Sample script to save and initiate a scan

jessa · February 26, 2019, 9:22am

Hello All,
I have followed the instruction on this page for initiating scans, https://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html
I run this script,
gvm-cli ssh --gmp-username admin --gmp-password admin123
–hostname 9.x.x.x \ --xml “<create_target>Suspect Host \ $IPADDRESS</create_target>”

and my results are,
File “/usr/lib/python3.4/site-packages/gvm/connections.py”, line 206, in connect
look_for_keys=False)
File “/usr/lib/python3.4/site-packages/paramiko/client.py”, line 380, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, gss_host)
File “/usr/lib/python3.4/site-packages/paramiko/client.py”, line 621, in _auth
raise saved_exception
File “/usr/lib/python3.4/site-packages/paramiko/client.py”, line 608, in _auth
self._transport.auth_password(username, password)
File “/usr/lib/python3.4/site-packages/paramiko/transport.py”, line 1272, in auth_password
return self.auth_handler.wait_for_response(my_event)
File “/usr/lib/python3.4/site-packages/paramiko/auth_handler.py”, line 208, in wait_for_response
raise e
paramiko.ssh_exception.AuthenticationException: Authentication failed.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/bin/gvm-cli”, line 11, in
load_entry_point(‘gvm-tools==2.0.0b1’, ‘console_scripts’, ‘gvm-cli’)()
File “/usr/lib/python3.4/site-packages/gvmtools/cli.py”, line 251, in main
gvm.authenticate(args.gmp_username, args.gmp_password)
File “/usr/lib/python3.4/site-packages/gvm/protocols/gmpv7.py”, line 210, in authenticate
self._send(cmd.to_string())
File “/usr/lib/python3.4/site-packages/gvm/protocols/base.py”, line 62, in _send
self.connect()
File “/usr/lib/python3.4/site-packages/gvm/protocols/base.py”, line 98, in connect
self._connection.connect()
File “/usr/lib/python3.4/site-packages/gvm/connections.py”, line 214, in connect
raise GvmError(‘SSH Connection failed’, e)
gvm.errors.GvmError: (‘SSH Connection failed’, AuthenticationException(‘Authentication failed.’,))

Im not sure what this means

Thanks for the help

bricks · February 26, 2019, 9:27am

Hi,

I suppose you are not trying to connect to a Greenbone GSM product. In that case you need a to use a different connection type. If the openvasmd/gvmd is on the same host as gvm-cli you should use the unix socket connection.

jessa · February 26, 2019, 9:46am

Thank you, I checked the openvas installation an noticed that the redis-server was not started so I started it.

Now, Im using ‘gvm-cli socket’ instead of the ssh one, and got another error that is related to the IP address.

Traceback (most recent call last):
File “/usr/bin/gvm-cli”, line 11, in
load_entry_point(‘gvm-tools==2.0.0b1’, ‘console_scripts’, ‘gvm-cli’)()
File “/usr/lib/python3.4/site-packages/gvmtools/cli.py”, line 177, in main
args = parser.parse_args(remaining_args)
File “/usr/lib64/python3.4/argparse.py”, line 1728, in parse_args
args, argv = self.parse_known_args(args, namespace)
File “/usr/lib64/python3.4/argparse.py”, line 1760, in parse_known_args
namespace, args = self._parse_known_args(args, namespace)
File “/usr/lib64/python3.4/argparse.py”, line 1948, in _parse_known_args
positionals_end_index = consume_positionals(start_index)
File “/usr/lib64/python3.4/argparse.py”, line 1925, in consume_positionals
take_action(action, args)
File “/usr/lib64/python3.4/argparse.py”, line 1834, in take_action
action(self, namespace, argument_values, option_string)
File “/usr/lib64/python3.4/argparse.py”, line 1129, in call
subnamespace, arg_strings = parser.parse_known_args(arg_strings, None)
File “/usr/lib64/python3.4/argparse.py”, line 1760, in parse_known_args
namespace, args = self._parse_known_args(args, namespace)
File “/usr/lib64/python3.4/argparse.py”, line 1948, in _parse_known_args
positionals_end_index = consume_positionals(start_index)
File “/usr/lib64/python3.4/argparse.py”, line 1925, in consume_positionals
take_action(action, args)
File “/usr/lib64/python3.4/argparse.py”, line 1818, in take_action
argument_values = self._get_values(action, argument_strings)
File “/usr/lib64/python3.4/argparse.py”, line 2258, in _get_values
value = self._get_value(action, arg_string)
File “/usr/lib64/python3.4/argparse.py”, line 2287, in _get_value
result = type_func(arg_string)
FileNotFoundError: [Errno 2] No such file or directory: ‘9.x.x.x’

In the instruction, it says that " If the IP address is saved in the variable IPADDRESS the respective target can be created with the following command:"

Isnt this command the saving of my 9.x IP address to the variable IPADDRESS? Or I should save my IP address on a certain file or create one?

Thank you

bricks · February 26, 2019, 10:11am

This error may be caused by gvm-cli not being able to find the unix socket. Please take a look at the socketpath argument. The unix socket doesn’t take the same arguments as ssh and can only be used at the same host.

jessa · February 27, 2019, 7:35am

As per checking the openvas-check-setup,
‘redis-server is running and listening on socket: /tmp/redis.sock’

Im not sure if this is the correct path it should listen to?
Thanks

bricks · February 27, 2019, 8:34am

The redis socket is not the socket for openvasmd/gvmd. Only the openvas scanner is using the redis socket. gvm-cli needs to talk to openvasmd/gvmd. The socket location depends on your installation method. If you are using packages from your distribution it’s likely to be found under /var. Try to use

find /var -name "*md.sock"

jessa · February 27, 2019, 8:51am

Okay, thanks for that.

For the
find /var -name “*md.sock”

It does not return any, so I guess I dont have that.

BTW, Im using rhel7 and I installed the gvm-tools using pip3

jessa · February 27, 2019, 9:00am

Oh I found it now,

it is in /run/openvasmd.sock

bricks · February 27, 2019, 9:01am

As I said it’s distribution depended and distributions have different opinions about the directory layout

jessa · February 27, 2019, 9:21am

Im confused where to insert the --socketpath /run/openvasmd/sock on my command

Is this correct?

gvm-cli socket --gmp-username admin --gmp-password admin123 --socketpath /run/openvasmd.sock
–host 192.168.130.99
–xml “<create_target>Suspect Host
$IPADDRESS</create_target>”

Its still the same error as the last one –

For some reason, the <name, <hosts,, is not showing on the reply but it is there

bricks · February 27, 2019, 9:28am

I am not sure where the ‘9.x.x.x’ comes from

Could you try the simple command

gvm-cli socket --socketpath /run/openvasmd.sock --xml "<get_version/>"

It should return the used GMP version.

jessa · February 27, 2019, 9:30am

Sorry, it was supposed to be the 192.168.130.99 IP address, not 9.x.x anymore.

It is perfectly running, output is
<get_version_response status=“200” status_text=“OK”>7.0</get_version_response>

jessa · February 27, 2019, 9:36am

complete command is,

 gvm-cli socket --socketpath /run/openvasmd.sock --gmp-username admin --gmp-password admin123 \
    --host 192.168.130.99  \
    --xml "<create_target><name>Suspect Host</name> \
    <hosts>$IPADDRESS</hosts></create_target>"

bricks · February 27, 2019, 9:37am

Ok you are able to connect to openvasmd and to run GMP commands. A fist step

This argument is ignored for the socket connection type. Are you trying to script the gvm-cli calls? I suppose the IPADDRESS shell variable contains some unexpected content. Not sure which value you are setting IPADDRESS to.

Maybe writing a gmp script would be easier for you use case?