Remote control your Greenbone Vulnerability Manager (GVM)

Overview

Greenbone Logo

Greenbone Vulnerability Management Tools

GitHub releases PyPI release Scrutinizer Code Quality code test coverage Build and test

The Greenbone Vulnerability Management Tools gvm-tools are a collection of tools that help with remote controlling a Greenbone Security Manager (GSM) appliance and its underlying Greenbone Vulnerability Management (GVM) framework. The tools aid in accessing the communication protocols GMP (Greenbone Management Protocol) and OSP (Open Scanner Protocol).

This module is comprised of interactive and non-interactive clients. The programming language Python is supported directly for interactive scripting. But it is also possible to issue remote GMP/OSP commands without programming in Python.

Table of Contents

Documentation

The documentation for gvm-tools can be found at https://gvm-tools.readthedocs.io/. Please refer to the documentation for more details as this README just gives a short overview.

Installation

See the documentation for all supported installation options.

Version

Please consider to always use the newest version of gvm-tools and python-gvm. We freqently update this projects to add features and keep them free from bugs. This is why installing gvm-tools using pip is recommended.

To use gvm-tools with an old GMP version (7, 8, 9) you must use a release version that is <21.06, combined with an python-gvm version <21.05. In the 21.06 release the support of these older versions has been dropped.

Requirements

Python 3.7 and later is supported.

Install using pip

You can install the latest stable release of gvm-tools from the Python Package Index using pip:

pip install --user gvm-tools

Usage

There are several clients to communicate via GMP/OSP.

All clients have the ability to build a connection in various ways:

* Unix Socket
* TLS Connection
* SSH Connection

gvm-cli

This tool sends plain GMP/OSP commands and prints the result to the standard output.

Examples

Return the current protocol version used by the server:

" ">
gvm-cli socket --xml "
   "

Return all tasks visible to the GMP user with the provided credentials:

" ">
gvm-cli --gmp-username foo --gmp-password bar socket --xml "
   "

Read a file with GMP commands and return the result:

gvm-cli --gmp-username foo --gmp-password bar socket myfile.xml

Note that gvm-cli will by default print an error message and exit with a non-zero exit code when a command is rejected by the server. If this kind of error handling is not desired, the unparsed XML response can be requested using the --raw parameter:

" ">
gvm-cli socket --raw --xml "
   "

gvm-script

This tool has a lot more features than the simple gvm-cli client. You have the possibility to create your own custom gmp or osp scripts with commands from the python-gvm library and from Python 3 itself.

Example script

# Retrieve current GMP version
version = gmp.get_version()

# Prints the XML in beautiful form
from gvmtools.helper import pretty_print
pretty_print(version)

# Retrieve all tasks
tasks = gmp.get_tasks()

# Get names of tasks
task_names = tasks.xpath('task/name/text()')
pretty_print(task_names)

More example scripts

There is a growing collection of gmp-scripts in the "scripts/" folder. Some of them might be exactly what you need and all of them help writing your own gmp scripts.

gvm-pyshell

This tool is for running gmp or osp scripts interactively. It provides the same API as gvm-script using the python-gvm library.

Example program use

Connect with given credentials via a unix domain socket and open an interactive shell:

gvm-pyshell --gmp-username user --gmp-password pass socket

Connect through SSH connection and open the interactive shell:

gvm-pyshell --hostname 127.0.0.1 ssh

Support

For any question on the usage of gvm-tools or gmp scripts please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub.

Maintainer

This project is maintained by Greenbone Networks GmbH.

Contributing

Your contributions are highly appreciated. Please create a pull request on GitHub. For bigger changes, please discuss it first in the issues.

For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip

pip install --user poetry

Afterwards run

poetry install

in the checkout directory of gvm-tools (the directory containing the pyproject.toml file) to install all dependencies including the packages only required for development.

Afterwards active the git hooks for auto-formatting and linting via autohooks.

poetry run autohooks activate --force

License

Copyright (C) 2017-2021 Greenbone Networks GmbH

Licensed under the GNU General Public License v3.0 or later.

Comments
  • UnicodeDecodeError: 'utf-8' codec can't decode

    UnicodeDecodeError: 'utf-8' codec can't decode

    When downloading an openvas report in raw XML format over gvm-cli socket with the get_reports command, I get a decoding error. As the error points out, this has to do with data decoding mismatch it seems. See:

    $ gvm-cli socket -c --xml "<get_reports report_id=\"795ecf96-7957-4553-a203-30affa1e34e0\" format_id=\"a994b278-1f62-11e1-96ac-406186ea4fc5\"/>"
    Traceback (most recent call last):
      File "/usr/local/bin/gvm-cli", line 11, in <module>
        load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
      File "/usr/local/lib/python3.6/dist-packages/gmp/clients/gvm_cli.py", line 213, in main
        result = gvm.read()
      File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 103, in read
        response = self.readAll()
      File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 973, in readAll
        response += data.decode()
    UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 1023: unexpected end of data
    

    I looked at gvm_connection.py, line 973, which reads: response += data.decode()

    I did some hacking around and then changed line 973 to: response += data.decode('latin-1')

    Then everything worked fine and the download will finish successfully. Looks to me there is some encoding/decoding mismatch here. My environment is all standard utf-8 (LANG=en_US.UTF-8). There seems to be no encoding settings available for openvassd, nor in gvm-cli or ~/.config/gvm-tools.conf. Is it the case that data/reports from openvas are returned in mixed encoding, some in utf-8, some in latin-1?

    I don't get this problem when viewing the same report/results in the gsad GUI.

    gsa: (gsad --version) Greenbone Security Assistant 8.0+beta2 GIT revision d1a83ab88-master

    gvm: (gvmd --version) Greenbone Vulnerability Manager 8.0+beta1 GIT revision 3691c0ad-master

    openvas-scanner: (openvassd --version) OpenVAS Scanner 6.0+beta2 GIT revision a13b0f7-master

    gvm-libs: ~/gvm-libs$ git log commit 58248fdd4752e6073ada8497996a29572b41b10b (HEAD -> master, origin/master, origin/HEAD) ...

    gvm-tools: (gvm-cli --version) gvm-cli 1.4.1

    Operating system: $ uname -a Linux 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

    Installation method / source: (packages, source installation) From source following INSTALL

    Logfiles

    /usr/local/var/log/gvm/gvmd.log:

    md   main:WARNING:2018-09-14 10h14.06 UTC:11191: read_from_client_unix: failed to read from client: Connection reset by peer
    
    opened by asmaack 7
  • Small corrections to some md files

    Small corrections to some md files

    In the current master we see in the CHANGELOG.md around line 70:

    - Fixed `send-schedule.gmp.py` script, because <timezone_abbrev> has been [removed](https://github.com/greenbone/gvmd/commit/d4a0fa2287b425199330b7e5671b61cdbd836fe4) from Schedules, using <timezone> instead. [#299]
    

    though this would be better rendered when we oud use:

    - Fixed `send-schedule.gmp.py` script, because `<timezone_abbrev>` has been [removed](https://github.com/greenbone/gvmd/commit/d4a0fa2287b425199330b7e5671b61cdbd836fe4) from Schedules, using `<timezone>` instead. [#299]
    

    as now the word <timezone> is gone.

    In RELEASE.md (near the bottom, around line 160):

      ```sh
      poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project gvm-tools --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream release
    

    would probably be better of as:

      ```sh
      poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project gvm-tools --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream release
      ```
    
    opened by albert-github 6
  • Restructure README sections

    Restructure README sections

    • Change logo to a smaller one without margin
    • Remove "Current Version" from description. it's visible as badges now
    • Add "Table of Contents" section
    • Move content of Development section to Contributing
    • Add Support, Maintainer, Contributing and License section
    • also small improvements in the text

    Most of the text still needs improvement. This is a task for another PR.

    Please provide feedback and suggest better writing style for the new text. My goal is to have a short, to the point description in a welcoming way, so users are encouraged to become contributors.

    Preview: rendered view

    enhancement 
    opened by davidak 6
  • gmp.get_version() return error

    gmp.get_version() return error

    Hello,

    i need some help, here is my code:


    !/usr/bin python3.6 -- coding: utf-8 --

    from gvm.connections import UnixSocketConnection from gvm.protocols.latest import Gmp from gvm.transforms import EtreeTransform from gvm.xml import pretty_print

    connection = UnixSocketConnection() transform = EtreeTransform() gmp = Gmp(connection, transform=transform)

    version = gmp.get_version()

    pretty_print(version)

    and output is:

    Traceback (most recent call last): File "gmp.py", line 4, in from gvm.connections import UnixSocketConnection File "/usr/lib/python2.7/site-packages/gvm/connections.py", line 172 def init(self, *, timeout=DEFAULT_TIMEOUT, hostname='127.0.0.1', ^ SyntaxError: invalid syntax [root@p21210v tianna]# python3 gmp.py Traceback (most recent call last): File "gmp.py", line 14, in version = gmp.get_version() File "/usr/lib/python3.4/site-packages/gvm/protocols/gmpv7.py", line 3268, in get_version return self._send_xml_command(XmlCommand('get_version')) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 77, in _send_xml_command return self.send_command(xmlcmd.to_string()) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 131, in send_command raise e File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 127, in send_command self._send(cmd) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 62, in _send self.connect() File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 98, in connect self._connection.connect() File "/usr/lib/python3.4/site-packages/gvm/connections.py", line 310, in connect self._socket.connect(self.path) FileNotFoundError: [Errno 2] No such file or directory

    some env:

    ps axu | grep gvmd root 5082 0.0 0.0 112704 976 pts/2 R+ 19:57 0:00 grep --color=auto gvmd root 14816 0.0 0.4 422948 75512 ? SL Jun03 0:40 gvmd: Waiting for incoming connections


    gvmd.sock is in /run/

    THANKS!

    invalid 
    opened by jessie4736 5
  • `gvm-cli` raises an exception right while starting with error _invalid syntax_

    `gvm-cli` raises an exception right while starting with error _invalid syntax_

    gvm-cli raises an exception right while starting with error invalid syntax

    Expected behavior

    Starting gvm-cli just starts gvm-cli.

    Current behavior

    Right while statring gvm-cli gives an exception with error invalid syntax:

    # gvm-cli
    Traceback (most recent call last):
      File "/usr/local/bin/gvm-cli", line 11, in <module>
        load_entry_point('gvm-tools==2.0.0.dev1', 'console_scripts', 'gvm-cli')()
      File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 487, in load_entry_point
        return get_distribution(dist).load_entry_point(group, name)
      File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
        return ep.load()
      File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2346, in load
        return self.resolve()
      File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2352, in resolve
        module = __import__(self.module_name, fromlist=['__name__'], level=0)
      File "/usr/local/lib/python2.7/dist-packages/gvm_tools-2.0.0.dev1-py2.7.egg/gmp/clients/cli.py", line 212
        '--socketpath instead', file=sys.stderr)
                                    ^
    SyntaxError: invalid syntax
    

    Steps to reproduce

    1. Checkupt sources, then configure, compile and install as adviced.
    2. call gvm-cli

    GVM versions

    gsad:

    Greenbone Security Assistant 8.0+beta3
    GIT revision 3cd5812d6-master
    Copyright (C) 2010-2016 Greenbone Networks GmbH
    License GPLv2+: GNU GPL version 2 or later
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    

    gvmd:

    Greenbone Vulnerability Manager 8.0+beta2
    GIT revision 8bc90781-master
    Manager DB revision 200
    Copyright (C) 2010-2017 Greenbone Networks GmbH
    License GPLv2+: GNU GPL version 2 or later
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    

    openvassd:

    OpenVAS Scanner 6.0+beta3
    GIT revision b1d4ca6-master
    Most new code since 2005: (C) 2018 Greenbone Networks GmbH
    Nessus origin: (C) 2004 Renaud Deraison <[email protected]>
    License GPLv2: GNU GPL version 2
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    

    node:

    v11.4.0
    

    redis-server:

    Redis server v=5.0.2 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=669dbd6bdc6d120c
    

    Environment

    Operating system:

    Linux gvm10 4.18.0-3-amd64 #1 SMP Debian 4.18.20-2 (2018-11-23) x86_64 GNU/Linux
    
    buster/sid
    

    Installation method / source:

    source installation, git checkout
    
    wontfix 
    opened by tps800 5
  • how to activated the GMP Protocol?

    how to activated the GMP Protocol?

    hi, I successfully installed openvas and gvm-tools.

    cd /usr/local/python3.6.5/bin run ./gvm-cli socket --gmp-username admin --gmp-password 123456 --sockpath /run/redis/redis.sock --xml "<create_target>Suspect Host10.17.2.137</create_target>"

    it return , timed out

    and find the User Manuals , http://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html#activating-the-gmp-protocol http://docs.greenbone.net/GSM-Manual/gos-4/en/systemadministration.html#gmp

    but I cant find the menu

    opened by HelloXiaoHe 5
  • Added tests for parser module to reach 100% code coverage

    Added tests for parser module to reach 100% code coverage

    What: I've added tests for the parser module. It has a test coverage of 100% now. Also I've fixed a bug where TypeError will be thrown if port of SSHConnection is set to None. But I don't think this is an issue in this repository. I've added a PR in the python-gvm repository to address this issue (https://github.com/greenbone/python-gvm/pull/321). I've also opened an issue

    Why: To increase test coverage and code reliability

    How: I've added tests

    Checklist:

    • [X] Tests
    • [X] CHANGELOG Entry
    • [ ] Documentation
    opened by Korkmatik 4
  • Scan /16 ranges

    Scan /16 ranges

    I'm using the latest build, but I'm having problems with scanning in the cloud, I believe it's openvas' own, but it doesn't allow scheduling a scan or creating a list of targets with range / 16.

    I have a VPC 10.10.0.0/16 and I need to scan new hosts that appear, since if I update the list with new IPs I will have to delete the schedule, the results and the current target.

    Is there any way to scan with this range? I read that it is possible, but only if you make any changes to the GVMD.

    Expected behavior

    Schedule / 16 range.

    Current behavior

    Informs that it is not a valid entry.

    invalid 
    opened by arkhelieldan 4
  • Sphinx Docu

    Sphinx Docu

    First draft for a sphinx docu

    Run

    pipenv install --dev && cd docs && make clean && make html && firefox build/html/index.html

    opened by bjoernricks 4
  • add badges to readme

    add badges to readme

    I think the logo in front of the heading don't look good. That might be a reason why no body does it.

    Rendered view: https://github.com/greenbone/gvm-tools/blob/627d28896ffa4a28fcfb374008a5055ff1a60b59/README.md

    What do you think @wiegandm?

    We can improve the text in the next step.

    opened by davidak 4
  • create_filter is not usable due to destructive if statement in createFilterCommand

    create_filter is not usable due to destructive if statement in createFilterCommand

    It is not possible to use create_filter because createFilterCommand filters the required field 'filter_type' faulty.

    If you obey to the if statement in createFilterCommand the OpenVAS Daemon answers: gvm_tools.gmp.gvm_connection.GMPError: Type must be a valid OMP type

    If you follow the OMP Documentation createFilterCommand actively raises a ValueError.

    This behaviour should be corrected to enable the usage of create_filter at all.

    bug 
    opened by hacker-h 4
  • Nagios/Centreon Integration

    Nagios/Centreon Integration

    Expected behavior

    I am trying to do this procedure use my nagios to be able to monitor vulnerability reports

    https://docs.greenbone.net/GSM-Manual/gos-20.08/en/connecting-other-systems.html#nagios

    Current behavior

    image

    10.0.5.2 is my openvas and when I try to connect it gives those errors, I'm using python 3.8, built since 3.6 gives crypt errors

    #gvm-script ssh --hostname 10.0.5.2 --ssh-username nagios --ssh-password N4g10$ --gmp-username=admin --gmp-password=admin --protocol OSP check-gmp.gmp.py --ping --log DEBUG

    Logs:

    INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
    INFO:paramiko.transport:Authentication (password) successful!
    INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
    INFO:paramiko.transport:Authentication (password) successful!
    DEBUG:gvmtools.parser:Loaded config ~/.config/gvm-tools.conf
    DEBUG:root:Parsed arguments Namespace(config='~/.config/gvm-tools.conf', connection_type='ssh', gmp_password='admin', gmp_username='admin', hostname='10.0.5.2', loglevel=None, port=22, protocol='GMP', scriptargs=['check-gmp.gmp.py'], scriptname='OSP', ssh_password='N4g10$', ssh_username='nagios', timeout=60)
    DEBUG:paramiko.transport:starting thread (client mode): 0xa499d760
    DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.12.0
    DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_8.0
    INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
    DEBUG:paramiko.transport:=== Key exchange possibilities ===
    DEBUG:paramiko.transport:kex algos: curve25519-sha256, [email protected], ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1
    DEBUG:paramiko.transport:server key: rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519
    DEBUG:paramiko.transport:client encrypt: [email protected], [email protected], aes256-ctr, aes256-cbc, [email protected], aes128-ctr, aes128-cbc
    DEBUG:paramiko.transport:server encrypt: [email protected], [email protected], aes256-ctr, aes256-cbc, [email protected], aes128-ctr, aes128-cbc
    DEBUG:paramiko.transport:client mac: [email protected], [email protected], [email protected], [email protected], hmac-sha2-256, hmac-sha1, [email protected], hmac-sha2-512
    DEBUG:paramiko.transport:server mac: [email protected], [email protected], [email protected], [email protected], hmac-sha2-256, hmac-sha1, [email protected], hmac-sha2-512
    DEBUG:paramiko.transport:client compress: none, [email protected]
    DEBUG:paramiko.transport:server compress: none, [email protected]
    DEBUG:paramiko.transport:client lang: <none>
    DEBUG:paramiko.transport:server lang: <none>
    DEBUG:paramiko.transport:kex follows: False
    DEBUG:paramiko.transport:=== Key exchange agreements ===
    DEBUG:paramiko.transport:Kex: [email protected]
    DEBUG:paramiko.transport:HostKey: ssh-ed25519
    DEBUG:paramiko.transport:Cipher: aes128-ctr
    DEBUG:paramiko.transport:MAC: hmac-sha2-256
    DEBUG:paramiko.transport:Compression: none
    DEBUG:paramiko.transport:=== End of kex handshake ===
    DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
    DEBUG:paramiko.transport:Switch to new keys ...
    DEBUG:paramiko.transport:Got EXT_INFO: {'server-sig-algs': b'ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521'}
    DEBUG:paramiko.transport:userauth is OK
    INFO:paramiko.transport:Authentication (password) successful!
    DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
    DEBUG:paramiko.transport:Received global request "[email protected]"
    DEBUG:paramiko.transport:Rejecting "[email protected]" global request from server.
    DEBUG:paramiko.transport:[chan 0] Max packet out: 32768 bytes
    DEBUG:paramiko.transport:Secsh channel 0 opened.
    DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
    DEBUG:paramiko.transport:[chan 0] EOF received (0)
    DEBUG:paramiko.transport:[chan 0] EOF sent (0)
    DEBUG:paramiko.transport:Dropping user packet because connection is dead.
    

    now carry out the same process but now inside the openvas server, I already have 2 test reports, when I want to run the script, it runs correctly but it does not show the statuses, it just says Ok but actually if there is critical, I present evidence

    Steps to reproduce

    1.python3.8 -m pip install --user gvm-tools 2.wget https://raw.githubusercontent.com/greenbone/gvm-tools/main/scripts/check-gmp.gmp.py 3.image 4.image

    GVM versions

    gsa: (Greenbone Security Assistant 22.04.0)

    gvm: (Greenbone Vulnerability Manager 22.4.0~dev1)

    openvas-scanner: (OpenVAS 22.4.0)

    gvm-libs: 22.4.0

    gvm-tools: (gvm-cli 22.9.0 (API version 22.9.1))

    Environment

    Operating system: Alma Linux 8.6

    Installation method / source: (packages, source installation)

    Logfiles

    [gvmd.log](https://github.com/greenbone/gvm-tools/files/10290248/gvmd.log)
    [openvas.log](https://github.com/greenbone/gvm-tools/files/10290249/openvas.log)
    [ospd-scanner.log](https://github.com/greenbone/gvm-tools/files/10290250/ospd-scanner.log)
    [gsad.log](https://github.com/greenbone/gvm-tools/files/10290251/gsad.log)
    
    opened by sistemmsn 0
  • Script to scan host doesn't work

    Script to scan host doesn't work

    hi I'm using openvas that I installed on kali linux (installed on virtual box) ...

    what i would like to do is scan my system .... i found this script, only once i give it the command to run it, which is suggested by the script itself, i get this:

    usage: gvm-script [-h] [-c [CONFIG]] [--log [{DEBUG, INFO, WARNING, ERROR, CRITICAL}]] [--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
                      [--gmp-password GMP_PASSWORD] [-V] [--protocol {GMP, OSP}]
                      CONNECTION_TYPE ...
    gvm-script: error: the following arguments are required: CONNECTION_TYPE
    unknown option - -
    usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
               [-b bind_address] [-c cipher_spec] [-D [bind_address:] port]
               [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
               [-i identity_file] [-J [user @] host [: port]] [-L address]
               [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
               [-Q query_option] [-R address] [-S ctl_path] [-W host: port]
               [-w local_tun [: remote_tun]] destination [command [argument ...]]
    

    this is the script I used, found in the openVAS github page:

    https://github.com/greenbone/gvm-tools/blob/main/scripts/scan-new-system.gmp.py

    import datetime
    import sys
    from argparse import Namespace
    
    from gvm.protocols.gmp import Gmp
    
    
    def check_args(args):
        len_args = len(args.script) - 1
        message = """
            This script starts a new scan on the given host.
            It needs one parameters after the script name.
            1. <host_ip>        IP Address of the host system
            2. <port_list_id>   Port List UUID for scanning the host system. 
                                Preconfigured UUID might be under 
                                /var/lib/gvm/data-objects/gvmd/20.08/port_lists/. 
                                ex. iana-tcp-udp is 
                                "4a4717fe-57d2-11e1-9a26-406186ea4fc5".
            
                    Example:
                $ gvm-script --gmp-username name --gmp-password pass \
    ssh --hostname <gsm> scripts/scan-new-system.gmp.py <host_ip> <port_list_id>
        """
        if len_args != 2:
            print(message)
            sys.exit()
    
    
    def create_target(gmp, ipaddress, port_list_id):
        # create a unique name by adding the current datetime
        name = f"Suspect Host {ipaddress} {str(datetime.datetime.now())}"
    
        response = gmp.create_target(
            name=name, hosts=[ipaddress], port_list_id=port_list_id
        )
        return response.get("id")
    
    
    def create_task(gmp, ipaddress, target_id, scan_config_id, scanner_id):
        name = f"Scan Suspect Host {ipaddress}"
        response = gmp.create_task(
            name=name,
            config_id=scan_config_id,
            target_id=target_id,
            scanner_id=scanner_id,
        )
        return response.get("id")
    
    
    def start_task(gmp, task_id):
        response = gmp.start_task(task_id)
        # the response is
        # <start_task_response><report_id>id</report_id></start_task_response>
        return response[0].text
    
    
    def main(gmp: Gmp, args: Namespace) -> None:
    
        check_args(args)
    
        ipaddress = args.argv[1]
        port_list_id = args.argv[2]
    
        target_id = create_target(gmp, ipaddress, port_list_id)
    
        full_and_fast_scan_config_id = "daba56c8-73ec-11df-a475-002264764cea"
        openvas_scanner_id = "08b69003-5fc2-4037-a479-93b440211c73"
        task_id = create_task(
            gmp,
            ipaddress,
            target_id,
            full_and_fast_scan_config_id,
            openvas_scanner_id,
        )
    
        report_id = start_task(gmp, task_id)
    
        print(
            f"Started scan of host {ipaddress}. "
            f"Corresponding report ID is {report_id}"
        )
    
    
       
    if __name__ == "__gmp__":
        # pylint: disable=undefined-variable
        main(gmp, args) 
    

    2 problems are also reported: "gmp" is not defined, ln87 "args" is not defined, ln87

    can anyone please help me ?

    bug 
    opened by diocanelebbrosobastardo 1
  • scripts/check-gmp.gmp.py fails with list index out of range

    scripts/check-gmp.gmp.py fails with list index out of range

    Expected behavior

    When using scripts/check-gmp.gmp.py in the past it correctly reported the vulnerabilities found by a Greenbone appliance

    Current behavior

    After updating the greenbone appliance to 21.04.3 the script fails with "list index out of range"

    Updating the gvm-tools to the current version using git pull introduced an additional bug: get_tasks() got an unexpected keyword argument 'filter_string'

    When correcting this bug by replacing filter_string with filter the original bug "list index out of range" is thrown again.

    Steps to reproduce

    1. Deploy check-gmp.gmp.py successfully with an older version of Greenbone OS
    2. Update to 21.04.3
    3. check-gmp.gmp.py will fail

    GVM versions

    As included in Greenbone OS 21.04.3

    needs info 
    opened by spenneb 7
Releases(v22.9.0)
  • v22.9.0(Sep 5, 2022)

    22.9.0 - 2022-09-05

    Added

    • Update GitHub actions via dependabot too abd8626
    • Build container image for gvm-tools 6f827bb
    • Deploy docs to GitHub pages too 5084af6

    Changed

    • Don't use a pip cache within the container build 77f7ae8
    • Update links and terms in README and docs d088dc5
    • Enable string normalization with black ec17b3e
    • Add autohooks-plugin-isort for import sorting d2a29dd
    • Use greater or equal then for dependencies with calver c7de2c6
    • Update docs to use a cleaner sphinx theme 4a9e9ff

    Bug Fixes

    • Consolidated Report script finds last report in time period now (#771) 3067417
    Source code(tar.gz)
    Source code(zip)
    gvm-tools-22.9.0.tar.gz.asc(833 bytes)
    gvm-tools-22.9.0.zip.asc(833 bytes)
  • v22.6.1(Jun 27, 2022)

  • v22.6.0(Jun 16, 2022)

  • v21.10.0(Oct 27, 2021)

  • v21.6.1(Jun 21, 2021)

  • v21.6.0(Jun 13, 2021)

    21.6.0 - 2021-06-13

    This release needs python-gvm >= 21.5.0 to work

    Added

    • Added new script script/create-consolidated-reports.gmp.py, that consolidates the last reports of tasks filtered by time period and tags #370
    • Added new script script/create-cve-report-from-json.gmp.py that generates an CVE Report from an correctly formatted JSON. #376
    • Added script bulk-modify-schedules.gmp.py #445

    Changed

    • Added in_asset argument to import_report() to script/combine-reports.gmp.py #383

    Fixed

    • Added ignore_pagination to get_report calls in script/create-consolidated-reports.gmp.py and script/combine-reports.gmp.py [#399]https://github.com/greenbone/gvm-tools/pull/399)
    • Fixed Python 3.8 SyntaxWarnings for scripts #373
    Source code(tar.gz)
    Source code(zip)
  • v21.1.0(Jan 20, 2021)

    21.1.0 - 2021-01-20

    Added

    • Added pretty_print to pyshell by default, so it does not need to be manually imported #305
    • Added tests for helper module #310
    • Added tests for parser module #311
    • Added tests for scripts/send-target.gmp.py #314
    • Added tests for scripts/send-tasks.gmp.py #317
    • Added tests for scripts/send-schedules.gmp.py #344
    • Added tests for script/start-alert-scan.gmp.py #344
    • Adding useful script helper functions to the helper.py #317
    • CI tests Python 3.9 now. #353
    • Added tests for script/combine-reports.gmp.py #366

    Changed

    • The script/start-alert-scan.gmp.py has been reworked with argparser #344
    • Moved generic functions to generate random ids and ips from scripts to the helper module. #365

    Deprecated

    • Dropped Python 3.5 and Python 3.6 support. Python 3.7+ is required now. #353

    Fixed

    • Fixed the send-targets.gmp.py script. #313
    • Fixed the pdf-report.gmp.py script when an empty report is downloaded #328
    • Fixed the combine-reports.gmp.py script, the import_report() command changed since v9.0. #366
    Source code(tar.gz)
    Source code(zip)
  • v20.10.1(Oct 6, 2020)

  • v20.10.0(Oct 5, 2020)

    20.10.0 - 2020-10-05

    Changed

    • Fixed send-schedule.gmp.py script, because <timezone_abbrev> has been removed from Schedules, using <timezone> instead. [#299]

    • Fixed send-targets.gmp.py script, because alive_test needs to be from AliveTest enum in create_target function. #297

    • Added gmpv20.08 support to the scan-new-system.gmp.py script, as create_target requires an argument port_range or port_list_id now. #295

    • Using the --log argument is not casesensitive anymore. Use the lower-case or upper-case loglevel as the argument now.PR 276

    Fixed

    • Fixed the check-gmp.gmp.py script, as it was not compatible to Python 3.5 anymore. PR 280
    • Fixed the check-gmp.gmp.py script: results have not been loaded with -F host -T task --status and probably some other cases. Added details=True to the command that requests the report. PR 280
    • Fixed the pdf-report.gmp.py script. Joining the Content of the tag was not the correct way here ... we needed the tail of the <report_format> tag ... PR 301

    Removed

    • Removed gvm.version module in favor of using pontos.version #254
    Source code(tar.gz)
    Source code(zip)
    v20.10.0.tar.gz.asc(874 bytes)
    v20.10.0.zip.asc(874 bytes)
  • v2.1.0(Apr 3, 2020)

    2.1.0 - 2020-04-03

    Added

    • Allow to specify hostname for SSH and TLS connections in the config file #239

    Changed

    • The script random-report-gen.gmp is able to add host, host details, os and application data now, so the created reports are more realistic PR 218, PR 220 PR 225
    • The script random-report-gen.gmp now uses argparser, to improve its usage PR 223
    • Use .py ending for all gmp scripts to support auto highlighting PR 244
    • Updated glossary in the documentation to reflect changes in GVM 11 PR 245
    • Replaced pipenv with poetry for dependency management. poetry install works a bit different then pipenv install. It installs dev packages by default and also gvmtools in editable mode. This means after running poetry install all gvm-tools scripts are available in the created virtual environment. PR 246
    • Fixed version handling after switching to poetry #249

    Fixed

    • Exit with an error, if the check_gmp.gmp script is used with an temporary path, that has not the correct permissions.
    • Fixed update-task-target.gmp to create unique target names to support Gmpv8
    • Fixed an error, where the --sockpath argument didn't worked as expected PR 216
    • Catch exception from gvm lib PR 222 PR 224
    • Fixed send-targets.gmp throwing an exception due to an improper check PR 248
    • Fixed send-targets.gmp : hosts and exclude_hosts expecting lists PR 248
    Source code(tar.gz)
    Source code(zip)
    gvm-tools-2.1.0.tar.gz.sig(819 bytes)
    gvm-tools-2.1.0.zip.sig(819 bytes)
  • v2.0.0(Sep 19, 2019)

    This is the first stable release of the gvm-tools 2 series. Compared to the last beta release it contains the following changes:

    Added

    • Added --duration switch to gvm-cli for command execution measurement PR 206
    • Added --ssh-password switch for ssh connection PR 140
    • Added a new console line interface gvm-script for only running GMP and OSP scripts without opening a python shell PR 152
    • Forbid to run any gvm-tools cli as root user PR 183
    • Added error message if invalid XML is passed to gvm-cli PR 198
    • Added argument --pretty to gvm-cli to pretty format xml output PR 203

    Changed

    • Improved error messages if unix socket could not be found PR 78
    • The structure for the config file (default is ~/.config/gvm-tools.conf) has changed. It's possible to set defaults for nearly all command line arguments PR 140
    • The command line help for gvm-cli and gvm-pyshell has been updated and made more consistent PR 138
    • Renamed --ssh-user switch to --ssh-username PR 140
    • Update gvmtools.get_version to return a fully compliant PEP 440 version string PR 150
    • Refresh the dependencies specified via the Pipfile.lock file to their latest versions PR 186, PR 193
    • Dropped global command line arguments from sub commands e.g. it must be gvm-cli --config foo.conf socket ... instead of gvm-cli socket --config foo.conf now. The latter didn't work actually but was listed in the --help output #194
    • Improved error message if a global argument is passed after the connection type to gvm-cli #196
    • Renamed clean-slave.gmp to clean-sensor.gmp PR 202

    Deprecated

    • Only running scripts with gvm-pyshell is deprecated PR 152
    • [Auth] section in config file is deprecated and will be ignored in future releases PR 160

    Fixed

    • Fix a bug which caused gvm-pyshell to immediately re-enter interactive mode upon exiting it for the first time PR 139
    • Support [Auth] section in config file for backwards compatibility PR 160
    • Fix using correct API to get single task and targets in update-task-target.gmp script PR 188
    Source code(tar.gz)
    Source code(zip)
    gvm-tools-2.0.0-signed-2020-01-31.zip(24.34 MB)
  • v2.0.0.beta1(Nov 13, 2018)

    gvm-tools got split into the command line interfaces (gvm-cli and gvm-pyshell) including the gmp (example) scripts and the Python API. The Python API can now be found at python-gvm. During this split the python package name for the API got changed from gmp to gvm. The API has also been refactored and stabilized. For details please take a look at python-gvm.

    Scripts

    • It's now possible to write OSP scripts. Using the --protocol=OSP switch gvm-pyshell adds a global osp object instead of the gmp one.
    • The __name__ variable is set to __gmp__ for GMP scripts and to __osp__ for OSP scripts (Remember: for normal Python scripts __name__ is set to __main__).
    • Scripts are only getting two global variables now: gmp (or osp) and args. gmp and osp are the global objects to communicate with the remote gvmd or ospd daemon. args contains the parsed arguments for the script.
    • The global args object only contains script related parameters now. These username and password from the --gmp-username and --gmp-password switches and the additional scripts parameters as args.argv.
    • GMPError got renamed to GvmError and must be imported from gvm.errors module.
      from gvm.errors import GvmError as GMPError
      
    • Added new client helper module.
    • pretty function isn't available as a global function in the scripts anymore. It must be imported separately like
      from gvmtools.helper import pretty_print as pretty
      
    • The included gmp scripts have been cleaned up and adjusted for the new API.
    • It's possible to get the current versions of gvm-tools via __version__ and python-gvm via __api_version__.

    Other

    • Removed experimental gvm-dialog application.
    • Use pipenv for development.
    Source code(tar.gz)
    Source code(zip)
    gvm-tools-2.0.0.beta1.tar.gz.sig(181 bytes)
    gvm-tools-2.0.0.beta1.zip.sig(181 bytes)
  • v1.4.1(Aug 10, 2018)

    This is the first maintenance release of the gvm-tools module 1.4 for the Greenbone Vulnerability Management (GVM) framework.

    This release covers bug fixes in 'create' and 'modify' methods.

    Many thanks to everyone who has contributed to this release: Raphael Grewe, Juan Jose Nicola and Jan-Oliver Wagner

    Main changes compared to gvm-tools-1.4.0:

    • Fix bugs for create and modify command methods.
    • Improve unit tests.
    • Improve documentation.
    Source code(tar.gz)
    Source code(zip)
    gvm-cli.exe(12.16 MB)
    gvm-pyshell.exe(12.17 MB)
    gvm-tools-1.4.1.tar.gz.sig(181 bytes)
    gvm-tools-1.4.1.zip.sig(181 bytes)
  • v1.4.0(Aug 9, 2018)

    This is the first release of the gvm-tools module 1.4 for the Greenbone Vulnerability Management (GVM) framework.

    This release covers bug fixes, robustness improvements and an extended GMP scripts collection.

    Many thanks to everyone who has contributed to this release: Raphael Grewe, Mirko Hansen, Henning Häcker, David Kleuker, Juan Jose Nicola, Timo Pollmeier, Bjoern Ricks, Joshua Schwartz, Jan-Oliver Wagner and Michael Wiegand.

    Main changes compared to gvm-tools-1.3.1:

    • Correct XML encoding for commands
    • Fix bug for long GMP commands through SSHConnection
    • Add new GMP scripts: create_targets_from_host_list.gmp, gen-random-targets.gmp, send-schedules.gmp, send-targets.gmp, send-tasks.gmp, send_delta_emails.gmp, startAlertScan.gmp, update-task-target.gmp.
    • Improve and extend 'create' and 'modify' command methods
    • Add support for accessing the raw response
    • Improve unit tests
    • Allow anonymous connections
    • Require lxml and defusedxml python modules
    • Improve documentation
    • Several code improvements
    Source code(tar.gz)
    Source code(zip)
    gvm-tools-1.4.0.tar.gz.sig(181 bytes)
    gvm-tools-1.4.0.zip.sig(181 bytes)
Owner
Greenbone
Open Source Vulnerability Management
Greenbone
Aiminsun 165 Dec 21, 2022
IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

Carry 1 Nov 25, 2021
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 3, 2022
HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP

赛欧思网络安全研究实验室 365 Nov 30, 2022
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

Ayoub 861 Feb 18, 2021
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服

null 86 Dec 9, 2022
An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全

Firmy Yang 171 Nov 28, 2022
Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

Google 893 Jan 4, 2023
It's a simple tool for test vulnerability shellshock

Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to execute arbitrary commands and gain unauthorized access to many Internet-facing services, such as web servers, that use Bash to process requests.

Mr. Cl0wn - H4ck1ng C0d3r 88 Dec 23, 2022
Use FOFA automatic vulnerability scanning tool

AutoSRC Use FOFA automatic vulnerability scanning tool Usage python3 autosrc.py -e <FOFA EMAIL> -k <TOKEN> Screenshots License MIT Dev 6613GitHub6613

PwnWiki 48 Oct 25, 2022
A fast tool to scan prototype pollution vulnerability

proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :

Muhammed Mahdi 4 Aug 31, 2021
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanning and detecting sql injection vulnerabilities across HTTP and HTTP sites.

AnonyminHack5 12 Dec 2, 2022
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

Mr. Cl0wn - H4ck1ng C0d3r 56 Dec 27, 2022
How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'

This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi

Stephen Tong 1.2k Dec 25, 2022
Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC <= Exchange 2013 update 23 <= Exchange 2016 update 2

0x0021h 263 Feb 14, 2022
Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.

GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamic

Francisco Spínola 2 Dec 12, 2021