So I ran a scan on multiple hosts and got more than 1000 results.
however when using get_results(result_id=…) i only get maximum of 1000 results.
i tried adding a filter to the get_results function with ignore_pagination=1 but that didn’t help.
I understand that it was does in order to prevent users from downloading too much data and crash their system but if so, how would i get all the results in batches?
bricks
March 10, 2021, 5:51pm
2
It is not possible to get more results or other entities then 1000. It is a hardcoded maximum. It is just possible to get more then 1000 results with ignore_pagination when requesting a single report.
1 Like
Try like here, it is working.
gmp version: 22.4
code:
gmp.authenticate(username, password)
# query families
families = gmp.get_nvt_families()
# print(etree.tostring(families, pretty_print=True).decode())
pretty_print(families)
for family in families.xpath('//family'):
logging.info('== {} ==== total={:4} ==========='.format(family.find('name').text, family.find('max_nvt_count').text))
fs = 'family="{}"'.format(family.find('name').text)
nvts = gmp.get_nvts(filter_string=fs)
# pretty_print(nvts)
total = int(nvts.xpath('//filtered')[0].text)
rows = 1000
count = 0
# traverse all nvts
for i in range(math.ceil(total/rows)):
first = i*rows
page_info = "and rows={} and first={}".format(rows, first)
nvts = gmp.get_nvts(filter_string = fs + page_info)
# query one page nvts, 0~999, 1~1999, 2~2999
# pretty_print(nvts)
for nvt in nvts.xpath('//info/nvt'):
# pretty_print(nvt)
try:
name = nvt.find('name').text
score = nvt.find('severities').get('score')
qod = nvt.find('qod').find('value').text
logging.info("-- {}/{} {} score={} qod={}".format(count,total, name, score, qod))
count += 1
except:
pretty_print(nvts)
print("-------------------------------------------")
pretty_print(nvt)
raise
log:
2023-01-31 14:08:06,492 INFO: -- 3170/3174 CentOS Update for yelp CESA-2013:0271 centos5 score=9.3 qod=97
2023-01-31 14:08:06,492 INFO: -- 3171/3174 CentOS Update for yelp CESA-2013:0271 centos6 score=9.3 qod=97
2023-01-31 14:08:06,492 INFO: -- 3172/3174 CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6 score=8.1 qod=97
2023-01-31 14:08:06,492 INFO: -- 3173/3174 CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2285 centos7 score=8.1 qod=97
2023-01-31 14:08:06,492 INFO: -- 3174/3174 CentOS Update for yum-updatesd CESA-2014:1004 centos5 score=5.0 qod=97
2023-01-31 14:08:06,492 INFO: == CISCO ==== total=650 ===========
2023-01-31 14:08:12,717 INFO: -- 0/650 Cisco Access Control System Stored Cross-Site Scripting Vulnerability score=5.4 qod=97
2023-01-31 14:08:12,721 INFO: -- 1/650 Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability score=7.5 qod=80
bricks
January 31, 2023, 7:13am
4
It doesn’t work for nvt families and nvts. These are limited to 1000 entities in the response.
Just for results in a report you are able to get more then 1000 results.
2 Likes