When downloading an openvas report in raw XML format over gvm-cli socket with the get_reports command, I get a decoding error. As the error points out, this has to do with data decoding mismatch it seems. See:

$ gvm-cli socket -c --xml "<get_reports report_id=\"795ecf96-7957-4553-a203-30affa1e34e0\" format_id=\"a994b278-1f62-11e1-96ac-406186ea4fc5\"/>"
Traceback (most recent call last):
  File "/usr/local/bin/gvm-cli", line 11, in <module>
    load_entry_point('gvm-tools==1.4.1', 'console_scripts', 'gvm-cli')()
  File "/usr/local/lib/python3.6/dist-packages/gmp/clients/gvm_cli.py", line 213, in main
    result = gvm.read()
  File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 103, in read
    response = self.readAll()
  File "/usr/local/lib/python3.6/dist-packages/gmp/gvm_connection.py", line 973, in readAll
    response += data.decode()
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 1023: unexpected end of data

I looked at gvm_connection.py, line 973, which reads: response += data.decode()

I did some hacking around and then changed line 973 to: response += data.decode('latin-1')

Then everything worked fine and the download will finish successfully. Looks to me there is some encoding/decoding mismatch here. My environment is all standard utf-8 (LANG=en_US.UTF-8). There seems to be no encoding settings available for openvassd, nor in gvm-cli or ~/.config/gvm-tools.conf. Is it the case that data/reports from openvas are returned in mixed encoding, some in utf-8, some in latin-1?

I don't get this problem when viewing the same report/results in the gsad GUI.

gsa: (gsad --version) Greenbone Security Assistant 8.0+beta2 GIT revision d1a83ab88-master

gvm: (gvmd --version) Greenbone Vulnerability Manager 8.0+beta1 GIT revision 3691c0ad-master

openvas-scanner: (openvassd --version) OpenVAS Scanner 6.0+beta2 GIT revision a13b0f7-master

gvm-libs: ~/gvm-libs$ git log commit 58248fdd4752e6073ada8497996a29572b41b10b (HEAD -> master, origin/master, origin/HEAD) ...

gvm-tools: (gvm-cli --version) gvm-cli 1.4.1

Operating system: $ uname -a Linux 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Installation method / source: (packages, source installation) From source following INSTALL

Logfiles

/usr/local/var/log/gvm/gvmd.log:

md   main:WARNING:2018-09-14 10h14.06 UTC:11191: read_from_client_unix: failed to read from client: Connection reset by peer

In the current master we see in the CHANGELOG.md around line 70:

- Fixed `send-schedule.gmp.py` script, because <timezone_abbrev> has been [removed](https://github.com/greenbone/gvmd/commit/d4a0fa2287b425199330b7e5671b61cdbd836fe4) from Schedules, using <timezone> instead. [#299]

though this would be better rendered when we oud use:

- Fixed `send-schedule.gmp.py` script, because `<timezone_abbrev>` has been [removed](https://github.com/greenbone/gvmd/commit/d4a0fa2287b425199330b7e5671b61cdbd836fe4) from Schedules, using `<timezone>` instead. [#299]

as now the word <timezone> is gone.

In RELEASE.md (near the bottom, around line 160):

  ```sh
  poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project gvm-tools --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream release

would probably be better of as:

  ```sh
  poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project gvm-tools --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream release
  ```

• Change logo to a smaller one without margin
• Remove "Current Version" from description. it's visible as badges now
• Add "Table of Contents" section
• Move content of Development section to Contributing
• Add Support, Maintainer, Contributing and License section
• also small improvements in the text

Most of the text still needs improvement. This is a task for another PR.

Please provide feedback and suggest better writing style for the new text. My goal is to have a short, to the point description in a welcoming way, so users are encouraged to become contributors.

Preview: rendered view

Hello,

i need some help, here is my code:

!/usr/bin python3.6 -- coding: utf-8 --

from gvm.connections import UnixSocketConnection from gvm.protocols.latest import Gmp from gvm.transforms import EtreeTransform from gvm.xml import pretty_print

connection = UnixSocketConnection() transform = EtreeTransform() gmp = Gmp(connection, transform=transform)

version = gmp.get_version()

pretty_print(version)

and output is:

Traceback (most recent call last): File "gmp.py", line 4, in from gvm.connections import UnixSocketConnection File "/usr/lib/python2.7/site-packages/gvm/connections.py", line 172 def init(self, *, timeout=DEFAULT_TIMEOUT, hostname='127.0.0.1', ^ SyntaxError: invalid syntax [root@p21210v tianna]# python3 gmp.py Traceback (most recent call last): File "gmp.py", line 14, in version = gmp.get_version() File "/usr/lib/python3.4/site-packages/gvm/protocols/gmpv7.py", line 3268, in get_version return self._send_xml_command(XmlCommand('get_version')) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 77, in _send_xml_command return self.send_command(xmlcmd.to_string()) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 131, in send_command raise e File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 127, in send_command self._send(cmd) File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 62, in _send self.connect() File "/usr/lib/python3.4/site-packages/gvm/protocols/base.py", line 98, in connect self._connection.connect() File "/usr/lib/python3.4/site-packages/gvm/connections.py", line 310, in connect self._socket.connect(self.path) FileNotFoundError: [Errno 2] No such file or directory

some env:

ps axu | grep gvmd root 5082 0.0 0.0 112704 976 pts/2 R+ 19:57 0:00 grep --color=auto gvmd root 14816 0.0 0.4 422948 75512 ? SL Jun03 0:40 gvmd: Waiting for incoming connections

gvmd.sock is in /run/

THANKS!

gvm-cli raises an exception right while starting with error invalid syntax

Expected behavior

Starting gvm-cli just starts gvm-cli.

Current behavior

Right while statring gvm-cli gives an exception with error invalid syntax:

# gvm-cli
Traceback (most recent call last):
  File "/usr/local/bin/gvm-cli", line 11, in <module>
    load_entry_point('gvm-tools==2.0.0.dev1', 'console_scripts', 'gvm-cli')()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 487, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
    return ep.load()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2346, in load
    return self.resolve()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2352, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/local/lib/python2.7/dist-packages/gvm_tools-2.0.0.dev1-py2.7.egg/gmp/clients/cli.py", line 212
    '--socketpath instead', file=sys.stderr)
                                ^
SyntaxError: invalid syntax

Steps to reproduce

1. Checkupt sources, then configure, compile and install as adviced.
2. call gvm-cli

GVM versions

gsad:

Greenbone Security Assistant 8.0+beta3
GIT revision 3cd5812d6-master
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gvmd:

Greenbone Vulnerability Manager 8.0+beta2
GIT revision 8bc90781-master
Manager DB revision 200
Copyright (C) 2010-2017 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvassd:

OpenVAS Scanner 6.0+beta3
GIT revision b1d4ca6-master
Most new code since 2005: (C) 2018 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <[email protected]>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

node:

v11.4.0

redis-server:

Redis server v=5.0.2 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=669dbd6bdc6d120c

Environment

Operating system:

Linux gvm10 4.18.0-3-amd64 #1 SMP Debian 4.18.20-2 (2018-11-23) x86_64 GNU/Linux

buster/sid

Installation method / source:

source installation, git checkout

hi, I successfully installed openvas and gvm-tools.

cd /usr/local/python3.6.5/bin run ./gvm-cli socket --gmp-username admin --gmp-password 123456 --sockpath /run/redis/redis.sock --xml "<create_target>Suspect Host10.17.2.137</create_target>"

it return , timed out

and find the User Manuals , http://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html#activating-the-gmp-protocol http://docs.greenbone.net/GSM-Manual/gos-4/en/systemadministration.html#gmp

but I cant find the menu

What: I've added tests for the parser module. It has a test coverage of 100% now. Also I've fixed a bug where TypeError will be thrown if port of SSHConnection is set to None. But I don't think this is an issue in this repository. I've added a PR in the python-gvm repository to address this issue (https://github.com/greenbone/python-gvm/pull/321). I've also opened an issue

Why: To increase test coverage and code reliability

How: I've added tests

Checklist:

• [X] Tests
• [X] CHANGELOG Entry
• [ ] Documentation

I'm using the latest build, but I'm having problems with scanning in the cloud, I believe it's openvas' own, but it doesn't allow scheduling a scan or creating a list of targets with range / 16.

I have a VPC 10.10.0.0/16 and I need to scan new hosts that appear, since if I update the list with new IPs I will have to delete the schedule, the results and the current target.

Is there any way to scan with this range? I read that it is possible, but only if you make any changes to the GVMD.

Expected behavior

Schedule / 16 range.

Current behavior

Informs that it is not a valid entry.

First draft for a sphinx docu

Run

pipenv install --dev && cd docs && make clean && make html && firefox build/html/index.html

I think the logo in front of the heading don't look good. That might be a reason why no body does it.

Rendered view: https://github.com/greenbone/gvm-tools/blob/627d28896ffa4a28fcfb374008a5055ff1a60b59/README.md

What do you think @wiegandm?

We can improve the text in the next step.

It is not possible to use create_filter because createFilterCommand filters the required field 'filter_type' faulty.

If you obey to the if statement in createFilterCommand the OpenVAS Daemon answers: gvm_tools.gmp.gvm_connection.GMPError: Type must be a valid OMP type

If you follow the OMP Documentation createFilterCommand actively raises a ValueError.

This behaviour should be corrected to enable the usage of create_filter at all.

Expected behavior

I am trying to do this procedure use my nagios to be able to monitor vulnerability reports

https://docs.greenbone.net/GSM-Manual/gos-20.08/en/connecting-other-systems.html#nagios

Current behavior

10.0.5.2 is my openvas and when I try to connect it gives those errors, I'm using python 3.8, built since 3.6 gives crypt errors

#gvm-script ssh --hostname 10.0.5.2 --ssh-username nagios --ssh-password N4g10$ --gmp-username=admin --gmp-password=admin --protocol OSP check-gmp.gmp.py --ping --log DEBUG

Logs:

INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
INFO:paramiko.transport:Authentication (password) successful!
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
INFO:paramiko.transport:Authentication (password) successful!
DEBUG:gvmtools.parser:Loaded config ~/.config/gvm-tools.conf
DEBUG:root:Parsed arguments Namespace(config='~/.config/gvm-tools.conf', connection_type='ssh', gmp_password='admin', gmp_username='admin', hostname='10.0.5.2', loglevel=None, port=22, protocol='GMP', scriptargs=['check-gmp.gmp.py'], scriptname='OSP', ssh_password='N4g10$', ssh_username='nagios', timeout=60)
DEBUG:paramiko.transport:starting thread (client mode): 0xa499d760
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.12.0
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_8.0
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_8.0)
DEBUG:paramiko.transport:=== Key exchange possibilities ===
DEBUG:paramiko.transport:kex algos: curve25519-sha256, [email protected], ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1
DEBUG:paramiko.transport:server key: rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519
DEBUG:paramiko.transport:client encrypt: [email protected], [email protected], aes256-ctr, aes256-cbc, [email protected], aes128-ctr, aes128-cbc
DEBUG:paramiko.transport:server encrypt: [email protected], [email protected], aes256-ctr, aes256-cbc, [email protected], aes128-ctr, aes128-cbc
DEBUG:paramiko.transport:client mac: [email protected], [email protected], [email protected], [email protected], hmac-sha2-256, hmac-sha1, [email protected], hmac-sha2-512
DEBUG:paramiko.transport:server mac: [email protected], [email protected], [email protected], [email protected], hmac-sha2-256, hmac-sha1, [email protected], hmac-sha2-512
DEBUG:paramiko.transport:client compress: none, [email protected]
DEBUG:paramiko.transport:server compress: none, [email protected]
DEBUG:paramiko.transport:client lang: <none>
DEBUG:paramiko.transport:server lang: <none>
DEBUG:paramiko.transport:kex follows: False
DEBUG:paramiko.transport:=== Key exchange agreements ===
DEBUG:paramiko.transport:Kex: [email protected]
DEBUG:paramiko.transport:HostKey: ssh-ed25519
DEBUG:paramiko.transport:Cipher: aes128-ctr
DEBUG:paramiko.transport:MAC: hmac-sha2-256
DEBUG:paramiko.transport:Compression: none
DEBUG:paramiko.transport:=== End of kex handshake ===
DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Got EXT_INFO: {'server-sig-algs': b'ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521'}
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Authentication (password) successful!
DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
DEBUG:paramiko.transport:Received global request "[email protected]"
DEBUG:paramiko.transport:Rejecting "[email protected]" global request from server.
DEBUG:paramiko.transport:[chan 0] Max packet out: 32768 bytes
DEBUG:paramiko.transport:Secsh channel 0 opened.
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:paramiko.transport:[chan 0] EOF received (0)
DEBUG:paramiko.transport:[chan 0] EOF sent (0)
DEBUG:paramiko.transport:Dropping user packet because connection is dead.

now carry out the same process but now inside the openvas server, I already have 2 test reports, when I want to run the script, it runs correctly but it does not show the statuses, it just says Ok but actually if there is critical, I present evidence

Steps to reproduce

1.python3.8 -m pip install --user gvm-tools 2.wget https://raw.githubusercontent.com/greenbone/gvm-tools/main/scripts/check-gmp.gmp.py 3. 4.

GVM versions

gsa: (Greenbone Security Assistant 22.04.0)

gvm: (Greenbone Vulnerability Manager 22.4.0~dev1)

openvas-scanner: (OpenVAS 22.4.0)

gvm-libs: 22.4.0

gvm-tools: (gvm-cli 22.9.0 (API version 22.9.1))

Environment

Operating system: Alma Linux 8.6

Installation method / source: (packages, source installation)

Logfiles

[gvmd.log](https://github.com/greenbone/gvm-tools/files/10290248/gvmd.log)
[openvas.log](https://github.com/greenbone/gvm-tools/files/10290249/openvas.log)
[ospd-scanner.log](https://github.com/greenbone/gvm-tools/files/10290250/ospd-scanner.log)
[gsad.log](https://github.com/greenbone/gvm-tools/files/10290251/gsad.log)

hi I'm using openvas that I installed on kali linux (installed on virtual box) ...

what i would like to do is scan my system .... i found this script, only once i give it the command to run it, which is suggested by the script itself, i get this:

usage: gvm-script [-h] [-c [CONFIG]] [--log [{DEBUG, INFO, WARNING, ERROR, CRITICAL}]] [--timeout TIMEOUT] [--gmp-username GMP_USERNAME]
                  [--gmp-password GMP_PASSWORD] [-V] [--protocol {GMP, OSP}]
                  CONNECTION_TYPE ...
gvm-script: error: the following arguments are required: CONNECTION_TYPE
unknown option - -
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
           [-b bind_address] [-c cipher_spec] [-D [bind_address:] port]
           [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
           [-i identity_file] [-J [user @] host [: port]] [-L address]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-Q query_option] [-R address] [-S ctl_path] [-W host: port]
           [-w local_tun [: remote_tun]] destination [command [argument ...]]

this is the script I used, found in the openVAS github page:

https://github.com/greenbone/gvm-tools/blob/main/scripts/scan-new-system.gmp.py

import datetime
import sys
from argparse import Namespace

from gvm.protocols.gmp import Gmp


def check_args(args):
    len_args = len(args.script) - 1
    message = """
        This script starts a new scan on the given host.
        It needs one parameters after the script name.
        1. <host_ip>        IP Address of the host system
        2. <port_list_id>   Port List UUID for scanning the host system. 
                            Preconfigured UUID might be under 
                            /var/lib/gvm/data-objects/gvmd/20.08/port_lists/. 
                            ex. iana-tcp-udp is 
                            "4a4717fe-57d2-11e1-9a26-406186ea4fc5".
        
                Example:
            $ gvm-script --gmp-username name --gmp-password pass \
ssh --hostname <gsm> scripts/scan-new-system.gmp.py <host_ip> <port_list_id>
    """
    if len_args != 2:
        print(message)
        sys.exit()


def create_target(gmp, ipaddress, port_list_id):
    # create a unique name by adding the current datetime
    name = f"Suspect Host {ipaddress} {str(datetime.datetime.now())}"

    response = gmp.create_target(
        name=name, hosts=[ipaddress], port_list_id=port_list_id
    )
    return response.get("id")


def create_task(gmp, ipaddress, target_id, scan_config_id, scanner_id):
    name = f"Scan Suspect Host {ipaddress}"
    response = gmp.create_task(
        name=name,
        config_id=scan_config_id,
        target_id=target_id,
        scanner_id=scanner_id,
    )
    return response.get("id")


def start_task(gmp, task_id):
    response = gmp.start_task(task_id)
    # the response is
    # <start_task_response><report_id>id</report_id></start_task_response>
    return response[0].text


def main(gmp: Gmp, args: Namespace) -> None:

    check_args(args)

    ipaddress = args.argv[1]
    port_list_id = args.argv[2]

    target_id = create_target(gmp, ipaddress, port_list_id)

    full_and_fast_scan_config_id = "daba56c8-73ec-11df-a475-002264764cea"
    openvas_scanner_id = "08b69003-5fc2-4037-a479-93b440211c73"
    task_id = create_task(
        gmp,
        ipaddress,
        target_id,
        full_and_fast_scan_config_id,
        openvas_scanner_id,
    )

    report_id = start_task(gmp, task_id)

    print(
        f"Started scan of host {ipaddress}. "
        f"Corresponding report ID is {report_id}"
    )


   
if __name__ == "__gmp__":
    # pylint: disable=undefined-variable
    main(gmp, args) 

2 problems are also reported: "gmp" is not defined, ln87 "args" is not defined, ln87

can anyone please help me ?

Expected behavior

When using scripts/check-gmp.gmp.py in the past it correctly reported the vulnerabilities found by a Greenbone appliance

Current behavior

After updating the greenbone appliance to 21.04.3 the script fails with "list index out of range"

Updating the gvm-tools to the current version using git pull introduced an additional bug: get_tasks() got an unexpected keyword argument 'filter_string'

When correcting this bug by replacing filter_string with filter the original bug "list index out of range" is thrown again.

Steps to reproduce

1. Deploy check-gmp.gmp.py successfully with an older version of Greenbone OS
2. Update to 21.04.3
3. check-gmp.gmp.py will fail

GVM versions

As included in Greenbone OS 21.04.3