospd.sock

It seems gvmd is running in some way:

root@8b480bba09e3:/# ps axjf
 PPID   PID  PGID   SID TTY      TPGID STAT   UID   TIME COMMAND
    0 25012 25012 25012 pts/0    26533 Ss       0   0:00 /bin/bash
25012 26533 26533 25012 pts/0    26533 R+       0   0:00  \_ ps axjf
    0     1     1     1 ?           -1 Ss       0   0:00 /bin/sh -c /entrypoint.sh
    1     6     1     1 ?           -1 S        0   0:00 /bin/bash /entrypoint.sh
    6   120     1     1 ?           -1 S        0   0:00  \_ tail -F /opt/gvm/var/log/gvm/gsad.log /opt/gvm/var/log/gvm/gvmd.log /opt/gvm/v
    1    26    26    26 ?           -1 Ssl    103   9:13 /usr/bin/redis-server 127.0.0.1:0
    1    58    55    55 ?           -1 S      104   0:12 /usr/lib/postgresql/11/bin/postgres -D /var/lib/postgresql/11/main -c config_file=
   58    60    60    60 ?           -1 Ss     104   0:11  \_ postgres: 11/main: checkpointer
   58    61    61    61 ?           -1 Ss     104   0:01  \_ postgres: 11/main: background writer
   58    62    62    62 ?           -1 Ss     104   0:22  \_ postgres: 11/main: walwriter
   58    63    63    63 ?           -1 Ss     104   0:01  \_ postgres: 11/main: autovacuum launcher
   58    64    64    64 ?           -1 Ss     104   0:19  \_ postgres: 11/main: stats collector
   58    65    65    65 ?           -1 Ss     104   0:00  \_ postgres: 11/main: logical replication launcher
   58   148   148   148 ?           -1 SLs    104   0:23  \_ postgres: 11/main: gvm gvmd [local] idle
   58 26530 26530 26530 ?           -1 Ss     104   0:00  \_ postgres: 11/main: gvm gvmd [local] idle
    1   101    99    99 ?           -1 S     1000   0:45 gvmd: Waiting for incoming connections
  101 26525    99    99 ?           -1 S     1000   0:00  \_ gvmd: Reloading NVTs
26525 26527    99    99 ?           -1 S     1000   0:00      \_ gvmd: OSP: Updating NVT cache

but the log refers only to ospd.sock:

root@8b480bba09e3:/# cat ./opt/gvm/var/log/gvm/gvmd.log | grep .sock
md manage:WARNING:2020-01-02 10h01.18 utc:217: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock       
md manage:WARNING:2020-01-02 11h57.02 utc:195: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
md manage:WARNING:2020-01-02 11h57.12 utc:206: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
md manage:WARNING:2020-01-02 11h57.22 utc:211: manage_update_nvt_cache_osp: failed to connect to

Getting permission denied error when trying to run a simple <get_version/> command via gvm-cli. Any ideas?

GVM versions

kali@kali:$ gvm-cli --version
gvm-cli 2.0.0 (API version 1.2.0)
kali@kali:$ dpkg -l | grep gvm
ii gvm 11.0.2+kali3 all remote network security auditor - metapackage and useful scripts
ii gvm-tools 2.0.0-0kali1 all Remote control the Greenbone Vulnerability Manager
ii gvmd 9.0.1-2kali1 amd64 Manager Module of Greenbone Vulnerability Manager
ii gvmd-common 9.0.1-2kali1 all architecture independent files for Greenbone Vulnerability Manager
ii libgvm11:amd64 11.0.1-1 amd64 remote network security auditor - shared libraries
ii python3-gvm 1.2.0-0kali2 all Greenbone Vulnerability Management Python Library (Python 3)

Environment

Operating system:
Kali 2020.3
Installation method / source: (packages)

Logfiles

kali@kali:~$ gvm-cli socket --xml "<get_version/>"
Traceback (most recent call last):
  File "/usr/bin/gvm-cli", line 11, in <module>
    load_entry_point('gvm-tools==2.0.0', 'console_scripts', 'gvm-cli')()
  File "/usr/lib/python3/dist-packages/gvmtools/cli.py", line 127, in main
    with protocol_class(connection, transform=transform) as protocol:
  File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 117, in __enter__
    gmp = self.determine_supported_gmp()
  File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 100, in determine_supported_gmp
    version = self.determine_remote_gmp_version()
  File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 83, in determine_remote_gmp_version
    self.connect()
  File "/usr/lib/python3/dist-packages/gvm/protocols/base.py", line 107, in connect
    self._connection.connect()
  File "/usr/lib/python3/dist-packages/gvm/connections.py", line 351, in connect
    self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied

Expected behavior

After gmp-20.08, CREATE_TARGET will need PORT_LIST or PORT_RANGE.

Then I can't create scan job by using it.
I modified the "scan-new-system.gmp.py" for supporting PORT_LIST_ID with argument, then it worked fine(see as below).

patch_scan_new_system.txt

Current behavior

Current scan-new-system.gmp.py does not have PORT_LIST or PORT_RANGE on the argument.
When I ran "scan-new-system.gmp.py" with gvm-script, I have error as below;
Response Error 400. One of PORT_LIST and PORT_RANGE are required

Steps to reproduce

1. run below command wit gvm user;
   /usr/local/bin/gvm-script --gmp-username admin --gmp-password [PASS] tls --port=9390 --host=127.0.0.1 /data/gvm-tools/scripts/scan-new-system.gmp.py [HOST]
2. Then you'll see following error;

 Response Error 400. One of PORT_LIST and PORT_RANGE are required

GVM versions

gsa: (gsad --version)
20.08.0
gvm: (gvmd --version)
20.08.0
gvm-tools: (gvm-cli --version)
gvm-cli 2.1.0 (API version 1.6.0)

Environment

Operating system:
Debian buster
Installation method / source: (packages, source installation)
GVM-Docker

Logfiles

 Response Error 400. One of PORT_LIST and PORT_RANGE are required

There are multiple instances in gmp.py where variables are immediately re-
assigned, likely in error. The instances look like the assignment should go to
an object of the variable instead of the variable itself. For example, the
following code

should probably read

_xmlMethods = etree.SubElement(xmlRoot, 'method')
_xmlMethods.text = method[0]

Other instances:

When I run a command that failed, a traceback displayed before the error message.

Expected behavior

It must be returns an xml response or only the error message.

Current behavior

It returns the python traceback

Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 9, in
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/clients/gvm_cli.py", line 209, in main
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 220, in authenticate
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 113, in read
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 166, in checkCommandStatus
gmp.gvm_connection.GMPError: Authentication failed

Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 9, in
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/clients/gvm_cli.py", line 213, in main
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 113, in read
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 166, in checkCommandStatus
gmp.gvm_connection.GMPError: Failed to find task '1515'

Steps to reproduce

1. Run a tls command with wrong pass or user.
   gvm-cli tls --hostname=localhost --xml "<get_tasks/>" --gmp-username 'admin' --gmp-password 'wrongpass'

or run

gvm-cli tls --hostname=localhost --xml "<get_tasks task_id='1515'/>" --gmp-username 'admin' --gmp-password 'correctpass'

GVM versions

gsa: (gsad --version)

gvm:
Greenbone Vulnerability Manager 8.0+beta1
Manager DB revision 191
&
OpenVAS Manager 7.0.3
Manager DB revision 184

openvas-scanner:
OpenVAS Scanner 6.0+beta1
&
OpenVAS Scanner 5.1.2

gvm-libs:

gvm-tools: gvm-cli 1.4.1

Environment

Operating system:
Ubuntu 16.04.5 LTS

Installation method / source:
source installation

Expected behavior

ssh_credential should be considered as parameter

Current behavior

ssh_credential is not recognizing as parameter

Steps to reproduce

1. execute below command which will create a target from xm;l template
   gvm-script --gmp-username <u/n>--gmp-password <p/w> socket --socketpath /var/run/openvasmd.sock send-targets.gmp target_template.xml

GVM versions

gsa: (gsad --version)
Greenbone Security Assistant 7.0.3
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gvm: (gvmd --version)
openvasmd --version
OpenVAS Manager 7.0.3
Manager DB revision 184
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvas-scanner: (openvassd --version)
openvassd --version
OpenVAS Scanner 5.1.3
Most new code since 2005: (C) 2016 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison [email protected]
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gvm-libs:
gvm-script

gvm-tools: (gvm-cli --version)
gvm-cli --version
gvm-cli 2.0.0 (API version 1.0.0)

Environment

UBUNTU

git hub

Logfiles

Sending targets...
{'name': 'Template', 'hosts': '127.0.0.1', 'exclude_hosts': None, 'ssh_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3', 'port': '22'}, 'smb_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3'}, 'esxi_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3'}, 'port_range': 'T:22,80,443,2301,9920,9960,12443,U:22,80,443,2301,9920,9960,12443', 'port_list_id': 'f34642aa-e335-4781-81ed-2f2b58d1c195'}
Traceback (most recent call last):
  File "/usr/local/bin/gvm-script", line 11, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.6/dist-packages/gvmtools/script.py", line 119, in main
    run_script(args.scriptname, global_vars)
  File "/usr/local/lib/python3.6/dist-packages/gvmtools/helper.py", line 145, in run_script
    exec(file, global_vars)  # pylint: disable=exec-used
  File "<string>", line 166, in <module>
  File "<string>", line 160, in main
  File "<string>", line 145, in parse_send_xml_tree
TypeError: create_target() got an unexpected keyword argument 'ssh_credential'

I tried to install the gvm-tools with the specified command,
whereupon this error message came: "Could not find a version that satisfies the requirement gvm-tools (from versions: )
No matching distribution found for gvm-tools"
This is because pip uses python 2.7, but for the gvm tools and their installation you need pip over python 3. This means in turn that the command must read as follows: "pip3 install --user gvm-tools"
I found a solution on community.greenbone.net where a customer opened a case for it. It got solved, but it would be nice if this solution could be published in this installation guide that noone gets this issue anymore.

so we don't need external dependencies for the scripts.

implement using python standard library.

On the python pip repo, only the old version 2.1.0 is proved.
The new 20.10.0 version is missing here.

Expected behavior

Earlier version of gvm-cli used to expect the CONNECTION_TYPE before all
other parameters, i.e.:

gvm-cli ssh --gmp-username foo --gmp-password bar --xml '<get_reports/>'

Current behavior

Using the sequence above, the current version of gvm-cli prints a traceback
ending with FileNotFoundError: [Errno 2] No such file or directory: 'foo'

Reordering the paremeters as follows make the call work again:

gvm-cli --gmp-username foo --gmp-password bar ssh --xml '<get_reports/>'

Steps to reproduce

See above in Expected behavior.

GVM versions

gvm-tools: (gvm-cli --version)

gvm-cli 2.0.0b1 (API version 1.0.0b2.dev1)

When getting big results with gmp.get_reports and shell_mode=True we get a "huge text node" error.

For example this error.

Error: xmlSAX2Characters: huge text node, line 12679, column 561 (, line 12679)

It seems like lxml don't like big files without a Parser option.
huge_tree - disable security restrictions and support very deep trees and very long text content (only affects libxml2 2.7+) >> lxml.de/parsing.html#parsers

This is the diff for my ugly hack that handles "huge text nodes":

(ovas-mgr) falk@broekn ~/_tmp » diff gvm_connection.py-orig gvm_connection.py
39a40,42
> parser = etree.XMLParser(encoding='utf-8', recover=True, huge_tree=False)
> huge_parser = etree.XMLParser(encoding='utf-8', recover=True, huge_tree=True)
> 
108c111,117
<             tree = etree.parse(f)
---
>             try:
>                 tree = etree.parse(f, parser)
>             except Exception as err:
>                 if 'huge text node' in err.msg:
>                     tree = etree.parse(f, huge_parser)
>                 else:
>                     raise err
135c144
<             parser = etree.XMLParser(encoding='utf-8', recover=True)
---
> 

Code to reproduce:

#!/usr/bin/python3

from gmp.gvm_connection import TLSConnection
from config import GVM_HOSTNAME, GVM_PORT, GVM_TIMEOUT, GVM_USER, GVM_PASSWD


# gmp has to be global, so the load-function has the correct namespace
gmp = None

# Huge report in openvas (~14M)
rid ='5b5a5053-da06-4ce7-a2e2-39150f16eb53'


def connect(rid):
    global gmp
    gmp = TLSConnection(hostname=GVM_HOSTNAME, port=GVM_PORT,
                        timeout=GVM_TIMEOUT, shell_mode=True)
    gmp.authenticate(GVM_USER, GVM_PASSWD)


def get_report(rid):
    try:
        report = gmp.get_reports(report_id=rid)
        r = report
    except Exception as e:
        print('Error: ' + str(e))
        r = None


    return r

if __name__ == '__main__':
    connect(rid)
    r = get_report(rid)
    print(r)

As you can see from my code, I'm no python coder and I don't know if this is of any interest, but perhaps it can help somewhat or someone :)

--
Regards Falk

I'm using the latest build, but I'm having problems with scanning in the cloud, I believe it's openvas' own, but it doesn't allow scheduling a scan or creating a list of targets with range / 16.

I have a VPC 10.10.0.0/16 and I need to scan new hosts that appear, since if I update the list with new IPs I will have to delete the schedule, the results and the current target.

Is there any way to scan with this range? I read that it is possible, but only if you make any changes to the GVMD.

Expected behavior

Schedule / 16 range.

Current behavior

Informs that it is not a valid entry.

are gvm-tools run with alle gmp version hosts?
I try gmp.get_version() with version 6.0 and the anser is:
gmp.gvm_connection.GMPError: Bogus command name

hi,I use the command <get_reports id="" format_id="6c248850-1f62-11e1-b082-406186ea4fc5">
but it dosent generate a file ,so I use command <get_reports id="">| tee result.xml

I find one way to generate html file,
cd /usr/share/openvas/openvasmd/report_formats/6c248850-1f62-11e1-b082-406186ea4fc5
then run ./generate ~/result.xml >/temp/result.html
it seems work

is there a esay way to generate the html report?

scripts/send-schedule.gmp uses python dateutil https://pypi.org/project/python-dateutil/ at the moment. Clarify if it can be replaced by a python build in library.

gvm-pyshell puts all of its globals into the scope of the interactive shell and gmp scripts while calling exec. This should be reduced to only pass the pretty function (which then can be moved out of the pyshell module possibly), Gmp instance and the scripts arguments.

Before changing the exec call we must ensure that all our existing gmp scripts don't require other globals and fix them.

Hi,
Could you tell me, is there some script examples for deleting task and reports of openvas?

We have set many tasks and got many reports, and we need to delete them in batch mode.

But the github provided script examples only show how to setup task, but no deleting task.

Currently the README contains several examples of the console applications gvm-cli and gvm-pyshell.

These examples should be simplified in the readme and moved to the sphinx docu. Additionally the docu should get two sections about both of the applications explaining them more in detail.

When downloading an openvas report in raw XML format over gvm-cli socket with the get_reports command, I get a decoding error. As the error points out, this has to do with data decoding mismatch it seems. See:

$ gvm-cli socket -c --xml "<get_reports report_id=\"795ecf96-7957-4553-a203-30affa1e34e0\" format_id=\"a994b278-1f62-11e1-96ac-406186ea4fc5\"/>"
Traceback (most recent call last):
  File "/usr/local/bin/gvm-cli", line 11, in <module>
    load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
  File "/usr/local/lib/python3.6/dist-packages/gmp/clients/gvm_cli.py", line 213, in main
    result = gvm.read()
  File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 103, in read
    response = self.readAll()
  File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 973, in readAll
    response += data.decode()
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 1023: unexpected end of data

I looked at gvm_connection.py, line 973, which reads:
response += data.decode()

I did some hacking around and then changed line 973 to:
response += data.decode('latin-1')

Then everything worked fine and the download will finish successfully. Looks to me there is some encoding/decoding mismatch here. My environment is all standard utf-8 (LANG=en_US.UTF-8). There seems to be no encoding settings available for openvassd, nor in gvm-cli or ~/.config/gvm-tools.conf.
Is it the case that data/reports from openvas are returned in mixed encoding, some in utf-8, some in latin-1?

I don't get this problem when viewing the same report/results in the gsad GUI.

gsa: (gsad --version)
Greenbone Security Assistant 8.0+beta2
GIT revision d1a83ab88-master

gvm: (gvmd --version)
Greenbone Vulnerability Manager 8.0+beta1
GIT revision 3691c0ad-master

openvas-scanner: (openvassd --version)
OpenVAS Scanner 6.0+beta2
GIT revision a13b0f7-master

gvm-libs:
~/gvm-libs$ git log
commit 58248fdd4752e6073ada8497996a29572b41b10b (HEAD -> master, origin/master, origin/HEAD) ...

gvm-tools: (gvm-cli --version)
gvm-cli 1.4.1

Operating system:
$ uname -a
Linux 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Installation method / source: (packages, source installation)
From source following INSTALL

Logfiles

/usr/local/var/log/gvm/gvmd.log:

md   main:WARNING:2018-09-14 10h14.06 UTC:11191: read_from_client_unix: failed to read from client: Connection reset by peer

/usr/bin/python3 setup.py test:

test_gmp_password_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --gmp-password foo
ok
test_gmp_username (tests.test_parser.RootArgumentsParserTest) ... ok
test_gmp_username_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --gmp-username foo
ok
test_loglevel (tests.test_parser.RootArgumentsParserTest) ... ok
test_loglevel_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --log ERROR
ok
test_timeout (tests.test_parser.RootArgumentsParserTest) ... ok
test_timeout_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --timeout 1000

The API has a serious problem with creating the commands. You always concatenate strings with the XML tags, but you never encode the values. This works as long as you don't use any XML specific characters. I got a problem when I tried to create a task with an ampersand (&) in the name. So you should always encode all inserted strings!

I fixed the problem for the "createTaskCommand" on a clean way, as I only had the problem with that command. Maybe you could fix all the other commands, too?

First fix: #39

Hi @jschwartz27,

could you please refactor scripts/send-tasks.gmp to not use an exec statement? Using exec pollutes the global namespace and executing python code dynamically from a string is very dangerous. I am going to remove the script completely if we can't refactor it.

It is not possible to use create_filter because createFilterCommand filters the required field 'filter_type' faulty.

If you obey to the if statement in createFilterCommand the OpenVAS Daemon answers:
gvm_tools.gmp.gvm_connection.GMPError: Type must be a valid OMP type

If you follow the OMP Documentation createFilterCommand actively raises a ValueError.

This behaviour should be corrected to enable the usage of create_filter at all.

Expected behavior

No exception should be thrown if /tmp/check_gmp isn't write-able. Instead a message informing the user about the missing permissions should be shown.

Current behavior

The following exception is throw which doesn't lead to missing permissions when writing the DB file:

Traceback (most recent call last):
  File "/usr/local/bin/gvm-script", line 10, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.7/dist-packages/gvmtools/script.py", line 119, in main
    run_script(args.scriptname, global_vars)
  File "/usr/local/lib/python3.7/dist-packages/gvmtools/helper.py", line 145, in run_script
    exec(file, global_vars)  # pylint: disable=exec-used
  File "<string>", line 1410, in <module>
  File "<string>", line 1379, in main
  File "<string>", line 107, in __init__
AttributeError: 'NoneType' object has no attribute 'execute'

Steps to reproduce

1. Install gvm-tools 2.0.0 and python-gvm 1.0.0
2. mkdir /tmp/check_gmp
3. chmod o-rwx /tmp/check_gmp
4. chown root:root /tmp/check_gmp

(Note: The different permissions where from a previous setup running check-gmp.gmp as root.)

GVM versions

gvm-tools: 2.0.0

python-gvm: 1.0.0

When I try to run the following code:

with Osp(connection, transform=transform) as osp:
    response = osp.get_version()
    pretty_print(response)

    # It doenst exists autenticate method in osp
    #osp.authenticate('admin', 'admin')

    # Display scans
    scans = osp.get_scans()
    pretty_print(scans)

I get this error:

<gmp_response status="400" status_text="Only commands GET_VERSION and COMMANDS are allowed before AUTHENTICATE"/>

I was able to work with Gmp, but it seems Osp only exposes get_version() because for the other functions I need to be authenticated, and there is no way for authenticate.

What I am doing wrong?

Expected behavior

When I export target from GVM, XML file containing <alive_tests>Consider Alive</alive_tests>, etc. And I wish to use this XML format to create new target. For example, when I use NAMEHOSTS<alive_tests>Consider Alive</alive_tests>, I wish to see "Consider Alive" in the new target.

Current behavior

When we put it through send-targets.gmp.py, alive_test will be "Scan Config Default".
I found now alive_test needs to be an AliveTest enum, but this sample script is not supporting it. Then I wish to make PR to fix it.

Steps to reproduce

1. Export any target which alive_tests is not "Scan Config Default".
2. Modify exported XML name and put it with send-targets.gmp.py
3. You see new target's alive_tests is "Scan Config Default".

GVM versions

gsa: (gsad --version)
Greenbone Security Assistant 20.08.0

gvm: (gvmd --version)
Greenbone Vulnerability Manager 20.08.0
Manager DB revision 233
Copyright (C) 2010-2020 Greenbone Networks GmbH
License: AGPL-3.0-or-later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvas-scanner: (openvassd --version)

gvm-libs:

gvm-tools: (gvm-cli --version)
gvm-cli 2.1.0 (API version 1.6.0)

Environment

Operating system:
Debian buster
Installation method / source: (packages, source installation)
Docker (securecompliance GVM)

Logfiles