Metasploit connect

Hi,

Might be a stupid question, but I am quite confused with Greenbone Security Manager, OpenVAS, etc.

Yesterday I have downloaded and installed GCE from here: https://www.greenbone.net/en/install_use_gce/

Connected it to the internet and everything works just fine. It is able to download updates, etc. However, I have installed it to connect to Metasploit. Internet suggests that OpenVAS should be listening on some 939* ports, depending on the version, but I have scanned all ports using NMAP and only 22, 80 and 443 are open. Now I’m wondering whether I have installed right version of OpenVAS, or I did something totally wrong. Could someone suggest on this matter please?

Thanks a lot in advance and apologies for stupid question.

Lev

9392 is the fallback port if port 80 can’t be assigned e.g. if the http daemon doesn’t have the permissions to acquire it or the port is already used.

In your case because you are using our Greenbone Community Edition VM port 80 (http) will redirect to port 443 (https) automatically.

2 Likes

Hi,

Thanks for your answer. I have tried connecting to 443 and 80, but the result is the same :frowning:

msf5 > openvas_connect admin password 159.122.129.184 80 ok
[*] Connecting to OpenVAS instance at 159.122.129.184:80 with username admin...
[-] Error while running command openvas_connect: uninitialized constant OpenVASOMP::OMPConnectionError

Call stack:
/usr/share/metasploit-framework/plugins/openvas.rb:195:in `rescue in cmd_openvas_connect'
/usr/share/metasploit-framework/plugins/openvas.rb:189:in `cmd_openvas_connect'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:523:in `run_command'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:474:in `block in run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:468:in `each'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:468:in `run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:158:in `run'
/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
/usr/bin/msfconsole:49:in `<main>'

Any idea?

Thanks
Lev

I am not sure what you are trying to do here…

Port 443 provides the graphical interface called GSA and not an API.

1 Like

That was for OpenVAS 5, so OMP is no longer supported, maybe you can inform the Maintainer of the bridge to update the API and integration to a supported version.

Additional the GCE does not support any API, you need a real appliance or build your own GVM form the source for GMP.

1 Like

Hi,

Yeah, I have reinstalled OpenVAS on CentOS rather than virtual appliance and now port is open, but still could not connect. Probably dues to an old connector or something, as you mentioned.

Thanks
Lev

This is a known bug here the Metasploit Information:

2 Likes

Something wrong happened with this thread - cannot see posts :frowning: I can only see that you mentioned it is a known bug in Metasploit. :upside_down_face:

Lukas posted a link to the respective github issue.

If you can’t see or click it, try this:

https://github.com/rapid7/metasploit-framework/issues/11851

1 Like

Well, seems like this is not exactly the case. Link Lucas posted is about importing OpenVAS report into Metasploit. In my case I could not even connect OpenVAS to Metasploit. Also the version of Metasploit is different in my case.

Therefore it is not a GCE topic, i move it onto the GSE region. Please note OMP is discontinued and no longer available, you need to speak GMP to your GVM installation.

2 Likes