greenbone / gvm-tools Goto Github PK
View Code? Open in Web Editor NEWRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Home Page: https://greenbone.github.io/gvm-tools/
License: GNU General Public License v3.0
Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Home Page: https://greenbone.github.io/gvm-tools/
License: GNU General Public License v3.0
When I export target from GVM, XML file containing <alive_tests>Consider Alive</alive_tests>, etc. And I wish to use this XML format to create new target. For example, when I use NAMEHOSTS<alive_tests>Consider Alive</alive_tests>, I wish to see "Consider Alive" in the new target.
When we put it through send-targets.gmp.py, alive_test will be "Scan Config Default".
I found now alive_test needs to be an AliveTest enum, but this sample script is not supporting it. Then I wish to make PR to fix it.
gsa: (gsad --version)
Greenbone Security Assistant 20.08.0
gvm: (gvmd --version)
Greenbone Vulnerability Manager 20.08.0
Manager DB revision 233
Copyright (C) 2010-2020 Greenbone Networks GmbH
License: AGPL-3.0-or-later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
openvas-scanner: (openvassd --version)
gvm-libs:
gvm-tools: (gvm-cli --version)
gvm-cli 2.1.0 (API version 1.6.0)
Operating system:
Debian buster
Installation method / source: (packages, source installation)
Docker (securecompliance GVM)
It is not possible to use create_filter because createFilterCommand filters the required field 'filter_type' faulty.
If you obey to the if statement in createFilterCommand the OpenVAS Daemon answers:
gvm_tools.gmp.gvm_connection.GMPError: Type must be a valid OMP type
If you follow the OMP Documentation createFilterCommand actively raises a ValueError.
This behaviour should be corrected to enable the usage of create_filter at all.
scripts/update-task-target.gmp updates target of task given UUID of task and CSV of hosts
scripts/update-task-target.gmp
errors out with TypeError: get_tasks() got an unexpected keyword argument 'task_id'
user@host$ gvm-pyshell tls --hostname 127.0.0.1 --port 9390 --gmp-username foo --gmp-password bar ./update-task-target.gmp ./host_file.csv "1ea79218-95ad-4a90-b933-e1c1a72a0cf9"
Traceback (most recent call last):
File "/usr/local/bin/gvm-pyshell", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 325, in main
load(script_name, global_vars)
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 352, in load
exec(file, global_vars) # pylint: disable=exec-used
File "", line 129, in
File "", line 121, in main
TypeError: get_tasks() got an unexpected keyword argument 'task_id'
gsa: (gsad --version)
Greenbone Security Assistant 7.0.3
gvm: (gvmd --version)
OpenVAS Manager 7.0.3
openvas-scanner: (openvassd --version)
OpenVAS Scanner 5.1.3
gvm-libs:
9.0.3-1+b1
gvm-tools: (gvm-cli --version)
gvm-cli 2.0.0.beta1. API version 1.0.0.beta2
Operating system:
KALI 2019.1a
Installation method / source: (packages, source installation)
Kali repos
GVM via PIP3
When I run a command that failed, a traceback displayed before the error message.
It must be returns an xml response or only the error message.
It returns the python traceback
Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 9, in
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/clients/gvm_cli.py", line 209, in main
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 220, in authenticate
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 113, in read
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 166, in checkCommandStatus
gmp.gvm_connection.GMPError: Authentication failed
Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 9, in
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/clients/gvm_cli.py", line 213, in main
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 113, in read
File "/usr/local/lib/python3.5/dist-packages/gvm_tools-1.4.1-py3.5.egg/gmp/gvm_connection.py", line 166, in checkCommandStatus
gmp.gvm_connection.GMPError: Failed to find task '1515'
gvm-cli tls --hostname=localhost --xml "<get_tasks/>" --gmp-username 'admin' --gmp-password 'wrongpass'
or run
gvm-cli tls --hostname=localhost --xml "<get_tasks task_id='1515'/>" --gmp-username 'admin' --gmp-password 'correctpass'
gsa: (gsad --version)
gvm:
Greenbone Vulnerability Manager 8.0+beta1
Manager DB revision 191
&
OpenVAS Manager 7.0.3
Manager DB revision 184
openvas-scanner:
OpenVAS Scanner 6.0+beta1
&
OpenVAS Scanner 5.1.2
gvm-libs:
gvm-tools: gvm-cli 1.4.1
Operating system:
Ubuntu 16.04.5 LTS
Installation method / source:
source installation
The API has a serious problem with creating the commands. You always concatenate strings with the XML tags, but you never encode the values. This works as long as you don't use any XML specific characters. I got a problem when I tried to create a task with an ampersand (&) in the name. So you should always encode all inserted strings!
I fixed the problem for the "createTaskCommand" on a clean way, as I only had the problem with that command. Maybe you could fix all the other commands, too?
First fix: #39
Hello,
I've installed the gvm-tools (with pip3) but when I try to run the gvm-pyshell in socket mode I get this error:
gvm.errors.GvmError: Socket /var/run/gvmd.sock does not exist
Any hint about how to fix it?
"/opt/gvm/.local/bin/gvm-pyshell", line 10, in <module> sys.exit(main()) File "/opt/gvm/.local/lib/python3.7/site-packages/gvmtools/pyshell.py", line 134, in main with protocol_class(connection, transform=transform) as protocol: File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py", line 79, in __enter__ self.connect() File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/protocols/base.py", line 107, in connect self._connection.connect() File "/opt/gvm/.local/lib/python3.7/site-packages/gvm/connections.py", line 353, in connect ) from None gvm.errors.GvmError: Socket /var/run/gvmd.sock does not exist
There is no gvmd.sock in the whole system. I can only see the ospd.sock:
root@8b480bba09e3:/# ls -l /opt/gvm/var/run/
total 12
-rw-r--r-- 1 root root 4 Jan 8 15:45 gsad.pid
-rw------- 1 gvm gvm 0 Jan 2 11:56 gvm-checking
-rw------- 1 gvm gvm 0 Jan 2 11:56 gvm-create-functions
-rw------- 1 gvm gvm 0 Jan 2 11:56 gvm-helping
-rw------- 1 gvm gvm 0 Jan 2 11:56 gvm-migrating
-rw------- 1 gvm gvm 0 Jan 2 11:57 gvm-serving
-rw------- 1 gvm gvm 4 Jan 8 15:46 gvmd.pid
-rw-r--r-- 1 gvm gvm 3 Jan 8 15:45 ospd-openvas.pid
srwx------ 1 gvm gvm 0 Jan 8 15:47 ospd.sock
It seems gvmd is running in some way:
root@8b480bba09e3:/# ps axjf
PPID PID PGID SID TTY TPGID STAT UID TIME COMMAND
0 25012 25012 25012 pts/0 26533 Ss 0 0:00 /bin/bash
25012 26533 26533 25012 pts/0 26533 R+ 0 0:00 \_ ps axjf
0 1 1 1 ? -1 Ss 0 0:00 /bin/sh -c /entrypoint.sh
1 6 1 1 ? -1 S 0 0:00 /bin/bash /entrypoint.sh
6 120 1 1 ? -1 S 0 0:00 \_ tail -F /opt/gvm/var/log/gvm/gsad.log /opt/gvm/var/log/gvm/gvmd.log /opt/gvm/v
1 26 26 26 ? -1 Ssl 103 9:13 /usr/bin/redis-server 127.0.0.1:0
1 58 55 55 ? -1 S 104 0:12 /usr/lib/postgresql/11/bin/postgres -D /var/lib/postgresql/11/main -c config_file=
58 60 60 60 ? -1 Ss 104 0:11 \_ postgres: 11/main: checkpointer
58 61 61 61 ? -1 Ss 104 0:01 \_ postgres: 11/main: background writer
58 62 62 62 ? -1 Ss 104 0:22 \_ postgres: 11/main: walwriter
58 63 63 63 ? -1 Ss 104 0:01 \_ postgres: 11/main: autovacuum launcher
58 64 64 64 ? -1 Ss 104 0:19 \_ postgres: 11/main: stats collector
58 65 65 65 ? -1 Ss 104 0:00 \_ postgres: 11/main: logical replication launcher
58 148 148 148 ? -1 SLs 104 0:23 \_ postgres: 11/main: gvm gvmd [local] idle
58 26530 26530 26530 ? -1 Ss 104 0:00 \_ postgres: 11/main: gvm gvmd [local] idle
1 101 99 99 ? -1 S 1000 0:45 gvmd: Waiting for incoming connections
101 26525 99 99 ? -1 S 1000 0:00 \_ gvmd: Reloading NVTs
26525 26527 99 99 ? -1 S 1000 0:00 \_ gvmd: OSP: Updating NVT cache
but the log refers only to ospd.sock:
root@8b480bba09e3:/# cat ./opt/gvm/var/log/gvm/gvmd.log | grep .sock
md manage:WARNING:2020-01-02 10h01.18 utc:217: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
md manage:WARNING:2020-01-02 11h57.02 utc:195: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
md manage:WARNING:2020-01-02 11h57.12 utc:206: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
md manage:WARNING:2020-01-02 11h57.22 utc:211: manage_update_nvt_cache_osp: failed to connect to
Getting permission denied error when trying to run a simple <get_version/> command via gvm-cli. Any ideas?
kali@kali:$ gvm-cli --version$ dpkg -l | grep gvm
gvm-cli 2.0.0 (API version 1.2.0)
kali@kali:
ii gvm 11.0.2+kali3 all remote network security auditor - metapackage and useful scripts
ii gvm-tools 2.0.0-0kali1 all Remote control the Greenbone Vulnerability Manager
ii gvmd 9.0.1-2kali1 amd64 Manager Module of Greenbone Vulnerability Manager
ii gvmd-common 9.0.1-2kali1 all architecture independent files for Greenbone Vulnerability Manager
ii libgvm11:amd64 11.0.1-1 amd64 remote network security auditor - shared libraries
ii python3-gvm 1.2.0-0kali2 all Greenbone Vulnerability Management Python Library (Python 3)
Operating system:
Kali 2020.3
Installation method / source: (packages)
kali@kali:~$ gvm-cli socket --xml "<get_version/>"
Traceback (most recent call last):
File "/usr/bin/gvm-cli", line 11, in <module>
load_entry_point('gvm-tools==2.0.0', 'console_scripts', 'gvm-cli')()
File "/usr/lib/python3/dist-packages/gvmtools/cli.py", line 127, in main
with protocol_class(connection, transform=transform) as protocol:
File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 117, in __enter__
gmp = self.determine_supported_gmp()
File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 100, in determine_supported_gmp
version = self.determine_remote_gmp_version()
File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 83, in determine_remote_gmp_version
self.connect()
File "/usr/lib/python3/dist-packages/gvm/protocols/base.py", line 107, in connect
self._connection.connect()
File "/usr/lib/python3/dist-packages/gvm/connections.py", line 351, in connect
self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied
Hi @jschwartz27,
could you please refactor scripts/send-tasks.gmp to not use an exec statement? Using exec pollutes the global namespace and executing python code dynamically from a string is very dangerous. I am going to remove the script completely if we can't refactor it.
GVM Interactive Console. Type "help" to get information about functionality.
>>> ret = gmp.get_results()
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/usr/lib/python3/dist-packages/gmp/gvm_connection.py", line 563, in get_results
return self.read()
File "/usr/lib/python3/dist-packages/gmp/gvm_connection.py", line 92, in read
response = self.readAll()
File "/usr/lib/python3/dist-packages/gmp/gvm_connection.py", line 837, in readAll
data = self.channel.recv(BUF_SIZE).decode('utf-8')
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc3 in position 1023: unexpected end of data
>>>
I'm using the latest build, but I'm having problems with scanning in the cloud, I believe it's openvas' own, but it doesn't allow scheduling a scan or creating a list of targets with range / 16.
I have a VPC 10.10.0.0/16 and I need to scan new hosts that appear, since if I update the list with new IPs I will have to delete the schedule, the results and the current target.
Is there any way to scan with this range? I read that it is possible, but only if you make any changes to the GVMD.
Schedule / 16 range.
Informs that it is not a valid entry.
There are multiple instances in gmp.py where variables are immediately re-
assigned, likely in error. The instances look like the assignment should go to
an object of the variable instead of the variable itself. For example, the
following code
Lines 89 to 90 in 6d293e6
should probably read
_xmlMethods = etree.SubElement(xmlRoot, 'method')
_xmlMethods.text = method[0]
Other instances:
Lines 101 to 102 in 6d293e6
Lines 105 to 106 in 6d293e6
When click on cancel at the log in dialog then this exception will thrown:
Traceback (most recent call last):
File "/bin/gvm-dialog", line 11, in <module>
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-dialog')()
File "/usr/lib/python3.6/site-packages/gmp/clients/gvm_dialog.py", line 146, in main
gmp.authenticate(credentials[0], credentials[1])
IndexError: list index out of range
Enter an wrong password then another exception will thrown:
Traceback (most recent call last):
File "/bin/gvm-dialog", line 11, in <module>
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-dialog')()
File "/usr/lib/python3.6/site-packages/gmp/clients/gvm_dialog.py", line 146, in main
gmp.authenticate(credentials[0], credentials[1])
File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 220, in authenticate
return self.read()
File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 113, in read
self.checkCommandStatus(response)
File "/usr/lib/python3.6/site-packages/gmp/gvm_connection.py", line 166, in checkCommandStatus
raise GMPError(status_text)
gmp.gvm_connection.GMPError: Authentication failed
Expected:
That the exceptions will be catched.
No exception should be thrown if /tmp/check_gmp isn't write-able. Instead a message informing the user about the missing permissions should be shown.
The following exception is throw which doesn't lead to missing permissions when writing the DB file:
Traceback (most recent call last):
File "/usr/local/bin/gvm-script", line 10, in <module>
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/gvmtools/script.py", line 119, in main
run_script(args.scriptname, global_vars)
File "/usr/local/lib/python3.7/dist-packages/gvmtools/helper.py", line 145, in run_script
exec(file, global_vars) # pylint: disable=exec-used
File "<string>", line 1410, in <module>
File "<string>", line 1379, in main
File "<string>", line 107, in __init__
AttributeError: 'NoneType' object has no attribute 'execute'
mkdir /tmp/check_gmp
chmod o-rwx /tmp/check_gmp
chown root:root /tmp/check_gmp
(Note: The different permissions where from a previous setup running check-gmp.gmp as root.)
gvm-tools: 2.0.0
python-gvm: 1.0.0
The implementation of the alerts feature (requested in issue/29) does not allow the usage of multiple alerts for a task yet.
/usr/bin/python3 setup.py test:
test_gmp_password_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --gmp-password foo
ok
test_gmp_username (tests.test_parser.RootArgumentsParserTest) ... ok
test_gmp_username_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --gmp-username foo
ok
test_loglevel (tests.test_parser.RootArgumentsParserTest) ... ok
test_loglevel_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --log ERROR
ok
test_timeout (tests.test_parser.RootArgumentsParserTest) ... ok
test_timeout_after_subparser (tests.test_parser.RootArgumentsParserTest) ... usage: gvm-test-cli [-h] [-c [CONFIG]]
[--log [{DEBUG,INFO,WARNING,ERROR,CRITICAL}]]
[--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
[--gmp-password GMP_PASSWORD] [-V]
CONNECTION_TYPE ...
gvm-test-cli: error: unrecognized arguments --timeout 1000
No Errors and Traceback when running the software.
[davidak@ethmoid:~/code/gvm-tools/scripts]$ gvm-script --gmp-username ***** --gmp-password ***** ssh --hostname 192.168.10.157 random-report-gen.gmp
Traceback (most recent call last):
File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/bin/.gvm-script-wrapped", line 11, in <module>
sys.exit(main())
File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/lib/python3.5/site-packages/gvmtools/script.py", line 119, in main
run_script(args.scriptname, global_vars)
File "/nix/store/jqi0n74yp1kp3x0p8rxah06x41lb0m9z-gvm-tools-2.0.0/lib/python3.5/site-packages/gvmtools/helper.py", line 145, in run_script
exec(file, global_vars) # pylint: disable=exec-used
File "<string>", line 451, in <module>
File "<string>", line 431, in main
TypeError: invalid file: PosixPath('/home/davidak/code/gvm-tools/scripts/default_report_data.json')
It works with python 3.6.
[davidak@ethmoid:~/code/gvm-tools/scripts]$ gvm-script --gmp-username ***** --gmp-password ***** ssh --hostname 192.168.10.157 random-report-gen.gmp
Generating randomized data(s)...
Generation done.
Reason: https://stackoverflow.com/a/42694113
gvm-tools: gvm-cli 2.0.0 (API version 1.0.0)
Operating system: NixOS 19.09.976.c75de8bc12c (Loris)
Installation method / source: personal package https://github.com/davidak/nixos-config/blob/87228f497b8facbb72a38861e64990e90158b85c/packages/gvm-tools/default.nix
Python 3.5
Works with Python 3.6: davidak/nixos-config@b8104ea
Setup using pip works. Install on unsupported python versions should print error.
Setup using pip fails.
[davidak@ethmoid:~/code/gvm-tools]$ docker run -ti --rm -v $PWD:/root/code python:2.7 bash
root@0b889fd71820:/# cd /root/code/
root@0b889fd71820:~/code# pip install .
Processing /root/code
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-req-build-7ld4Vi/setup.py", line 27, in <module>
version = __import__('gvmtools').get_version()
File "gvmtools/__init__.py", line 22, in <module>
from gvm.utils import get_version_string
ImportError: No module named gvm.utils
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-req-build-7ld4Vi/
[davidak@ethmoid:~/code/gvm-tools]$ docker run -ti --rm -v $PWD:/root/code python:3.4 bash
root@cdd0bcd63f62:/# cd /root/code/
root@cdd0bcd63f62:~/code# pip install .
Processing /root/code
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-req-build-nf8a9fgh/setup.py", line 27, in <module>
version = __import__('gvmtools').get_version()
File "/tmp/pip-req-build-nf8a9fgh/gvmtools/__init__.py", line 22, in <module>
from gvm.utils import get_version_string
ImportError: No module named 'gvm'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-req-build-nf8a9fgh/
Same on Python 3.5.
gvm-tools: master (0ccb585)
Operating system: python docker image
Installation method / source: pip using source
gmp.conf format is described in the documentation.
$ cat gmp.conf
[Auth]
gmp_username=<username>
gmp_password=<password>
$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"
returns XML with "Full and fast" config information.
$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"
returns ('Error in response. Only commands GET_VERSION and COMMANDS are allowed before AUTHENTICATE', <Element gmp_response at 0x7f9b46711cc8>)
While
$ gvm-cli tls --hostname "127.0.0.1" --gmp-username <username> --gmp-password <password> --xml "<get_configs filter='name=\"Full and fast\"'/>"
returns XML with "Full and fast" config information.
$ cat gmp.conf
[Auth]
gmp_username=<username>
gmp_password=<password>
$ gvm-cli tls --hostname "127.0.0.1" -c "gmp.conf" --xml "<get_configs filter='name=\"Full and fast\"'/>"
$ gvm-cli tls --hostname "127.0.0.1" --gmp-username <username> --gmp-password <password> --xml "<get_configs filter='name=\"Full and fast\"'/>"
gsa: 9.0+alpha~git-7d75f9f24-master
gvm: 8.0+beta3
openvas-scanner: 6.0+beta3
gvm-libs: gvm-libs 1.0.0
Operating system: Debian 9
Installation method / source: source installation
/usr/local/var/log/gvm/gvmd.log:
Failed to parse client XML: Must authenticate first.
Script runs without errors.
Script exits with error: "This tool MUST NOT be run as root user."
Why?
In general it might not be a good idea to run random scripts from the internet (as root). But in this case i'm inside a (docker) container, so it can't cause any damage. I see no good reason why this error appears!
gvm-tools: (gvm-cli --version) i even don't get the version as root :(
Operating system: debian 9 inside docker
Installation method / source: pip
root@e278f02965f2:~/code# /root/.local/bin/gvm-script random-report-gen.gmp
Traceback (most recent call last):
File "/root/.local/bin/gvm-script", line 10, in <module>
sys.exit(main())
File "/root/.local/lib/python3.5/site-packages/gvmtools/script.py", line 51, in main
do_not_run_as_root()
File "/root/.local/lib/python3.5/site-packages/gvmtools/helper.py", line 91, in do_not_run_as_root
raise RuntimeError('This tool MUST NOT be run as root user.')
RuntimeError: This tool MUST NOT be run as root user.
Hello,
i need some help, here is my code:
!/usr/bin python3.6
-- coding: utf-8 --
from gvm.connections import UnixSocketConnection
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print
connection = UnixSocketConnection()
transform = EtreeTransform()
gmp = Gmp(connection, transform=transform)
version = gmp.get_version()
pretty_print(version)
Traceback (most recent call last):
File "gmp.py", line 4, in
from gvm.connections import UnixSocketConnection
File "/usr/lib/python2.7/site-packages/gvm/connections.py", line 172
def init(self, *, timeout=DEFAULT_TIMEOUT, hostname='127.0.0.1',
^
SyntaxError: invalid syntax
[root@p21210v tianna]# python3 gmp.py
Traceback (most recent call last):
File "gmp.py", line 14, in
version = gmp.get_version()
File "/usr/lib/python3.4/site-packages/gvm/protocols/gmpv7.py", line 3268, in get_version
return self._send_xml_command(XmlCommand('get_version'))
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 77, in _send_xml_command
return self.send_command(xmlcmd.to_string())
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 131, in send_command
raise e
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 127, in send_command
self._send(cmd)
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 62, in _send
self.connect()
File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 98, in connect
self._connection.connect()
File "/usr/lib/python3.4/site-packages/gvm/connections.py", line 310, in connect
self._socket.connect(self.path)
FileNotFoundError: [Errno 2] No such file or directory
ps axu | grep gvmd
root 5082 0.0 0.0 112704 976 pts/2 R+ 19:57 0:00 grep --color=auto gvmd
root 14816 0.0 0.4 422948 75512 ? SL Jun03 0:40 gvmd: Waiting for incoming connections
gvmd.sock is in /run/
THANKS!
scripts/send-schedule.gmp uses python dateutil https://pypi.org/project/python-dateutil/ at the moment. Clarify if it can be replaced by a python build in library.
Earlier version of gvm-cli
used to expect the CONNECTION_TYPE
before all
other parameters, i.e.:
gvm-cli ssh --gmp-username foo --gmp-password bar --xml '<get_reports/>'
Using the sequence above, the current version of gvm-cli prints a traceback
ending with FileNotFoundError: [Errno 2] No such file or directory: 'foo'
Reordering the paremeters as follows make the call work again:
gvm-cli --gmp-username foo --gmp-password bar ssh --xml '<get_reports/>'
See above in Expected behavior.
gvm-tools: (gvm-cli --version)
gvm-cli 2.0.0b1 (API version 1.0.0b2.dev1)
When I try to run the following code:
with Osp(connection, transform=transform) as osp:
response = osp.get_version()
pretty_print(response)
# It doenst exists autenticate method in osp
#osp.authenticate('admin', 'admin')
# Display scans
scans = osp.get_scans()
pretty_print(scans)
I get this error:
<gmp_response status="400" status_text="Only commands GET_VERSION and COMMANDS are allowed before AUTHENTICATE"/>
I was able to work with Gmp, but it seems Osp only exposes get_version() because for the other functions I need to be authenticated, and there is no way for authenticate.
What I am doing wrong?
hi,I use the command <get_reports id="" format_id="6c248850-1f62-11e1-b082-406186ea4fc5">
but it dosent generate a file ,so I use command <get_reports id="">| tee result.xml
I find one way to generate html file,
cd /usr/share/openvas/openvasmd/report_formats/6c248850-1f62-11e1-b082-406186ea4fc5
then run ./generate ~/result.xml >/temp/result.html
it seems work
is there a esay way to generate the html report?
scripts/update-task-target.gmp updates target of task given UUID of task and CSV of hosts
NOTE: this is a follow-up to issue 187 fixed in 188
scripts/update-task-target.gmp
errors out with TypeError: create_target() got an unexpected keyword argument 'port_list'
user@host:$ gvm-pyshell tls --hostname 127.0.0.1 --port 9390 --gmp-username foo--gmp-password bar ./update-task-target.gmp ./host_file.csv "1ea79218-95ad-4a90-b933-e1c1a72a0cf9"
Traceback (most recent call last):
File "/usr/local/bin/gvm-pyshell", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 325, in main
load(script_name, global_vars)
File "/usr/local/lib/python3.7/dist-packages/gvmtools/pyshell.py", line 352, in load
exec(file, global_vars) # pylint: disable=exec-used
File "", line 129, in
File "", line 124, in main
File "", line 100, in create_target_hosts
File "", line 90, in copy_send_target
TypeError: create_target() got an unexpected keyword argument 'port_list'
gsa: (gsad --version)
Greenbone Security Assistant 7.0.3
gvm: (gvmd --version)
OpenVAS Manager 7.0.3
openvas-scanner: (openvassd --version)
OpenVAS Scanner 5.1.3
gvm-libs:
9.0.3-1+b1
gvm-tools: (gvm-cli --version)
gvm-cli 2.0.0.beta1. API version 1.0.0.beta2
Operating system:
KALI 2019.1a
Installation method / source: (packages, source installation)
Kali repos
GVM via PIP3
Hi,
Could you tell me, is there some script examples for deleting task and reports of openvas?
We have set many tasks and got many reports, and we need to delete them in batch mode.
But the github provided script examples only show how to setup task, but no deleting task.
are gvm-tools run with alle gmp version hosts?
I try gmp.get_version() with version 6.0 and the anser is:
gmp.gvm_connection.GMPError: Bogus command name
Very often I see python exception using the gvm-cli tool.
Every uncatched exception will trigger an new abrt event.
For example:
sudo -u gvmd gvm-cli socket --socketpath /var/run/greenbone/ospd-openvas.sock --xml ""
Traceback (most recent call last):
File "/bin/gvm-cli", line 11, in
load_entry_point('gvm-tools==2.0.0', 'console_scripts', 'gvm-cli')()
File "/usr/lib/python3.6/site-packages/gvmtools/cli.py", line 127, in main
with protocol_class(connection, transform=transform) as protocol:
File "/usr/lib/python3.6/site-packages/gvm/protocols/gmp.py", line 78, in enter
self.connect()
File "/usr/lib/python3.6/site-packages/gvm/protocols/base.py", line 107, in connect
self._connection.connect()
File "/usr/lib/python3.6/site-packages/gvm/connections.py", line 349, in connect
self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied
The will flood the system abrt log/stack.
It will be much better, when the exception of the gvm python library are catched and printed out as an error message.
Currently the README contains several examples of the console applications gvm-cli and gvm-pyshell.
These examples should be simplified in the readme and moved to the sphinx docu. Additionally the docu should get two sections about both of the applications explaining them more in detail.
The documentation should be improved to explain howto write gmp scripts. It should contain several examples and best practices. It should clarify which global object are available and which information they contain.
hi,
I successfully installed openvas and gvm-tools.
cd /usr/local/python3.6.5/bin
run
./gvm-cli socket --gmp-username admin --gmp-password 123456 --sockpath /run/redis/redis.sock --xml "<create_target>Suspect Host10.17.2.137</create_target>"
it return , timed out
and find the User Manuals ,
http://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html#activating-the-gmp-protocol
http://docs.greenbone.net/GSM-Manual/gos-4/en/systemadministration.html#gmp
but I cant find the menu
gvm-cli
raises an exception right while starting with error invalid syntax
Starting gvm-cli
just starts gvm-cli
.
Right while statring gvm-cli
gives an exception with error invalid syntax:
# gvm-cli
Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 11, in <module>
load_entry_point('gvm-tools==2.0.0.dev1', 'console_scripts', 'gvm-cli')()
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 487, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
return ep.load()
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2346, in load
return self.resolve()
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2352, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/local/lib/python2.7/dist-packages/gvm_tools-2.0.0.dev1-py2.7.egg/gmp/clients/cli.py", line 212
'--socketpath instead', file=sys.stderr)
^
SyntaxError: invalid syntax
gsad:
Greenbone Security Assistant 8.0+beta3
GIT revision 3cd5812d6-master
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gvmd:
Greenbone Vulnerability Manager 8.0+beta2
GIT revision 8bc90781-master
Manager DB revision 200
Copyright (C) 2010-2017 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
openvassd:
OpenVAS Scanner 6.0+beta3
GIT revision b1d4ca6-master
Most new code since 2005: (C) 2018 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <[email protected]>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
node:
v11.4.0
redis-server:
Redis server v=5.0.2 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=669dbd6bdc6d120c
Operating system:
Linux gvm10 4.18.0-3-amd64 #1 SMP Debian 4.18.20-2 (2018-11-23) x86_64 GNU/Linux
buster/sid
Installation method / source:
source installation, git checkout
When getting big results with gmp.get_reports and shell_mode=True we get a "huge text node" error.
For example this error.
Error: xmlSAX2Characters: huge text node, line 12679, column 561 (, line 12679)
It seems like lxml don't like big files without a Parser option.
huge_tree - disable security restrictions and support very deep trees and very long text content (only affects libxml2 2.7+) >> lxml.de/parsing.html#parsers
This is the diff for my ugly hack that handles "huge text nodes":
(ovas-mgr) falk@broekn ~/_tmp » diff gvm_connection.py-orig gvm_connection.py
39a40,42
> parser = etree.XMLParser(encoding='utf-8', recover=True, huge_tree=False)
> huge_parser = etree.XMLParser(encoding='utf-8', recover=True, huge_tree=True)
>
108c111,117
< tree = etree.parse(f)
---
> try:
> tree = etree.parse(f, parser)
> except Exception as err:
> if 'huge text node' in err.msg:
> tree = etree.parse(f, huge_parser)
> else:
> raise err
135c144
< parser = etree.XMLParser(encoding='utf-8', recover=True)
---
>
Code to reproduce:
#!/usr/bin/python3
from gmp.gvm_connection import TLSConnection
from config import GVM_HOSTNAME, GVM_PORT, GVM_TIMEOUT, GVM_USER, GVM_PASSWD
# gmp has to be global, so the load-function has the correct namespace
gmp = None
# Huge report in openvas (~14M)
rid ='5b5a5053-da06-4ce7-a2e2-39150f16eb53'
def connect(rid):
global gmp
gmp = TLSConnection(hostname=GVM_HOSTNAME, port=GVM_PORT,
timeout=GVM_TIMEOUT, shell_mode=True)
gmp.authenticate(GVM_USER, GVM_PASSWD)
def get_report(rid):
try:
report = gmp.get_reports(report_id=rid)
r = report
except Exception as e:
print('Error: ' + str(e))
r = None
return r
if __name__ == '__main__':
connect(rid)
r = get_report(rid)
print(r)
As you can see from my code, I'm no python coder and I don't know if this is of any interest, but perhaps it can help somewhat or someone :)
--
Regards Falk
From greenbone/gvmd#73
Hi,
Not sure if this should be reported here, but when querying nvt data over socket with tools gvm-cli and gvm-pyshell, I get errors which I suspect are caused by bad xml in nvt data.
Am I right, or is there something missing in my environment?
NB this only happens when querying some nvts from some of the IT-Grundschutz-* families.
$ gvm-cli socket -c --xml "<get_nvts nvt_oid=\"1.3.6.1.4.1.25623.1.0.94018\" details=\"1\" />"
'utf-8' codec can't decode byte 0xc3 in position 1023: unexpected end of data
And inside the gvm-pyshell, I get:
$ gvm-pyshell socket -c -i
badnvt = gmp.get_nvts(nvt_oid="1.3.6.1.4.1.25623.1.0.94018", details="1")
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 525, in get_nvts
return self.read()
File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 99, in read
self.checkCommandStatus(response)
File "/usr/local/lib/python3.5/dist-packages/gmp/gvm_connection.py", line 136, in checkCommandStatus
status = root.attrib['status']
AttributeError: 'NoneType' object has no attribute 'attrib'
/usr/local/var/log/gvm/gvmd.log:
md main:WARNING:2018-04-15 13h24.00 UTC:10287: read_from_client_unix: failed to read from client: Connection reset by peer
$ gvm-cli --version
gvm-cli 1.3.1
$ gvm-pyshell --version
gvm-pyshell 1.3.1
$ gvmd --version
Greenbone Vulnerability Manager 7.1+beta1
Manager DB revision 190
$ openvassd --version
OpenVAS Scanner 5.2+beta1
$ python3 --version
Python 3.5.2
When downloading an openvas report in raw XML format over gvm-cli socket with the get_reports command, I get a decoding error. As the error points out, this has to do with data decoding mismatch it seems. See:
$ gvm-cli socket -c --xml "<get_reports report_id=\"795ecf96-7957-4553-a203-30affa1e34e0\" format_id=\"a994b278-1f62-11e1-96ac-406186ea4fc5\"/>"
Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 11, in <module>
load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
File "/usr/local/lib/python3.6/dist-packages/gmp/clients/gvm_cli.py", line 213, in main
result = gvm.read()
File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 103, in read
response = self.readAll()
File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 973, in readAll
response += data.decode()
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 1023: unexpected end of data
I looked at gvm_connection.py, line 973, which reads:
response += data.decode()
I did some hacking around and then changed line 973 to:
response += data.decode('latin-1')
Then everything worked fine and the download will finish successfully. Looks to me there is some encoding/decoding mismatch here. My environment is all standard utf-8 (LANG=en_US.UTF-8). There seems to be no encoding settings available for openvassd, nor in gvm-cli or ~/.config/gvm-tools.conf.
Is it the case that data/reports from openvas are returned in mixed encoding, some in utf-8, some in latin-1?
I don't get this problem when viewing the same report/results in the gsad GUI.
gsa: (gsad --version)
Greenbone Security Assistant 8.0+beta2
GIT revision d1a83ab88-master
gvm: (gvmd --version)
Greenbone Vulnerability Manager 8.0+beta1
GIT revision 3691c0ad-master
openvas-scanner: (openvassd --version)
OpenVAS Scanner 6.0+beta2
GIT revision a13b0f7-master
gvm-libs:
~/gvm-libs$ git log
commit 58248fdd4752e6073ada8497996a29572b41b10b (HEAD -> master, origin/master, origin/HEAD) ...
gvm-tools: (gvm-cli --version)
gvm-cli 1.4.1
Operating system:
$ uname -a
Linux 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Installation method / source: (packages, source installation)
From source following INSTALL
/usr/local/var/log/gvm/gvmd.log:
md main:WARNING:2018-09-14 10h14.06 UTC:11191: read_from_client_unix: failed to read from client: Connection reset by peer
In https://github.com/greenbone/gvm-tools/blob/master/gmp/gvm_connection.py#L953
# Todo: Why does the sleep helps here? Sometimes it will break # here because the message is missing some bytes at the end. # Same script and with tls or ssh, then it works flawless without # "sleep()"
time.sleep(0.000001)
it is already indicated that reading from the unix socket doesn't work reliable. Having to use some sleep timer is always an indicator for flaky behavior.
The Problem with the code here is reading from the socket is aborted if the size of the read data is smaller as the buffer size
if len(data) < BUF_SIZE:
break
IMHO this code will break if gvm-tools will read the data faster then gvmd will send it to the socket. It will even become more unreliable if the os/interpreter/framework is using some internal buffering. This already happened to me with a nodejs based implementation.
The solution would be to read the first chunk of data from the socket and extract the opening root xml element e.g. <get_tasks_response>
. Afterwards the client code must read from the socket until the closing root element arrived e.g. </get_tasks_response>
. Also don't forget to add a timer for reading to abort if the server didn't send an answer in time.
I tried to install the gvm-tools with the specified command,
whereupon this error message came: "Could not find a version that satisfies the requirement gvm-tools (from versions: )
No matching distribution found for gvm-tools"
This is because pip uses python 2.7, but for the gvm tools and their installation you need pip over python 3. This means in turn that the command must read as follows: "pip3 install --user gvm-tools"
I found a solution on community.greenbone.net where a customer opened a case for it. It got solved, but it would be nice if this solution could be published in this installation guide that noone gets this issue anymore.
On the python pip repo, only the old version 2.1.0 is proved.
The new 20.10.0 version is missing here.
After gmp-20.08, CREATE_TARGET will need PORT_LIST or PORT_RANGE.
Then I can't create scan job by using it.
I modified the "scan-new-system.gmp.py" for supporting PORT_LIST_ID with argument, then it worked fine(see as below).
Current scan-new-system.gmp.py does not have PORT_LIST or PORT_RANGE on the argument.
When I ran "scan-new-system.gmp.py" with gvm-script, I have error as below;
Response Error 400. One of PORT_LIST and PORT_RANGE are required
/usr/local/bin/gvm-script --gmp-username admin --gmp-password [PASS] tls --port=9390 --host=127.0.0.1 /data/gvm-tools/scripts/scan-new-system.gmp.py [HOST]
Response Error 400. One of PORT_LIST and PORT_RANGE are required
gsa: (gsad --version)
20.08.0
gvm: (gvmd --version)
20.08.0
gvm-tools: (gvm-cli --version)
gvm-cli 2.1.0 (API version 1.6.0)
Operating system:
Debian buster
Installation method / source: (packages, source installation)
GVM-Docker
Response Error 400. One of PORT_LIST and PORT_RANGE are required
gvm-tools to be installed
Are not installed via various ways
Install thru git clone fails, there's no setup.py in the root.
$cd /opt/gvm/src
$git clone https://github.com/greenbone/gvm-tools.git
$pip install -e /opt/gvm/src/gvm-tools
Directory '/opt/gvm/src/gvm-tools' is not installable. File 'setup.py' not found.
Install thru pip repository fails
$pip install gvm-tools
Collecting gvm-tools
Could not find a version that satisfies the requirement gvm-tools (from versions: )
No matching distribution found for gvm-tools
I'm having an issue trying to set the "Consider Alive" when creating a target through Python API:
target = gmp.create_target(f"{target_ip}_target", hosts=[target_ip], port_range=target_ports, alive_test="Consider Alive")
I get:
gvm.errors.InvalidArgument: Invalid argument alive_test for create_target
Any ideas ?
gvm-pyshell puts all of its globals into the scope of the interactive shell and gmp scripts while calling exec. This should be reduced to only pass the pretty function (which then can be moved out of the pyshell module possibly), Gmp instance and the scripts arguments.
Before changing the exec call we must ensure that all our existing gmp scripts don't require other globals and fix them.
gvm-cli doesn't provide issue details in the cli output. Exporting this from the web works and holds the data. Same filters are applied.
The rest of the XML looks fine, it is just missing the detailed information of the issues.
I have tried various outputs, none of them give me the details or the report (pdf holds no base64 either).
This is the command ran: gvm-cli -X '<get_reports report_id="3f9578eb-ae8c-410b-b8ac-212093bda557" filter="apply_overrides=0 levels=hml min_qod=50 first=1 rows=1000 details=1 sort=name ignore_pagination=1" format_id="a994b278-1f62-11e1-96ac-406186ea4fc5"/>'
This is the full output for scanme.nmap.org:
<?xml version="1.0"?> <get_reports_response status="200" status_text="OK"> <report id="3f9578eb-ae8c-410b-b8ac-212093bda557" format_id="a994b278-1f62-11e1-96ac-406186ea4fc5" extension="xml" content_type="text/xml"> <owner> <name>Admin</name> </owner> <name>2020-06-18T13:22:06Z</name> <comment/> <creation_time>2020-06-18T13:22:06Z</creation_time> <modification_time/> <writable>0</writable> <in_use>0</in_use> <task id="f71f45f0-203e-4aca-925e-8c6ff36b120d"> <name>scanme.nmap.org</name> </task> <report_format id="a994b278-1f62-11e1-96ac-406186ea4fc5"> <name>XML</name> </report_format> <report id="3f9578eb-ae8c-410b-b8ac-212093bda557"> <gmp> <version>9.0</version> </gmp> <sort> <field>name<order>ascending</order></field> </sort> <filters id=""> <term>apply_overrides=0 levels=hml min_qod=50 first=1 rows=1000 details=1 sort=name ignore_pagination=1</term> <filter>High</filter> <filter>Medium</filter> <filter>Low</filter> <keywords> <keyword> <column>apply_overrides</column> <relation>=</relation> <value>0</value> </keyword> <keyword> <column>levels</column> <relation>=</relation> <value>hml</value> </keyword> <keyword> <column>min_qod</column> <relation>=</relation> <value>50</value> </keyword> <keyword> <column>first</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>rows</column> <relation>=</relation> <value>1000</value> </keyword> <keyword> <column>details</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>sort</column> <relation>=</relation> <value>name</value> </keyword> <keyword> <column>ignore_pagination</column> <relation>=</relation> <value>1</value> </keyword> </keywords> </filters> <severity_class id="d4c74cda-89e1-11e3-9c29-406186ea4fc5"> <name>nist</name> <full_name>NVD Vulnerability Severity Ratings</full_name> <severity_range> <name>None</name> <min>0.0</min> <max>0.0</max> </severity_range> <severity_range> <name>Low</name> <min>0.1</min> <max>3.9</max> </severity_range> <severity_range> <name>Medium</name> <min>4.0</min> <max>6.9</max> </severity_range> <severity_range> <name>High</name> <min>7.0</min> <max>10.0</max> </severity_range> </severity_class> <scan_run_status>Running</scan_run_status> <hosts> <count>2</count> </hosts> <closed_cves> <count>0</count> </closed_cves> <vulns> <count>8</count> </vulns> <os> <count>0</count> </os> <apps> <count>0</count> </apps> <ssl_certs> <count>0</count> </ssl_certs> <task id="f71f45f0-203e-4aca-925e-8c6ff36b120d"> <name>scanme.nmap.org</name> <comment>scanme.nmap.org</comment> <target id="462b7dba-d980-4211-aad1-e5eb9ea2b39b"> <trash>0</trash> <name>scanme.nmap.org</name> <comment/> </target> <progress>66</progress> </task> <scan> <task/> </scan> <timestamp>2020-06-18T13:21:51Z</timestamp> <scan_start>2020-06-18T13:22:06Z</scan_start> <timezone>Coordinated Universal Time</timezone> <timezone_abbrev>UTC</timezone_abbrev> <result_count>20<full>20</full><filtered>0</filtered><debug><full>0</full><filtered>0</filtered></debug><hole><full>0</full><filtered>0</filtered></hole><info><full>0</full><filtered>0</filtered></info><log><full>18</full><filtered>0</filtered></log><warning><full>2</full><filtered>0</filtered></warning><false_positive><full>0</full><filtered>0</filtered></false_positive></result_count> <severity> <full>5.0</full> <filtered>-99.0</filtered> </severity> <scan_end/> <errors> <count>0</count> </errors> <report_format/> </report> </report> <filters id=""> <term>apply_overrides=0 min_qod=70 first=1 rows=10 sort=name</term> <keywords> <keyword> <column>apply_overrides</column> <relation>=</relation> <value>0</value> </keyword> <keyword> <column>min_qod</column> <relation>=</relation> <value>70</value> </keyword> <keyword> <column>first</column> <relation>=</relation> <value>1</value> </keyword> <keyword> <column>rows</column> <relation>=</relation> <value>10</value> </keyword> <keyword> <column>sort</column> <relation>=</relation> <value>name</value> </keyword> </keywords> </filters> <sort> <field>name<order>ascending</order></field> </sort> <reports start="1" max="1000"/> <report_count>2<filtered>1</filtered><page>1</page></report_count> </get_reports_response>
so we don't need external dependencies for the scripts.
implement using python standard library.
ssh_credential should be considered as parameter
ssh_credential is not recognizing as parameter
gsa: (gsad --version)
Greenbone Security Assistant 7.0.3
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gvm: (gvmd --version)
openvasmd --version
OpenVAS Manager 7.0.3
Manager DB revision 184
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
openvas-scanner: (openvassd --version)
openvassd --version
OpenVAS Scanner 5.1.3
Most new code since 2005: (C) 2016 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison [email protected]
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gvm-libs:
gvm-script
gvm-tools: (gvm-cli --version)
gvm-cli --version
gvm-cli 2.0.0 (API version 1.0.0)
UBUNTU
git hub
Sending targets...
{'name': 'Template', 'hosts': '127.0.0.1', 'exclude_hosts': None, 'ssh_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3', 'port': '22'}, 'smb_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3'}, 'esxi_credential': {'id': '3ffecd7a-c6e3-499f-9220-83f5191f7fc3'}, 'port_range': 'T:22,80,443,2301,9920,9960,12443,U:22,80,443,2301,9920,9960,12443', 'port_list_id': 'f34642aa-e335-4781-81ed-2f2b58d1c195'}
Traceback (most recent call last):
File "/usr/local/bin/gvm-script", line 11, in <module>
sys.exit(main())
File "/usr/local/lib/python3.6/dist-packages/gvmtools/script.py", line 119, in main
run_script(args.scriptname, global_vars)
File "/usr/local/lib/python3.6/dist-packages/gvmtools/helper.py", line 145, in run_script
exec(file, global_vars) # pylint: disable=exec-used
File "<string>", line 166, in <module>
File "<string>", line 160, in main
File "<string>", line 145, in parse_send_xml_tree
TypeError: create_target() got an unexpected keyword argument 'ssh_credential'
The functions
def create_task(self, name, config_id, target_id, scanner_id, comment='')
gvm_tools/gmp/gvm_connection.py
and
def createTaskCommand(self, name, config_id, target_id, scanner_id, comment='')
gvm_tools/gmp/gmp.py
do not allow the usage of an alert_id or alerts in general.
Also I can not recognize regarding its code how to invoke the function
def createAlertCommand(self, name, condition, event, method, filter_id='', copy='', comment='')
gvm_tools/gmp/gmp.py
respectively
def create_alert(self, name, condition, event, method, filter_id='', copy='', comment='')
gvm_tools/gmp/gvm_connection.py
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.