Struggeling with Metasploit

Used GCE version: 6.0.10

Dear,

For a school assignment, I am playing around with OpenVAS.
I’ve installed the Greenbone VM (https://files.greenbone.net/download/VM/gsm-ce-6.0.10.iso). The webscanner is working fine.

But for some automation/scripting I want to use the OpenVAS scanner in Metasploit. I’ve seen this is possible using openvas_connect.
In the msfconsole I use: “openvas_connect admin password 192.168.6.133 9390 ok”, but I get this error:

I am using Metasploit on Parrot Linux, but on Kali also no succes.
When I scan with nmap on 192.168.6.133 on port 9390 the port is closed. I think that’s the problem, but don’t know how to solve.

I hope someone can help me. I am stuck on trying to connect via Metasploit for hours now.

Thanks in advance.

The GCE doesn’t provide such an API to connect:

Please also note that Greenbone isn’t involved in this Metasploit connector and the state of this connector (especially in connection with recent GVM versions using GMP instead of OMP) is unknown.

2 Likes

Thanks for the reply. So there is no way to command-line scan (in this edition)?

You can use GMP to script a scan.

In the community edition, I can start a scan using SSH locally, right?
That would be okay for me.

Can I also create new scan tasks (like I can do in the webinterface).

In SSH I only see 2 potentially candidates for CLI scanning:
/usr/sbin/openvas
and
/usr/sbin/gvmd

On the help page of both I don’t actually see the possibility to create a new scan task. Correct me if I am wrong.
Have some advice on this?

Thanks in advance :slight_smile:

No, starting scans using SSH locally isn’t possible (There is also a similar and recent discussion for the GSE at How can I scan from terminal? - Greenbone Community Edition - Greenbone Community Forum).

The only possibility to start / run scans outside of the GSA Web GUI is using the GMP API which isn’t available on the GCE.