How i make a download of a report in xml format

Hello everyone, I want to automate the process of downloading reports in xml format, I’m using this python script that i created:

from urllib import response
from gvm.connections import UnixSocketConnection
from gvm.protocols.gmp import Gmp

path to unix socket

path = ‘/var/run/gvmd/gvmd.sock’
connection = UnixSocketConnection(path=path)

report_id=“69e84e66-d2a8-4c19-8e11-3992dbfa7b8b”
format_id=“a994b278-1f62-11e1-96ac-406186ea4fc5”

using the with statement to automatically connect and disconnect to gvmd

with Gmp(connection=connection) as gmp:
# get the response message returned as a utf-8 encoded string

response1 = gmp.authenticate('admin', '724d8f07-14b5-42a2-92bd-4c78e0aba953')
response = gmp.get_reports()


# print the response message
print(response1)
print(response)

And it works, but it gives me back a http 200 code response but does not do the download

The documentation i’ve used:

https://python-gvm.readthedocs.io//downloads/en/stable/pdf/
https://pypi.org/project/gvm-tools/#gvm-pyshell
https://gvm-tools.readthedocs.io/
/downloads/en/stable/pdf/
https://python-gvm.readthedocs.io/en/latest/#the-api-documentation
https://python-gvm.readthedocs.io/en/latest/index.html
Examples from Github and more.

Thanks for the attention ! :slight_smile:

Hi @reTr0_0 and welcome to the forum :slight_smile:

I’ve moved this into Greenbone Community Edition for better visibility.

Hi, I am not sure what you really want to do. If you get a HTTP response you are doing something wrong of course :wink: . HTTP is the wrong protocol.

Please take a look at the GMP get_reports XML to understand what’s returned here. Also it’s best to follow https://python-gvm.readthedocs.io/en/latest/usage.html#using-gmp which gives you a short example on using the GMP object. And at https://github.com/greenbone/gvm-tools/blob/main/scripts/export-pdf-report.gmp.py you can find a GMP script to download a singe report as PDF. Maybe that is helpfull too.

2 Likes

Hi bricks, first of all thanks for your time and attention.

I want to create a Linux command using gvm-cli or a python script that with just the report id i could make download of a report of a task in xml format.

So the code that i coded is based in the script of the GitHub(“download a single report as PDF”).
And the output of the code is just the HTTP 200 code with the HTML code, but does not download any report:
<get_reports_response status=“200” status_text=“OK”>admin2022-08-10T09:59:18Z<creation_time>2022-08-10T09:59:18Z</creation_time><modification_time>2022-08-10T10:05:00Z</modification_time>0<in_use>0</in_use>Teste3 - 127.0.0.321.4nameascendingapply_overrides=0 min_qod=70 first=1 rows=10 sort=nameHighMediumLowLogapply_overrides=0min_qod=70first=1rows=10sort=name<scan_run_status>Stopped</scan_run_status>1<closed_cves>0</closed_cves>700<ssl_certs>0</ssl_certs>Teste3 - 127.0.0.3Este é o teste tres.0Teste3 - 127.0.0.3Este é o teste tres.962022-08-10T09:58:56Z<scan_start>2022-08-10T09:59:18Z</scan_start>Coordinated Universal Time<timezone_abbrev>UTC</timezone_abbrev><result_count>88800008800<false_positive>00</false_positive></result_count>0.00.0<scan_end>2022-08-10T10:05:00Z</scan_end>0admin2022-08-10T15:30:38Z<creation_time>2022-08-10T15:30:38Z</creation_time><modification_time>2022-08-10T15:32:37Z</modification_time>0<in_use>0</in_use>Teste1 - 127.0.0.121.4nameascendingapply_overrides=0 min_qod=70 first=1 rows=10 sort=nameHighMediumLowLogapply_overrides=0min_qod=70first=1rows=10sort=name<scan_run_status>Stopped</scan_run_status>1<closed_cves>0</closed_cves>100<ssl_certs>0</ssl_certs>Teste1 - 127.0.0.1Este é o teste um.0Teste1 - 127.0.0.1Este é o teste um.02022-08-10T15:30:19Z<scan_start>2022-08-10T15:30:38Z</scan_start>Coordinated Universal Time<timezone_abbrev>UTC</timezone_abbrev><result_count>77700007700<false_positive>00</false_positive></result_count>0.00.0<scan_end>2022-08-10T15:32:37Z</scan_end>0apply_overrides=0 min_qod=70 first=1 rows=10 sort=nameapply_overrides=0min_qod=70first=1rows=10sort=namenameascending<report_count>222</report_count></get_reports_response>

Another things that i don’t understand is that in my python script when i use response = gmp.get_reports(), it works but if i put arguments in the response = gmp.get_reports(arguments) the error output is “TypeError: ReportsMixin.get_reports() takes 1 positional argument but 2 were given”, and in the github example its given more arguments “response = gmp.get_report(
report_id=report_id, report_format_id=pdf_report_format_id
)”


I viewed the links you send so i did this commands:

gvm-cli --gmp-username admin --gmp-password 724d8f07-14b5-42a2-92bd-4c78e0aba953 socket --socketpath /var/run/gvmd/gvmd.sock --xml “<get_report report_id=‘69e84e66-d2a8-4c19-8e11-3992dbfa7b8b’/>”

And the output is:

ERROR:gvmtools.cli:Response Error 400. Bogus command name


And:
gvm-cli --gmp-username admin --gmp-password 724d8f07-14b5-42a2-92bd-4c78e0aba953 socket --socketpath /var/run/gvmd/gvmd.sock --xml “<get_report report_id=‘69e84e66-d2a8-4c19-8e11-3992dbfa7b8b’ format_id=‘a994b278-1f62-11e
1-96ac-406186ea4fc5’/>”

and the outputs is:

ERROR:gvmtools.cli:Response Error 400. Bogus command name

there is no get_report command. See here, you need to use the get_reports command. :slight_smile:

Using get_reports with an ID, like you did, will return you a single report, as you want.

1 Like

Hi y0urself, thanks for the help, seems like that was the problem.
But now i have another, im trying to convert the xml report to docx, and the report that i downloaded form the gui show me only the vulnerabilities, in my case a medium one, but when download the same report from my script only shows me vulnerabilities risk none. I changed the filter using the final_answer.replace(‘apply_overrides=0 min_qod=70 first=1 rows=10 sort=name’, ‘apply_overrides=0 levels=hml rows=1000 min_qod=70 first=1 sort-reverse=severity notes=1 overrides=1’), but still does not change nothing.
Im seeding the good and bad report in docx format and in xml fomat to show how is the output
if you could give any tips, i would be grateful
teste1-bom.xml (193.8 KB)
teste1-bom.docx (55.2 KB)
teste1-mau2.xml (216.9 KB)
teste1-mau2.docx (64.6 KB)