golismero / openvas_lib Goto Github PK

HI Dear:
how to get the target id ?

Hello people. I don't know if this library is still maintaining but I hope somebody can help me. I can start a scan without any problem with launch_scan function. I observed via openvas web panel that scan is finished. But when I try to get scan results with get_results function, I get Expected string, got <type 'NoneType'> instead error. Does anyone have any idea?

e53f81b#diff-6fe303a22197e4810951633f15c7bfc9

get_results expects self.__task_report_id to be set, but that doesnt happen unless you launch a scan (launch_scan)

When I try and run the example code I get this error:

Traceback (most recent call last):
  File "test.py", line 36, in <module>
    my_launch_scanner()
  File "test.py", line 26, in my_launch_scanner
    callback_progress=my_print_status)
  File "/usr/local/lib/python3.4/dist-packages/openvas_lib/__init__.py", line 613, in launch_scan
    "Unknown error while try to start the task '%s'. Error: %s" % (m_task_id, e.message))
openvas_lib.VulnscanScanError: Unknown error while try to start the task '13662e1a-ae21-409b-854a-361f571ddf8e'. Error: Can't receive info from the server: The read operation timed out

Im using python3 and

Package: openvas
Status: install ok installed
Priority: optional
Section: metapackages
Installed-Size: 26
Maintainer: Mohammad Razavi <[email protected]>
Architecture: amd64
Source: openvas-manager
Version: 6.0.9-1

Here is my code:

# -*- coding: utf-8 -*-

from __future__ import print_function

from functools import partial
from threading import Semaphore

from openvas_lib import VulnscanManager, VulnscanException


def my_print_status(i):
    print(str(i))


def my_launch_scanner():
    sem = Semaphore(0)

    # Configure
    manager = VulnscanManager("localhost", "admin", "admin")

    # Launch
    manager.launch_scan("10.132.0.4",
                        profile="empty",
                        callback_end=partial(lambda x: x.release(), sem),
                        callback_progress=my_print_status)

    # Wait
    sem.acquire()

    # Finished scan
    print("finished")


if __name__ == '__main__':
    my_launch_scanner()

Any assistance will be appreciated.

openvas_results = scanner.get_report_id(scan_id)
print openvas_results

Returns

TypeError: Expected str or file, got '<type 'Element'>' instead

Why??????

while trying to run example code got exception

from openvas_lib import VulnscanManager, VulnscanException

try:
    scanner = VulnscanManager(HOST, USER, PASSWORD, PORT, TIMEOUT)
except VulnscanException as e:
    print("Error:")
    print(e)

Traceback (most recent call last):
File "vas_poc.py", line 35, in
my_launch_scanner()
File "vas_poc.py", line 19, in my_launch_scanner
manager = VulnscanManager("localhost", "admin", "admin",4433)
File "/usr/lib/python2.7/site-packages/openvas_lib/init.py", line 497, in init
self.__manager = get_connector(host, user, password, port, m_time_out, ssl_verify)
File "/usr/lib/python2.7/site-packages/openvas_lib/common.py", line 73, in get_connector
manager = ConnectionManager(host, username, password, port, timeout, ssl_verify)
File "/usr/lib/python2.7/site-packages/openvas_lib/common.py", line 149, in init
self._connect()
File "/usr/lib/python2.7/site-packages/openvas_lib/common.py", line 200, in _connect
self._authenticate(self.__username, self.__password)
File "/usr/lib/python2.7/site-packages/openvas_lib/common.py", line 228, in _authenticate
self.make_xml_request(m_request)
File "/usr/lib/python2.7/site-packages/openvas_lib/common.py", line 378, in make_xml_request
raise ValueError('Missing status property in response')
ValueError: Missing status property in response

Using this link, I installed openvas9 in Ubuntu 16.04. To load up the web interface and start testing in web-client, I used following URL with port number 4000 https://localhost:4000. And right now I am trying to use openvas_lib API to do an independent scan.

ISSUE: But this library, by default, is using Port number 9390, I am not able to connect to the server. Even i tried by changing port number in init.py and common.py

CODE:
from openvas_lib import VulnscanManager, VulnscanException
try:
scanner = VulnscanManager("localhost", "admin", "admin")
except VulnscanException as e:
print("Error:")
print(e)

ERROR:
Error while connecting to the server: [Errno 111] Connection refused

i use openvas 9, python2.7, docker: image: mikesplain/openvas:9 ports: 9390/tcp, 0.0.0.0:4443->443/tcp
openvas_lib
my code:
manager = VulnscanManager("172.30.207.96", "admin", "admin")

File "build\bdist.wn32\egg\openvas_lib_init_.py",line 543, in init
openvas_lib.VulnscanServerError:Error while connecting to the server:[Errno 10061]

Well, sir , sorry to bother you again, but maybe I got a bug here.

When I use the demo file:
https://github.com/golismero/openvas_lib/blob/master/example_check_connection.py

I can't get my scan report at last, in fact I had seen scan result on the web, actually the target had been listed some vulnerabilities by openvas(web).
Then it gave me this error infomation:
must be string or buffer, not None

I checked it, and I found something at function write_report:
report = manager.get_report_html(report_id)

The value report here is not str type , instead it's an element type, so when the script went to:
report.find("report").text

Now it gets error , I think 'element' type may not have "find" attribute?
As a result , I can't solve this issue.
I had changed some targets , unfortunately I got the same error.

Dear sir, could you give a solution for it, looking forward to your kind reply!
Thank you!!!

You use ssl.PROTOCOL_TLSv1 when opening the socket. That's not a good idea, especially when connecting to a server that's only supporting TLS v1.1 and 1.2 (as the current Greenbone Appliance does)

https://github.com/golismero/openvas_lib/search?utf8=%E2%9C%93&q=ssl.PROTOCOL_TLSv1&type=Code

You should use ssl.PROTOCOL_SSLv23
Selects the highest protocol version that both the client and server support. Despite the name, this option can select “TLS” protocols as well as “SSL”.
https://docs.python.org/2/library/ssl.html

Hi,

I'm trying to launch a scan and getting below error.

>>> from openvas_lib import VulnscanManager, VulnscanException
>>> scanner = VulnscanManager("192.168.0.14", "admin", "admin")
>>> scan_id, target_id = scanner.launch_scan(target='192.168.0.14', profile='Full and fast')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "openvas_lib/__init__.py", line 657, in launch_scan
    comment=comment)
  File "openvas_lib/ompv7.py", line 715, in create_task
    return self._manager.make_xml_request(request, xml_result=True).get("id")
  File "openvas_lib/common.py", line 389, in make_xml_request
    response.get('status_text')))
openvas_lib.common.ClientError: [400] create_task_response: Bogus element: preference

Thanks.

Hello
I installed Openvas9 and use Python2.7. This is my code:

from openvas_lib import VulnscanManager, VulnscanException
try:
    scanner = VulnscanManager("127.0.0.1", "admin", "admin")
except VulnscanException as e:
    print(e)

When I run my code, I get this Error:

Error while connecting to the server: [Errno 111] Connection refused

What is the problem?

openvas文档

应该改成
"""<schedule id="%s"/>""" % (schedule)

I run a scan on Openvas and it shows 38 results. But when I trying to get results via openvas_lib, it shows me empty list.

This is the codes:

>>> from openvas_lib import VulnscanManager
>>> scanner = VulnscanManager("back_openvas", "admin", "admin")
>>> scanner.get_results("e442ce2a-6bc5-4a13-b82c-d631694bdab6")
[]
>>> scanner.get_scan_status("e442ce2a-6bc5-4a13-b82c-d631694bdab6")
'Done'

This is the scan result on Openvas:

I use this code to export a XML, it's straight from the examples.
I believe some Openvas update changed the XML layout and broke the XML parser.

#!/usr/bin/env python

from __future__ import print_function

from openvas_lib import VulnscanManager, VulnscanException
from threading import Semaphore
from functools import partial
from xml.etree import ElementTree
import base64
import datetime
import os
import sys, re
import subprocess
import time
import random


def my_print_status(i):
    print(str(i)),
    sys.stdout.flush()


def write_report(manager, report_id, ip):
    result_dir = os.path.dirname(os.path.abspath(__file__)) + "/results"
    try:
        report = manager.get_report_xml(report_id)
    except Exception as e:
        print(e)
        return
    else:
        fout = open(result_dir + "/xml/" + ip + ".xml", "wb")
        fout.write(ElementTree.tostring(report, encoding='utf-8', method='xml'))
        fout.close()


def run(manager, ip):
    Sem = Semaphore(0)
    scan_id, target_id = manager.launch_scan(
        target=ip,
        profile="Full and fast",
        callback_end=partial(lambda x: x.release(), Sem),
        callback_progress=my_print_status
    )
    Sem.acquire()
    report_id = manager.get_report_id(scan_id)
    write_report(manager, report_id, ip)
    manager.delete_scan(scan_id)
    manager.delete_target(target_id)


if __name__ == '__main__':
    try:
        openvas_ip = sys.argv[1]
        admin_name = sys.argv[2]
        admin_password = sys.argv[3]
        ip = sys.argv[4]
        manager = VulnscanManager(openvas_ip, admin_name, admin_password)
        run(manager, ip)
    except Exception as e:
        print(e)

I tried to read the newly created XML and the task XML downloaded from Openvas with:

#!/usr/bin/python
from openvas_lib import report_parser
import os

results = report_parser(os.path.dirname(os.path.abspath(__file__)) + "/results/xml/"+"192.168.1.223.xml")
print(results)

The result:

Traceback (most recent call last):
  File "./test3.py", line 6, in <module>
    results = report_parser(os.path.dirname(os.path.abspath(__file__)) + "/results/xml/"+"192.168.1.223.xml")
  File "/home/user/.local/lib/python2.7/site-packages/openvas_lib/__init__.py", line 139, in report_parser
    raise ValueError("XML format is not valid, doesn't contains id attribute.")
ValueError: XML format is not valid, doesn't contains id attribute.

That was the result in both cases
I tried this on a Kali (installed from repo) and a Debian(compiled from source) VM.

EDIT: After checking the generated XML seems wrong, it starts like this:

<get_reports_response status="200" status_text="OK"><report content_type="text/xml" extension="xml" format_id="a994b278-1f62-11e1-96ac-406186ea4fc5" id="04198b90-7815-49da-b593-6452a3405b03" type="scan"><owner><name/></owner><name>2016-07-28T00:30:43Z</name><comment/><creation_time>2016-07-28T00:30:43Z</creation_time><modification_time>2016-07-28T00:33:15Z</modification_time><writable>0</writable>

So the XML output is maybe not working as well.

Python 3.7.2 (default, Jan 10 2019, 23:51:51)
[GCC 8.2.1 20181127] on linux
Type "help", "copyright", "credits" or "license" for more information.

from openvas_lib import VulnscanManager
Traceback (most recent call last):
File "", line 1, in
File "/home/oguzbey/Desktop/virtualEnviroments/openvasEnv/lib/python3.7/site-packages/openvas_lib/init.py", line 373
elif l_tag == "severity":
^
TabError: inconsistent use of tabs and spaces in indentation

Well, at first, I installed this project, but I get an error .
This is because I set tab as four space, and I got an error at :

 **File "/usr/local/lib/python2.7/dist-packages/openvas_lib/ompv4.py", line 154
    request = """<create_target>**

Then I used, here is four space :
**sed 's/\t/ /g' openvas_lib/ompv4.py >/usr/local/lib/python2.7/dist-packages/openvas_lib/ompv4.py**

But I also got an error:

class OMPv4(OMP): NameError: name 'OMP' is not defined

So I was very confused about it.
Here is my code:

    **try:
        scanner = VulnscanManager('192.168.1.1', 'admin', '123')
        scan_id, target_id = scanner.launch_scan(target = myurl, profile = "Full and fast")
        openvas_results = scanner.get_results(scan_id)
        scanner.delete_scan(scan_id)
        scanner.delete_target(target_id)

        print openvas_results
    except VulnscanException as e:
        print "[x]Openvas Error:"+str(e)
    pass**

Maybe no error at here, right?

I hope author or someone can help me with this issue , thanks !!!

It is not possible to launch a scan using a existing target list.

Hello golismero team,
I'm creating a network security tool by using your lib, but when i'm connect to the server i got the error :
"Invalid OpenVAS version in remote server".
I'm installed OpenVAS 7, in ubuntu 14.04
Thanks you so much :D

I want to run openvas code,but prompt this error:
status = response.get('status', None) AttributeError: 'ElementTree' object has no attribute 'get'

This is my code:
manager = VulnscanManager("127.0.0.1", "admin", "admin", port=4000) print(manager)

Does anyone know this problem? Please tell me,Thanks!

Hello,
I have noticed an issue when creating a task with a schedule ID, when no schedule is passed in the XML.
I run:
scanner._VulnscanManager__manager.create_task(name="scheduled_task",
target="48535fab-92f1-4778-bf2d-ac04a43e698b",
config="daba56c8-73ec-11df-a475-002264764cea",
schedule="2d012ecf-913d-4436-b37c-00470c56a121",
max_hosts=5,
max_checks=4,
comment="a very detailed comment")

I checked the .get_tasks_detail response and I saw that response ID is always "" no matter what i put in "schedule=", config, target id and the rest parameters are passed normally.

• I checked with .get_schedules() and the schedule ID exists.
• I am using version 1.1.8.

Thanks.

pip install openvas-lib getting below error

Collecting openvas-lib
  Using cached openvas_lib-1.1.8.tar.gz (30 kB)
ERROR: Requested openvas-lib from https://files.pythonhosted.org/packages/9a/f1/b169dfb62493b8dd2055858a300dcdf2564fd41901ffa02236b7a323114b/openvas_lib-1.1.8.tar.gz#sha256=8b2d4c3151b7b358535a0bdd5548eca8b73661178c136f61334da36171e30fd7 has different version in metadata: '1.1.4'

Environment:

pip 20.3 from /app/envs/lib/python3.6/site-packages/pip (python 3.6)

While getting result using get_results below error encounter.

Traceback (most recent call last):
File "openvas.py", line 11, in
openvas_results = scanner.get_results(SCAN_ID)
File "C:\Python27\lib\site-packages\openvas_lib_init_.py", line 728, in get_results
m_response = self.__manager.get_report_xml(self.__task_report_id)
File "C:\Python27\lib\site-packages\openvas_lib\ompv4.py", line 589, in get_report_xml
raise TypeError("Expected string, got %r instead" % type(report_id))
TypeError: Expected string, got <type 'NoneType'> instead

The following list shows which properties are emtpy (!) and which are not (+).
I looked at the codes and see that the properties are never assigned.

Will be there any update for that soon ?

! impact
! summary
! vulnerability_insight
! affected_software
! solution
+ id
+ host
+ port
    + proto 
    + number 
    + port_name
+ subnet
+ nvt
    + oid
    + name
    + cvss_base_vector
    + cvss_base
    + risk_factor
    ! summary
    ! description
    + family
    + category
    + cve
    + bid
    + bugtraq
    + xrefs
    ! fingerprints
    + tags >> DATA BURDA
    + risk_levels
+ threat
+ raw_description
+ notes
+ severity
+ overrides
+ risk_levels

Hi,

My name is Arjun. I used openvas-lib in my python application to perform authenticated scan using LSC. I was not able to find any document or any link refers explaining me that this can be achievable. Request to help me with some examples of the same.
Please help asap. Thanks in Advance.
Arjun

Hi,

My name is Prashant. I used openvas-lib in my python application to perform authenticated scan using python 3.7 although the library is not ported to 3.x. Is there any other way to perform scaning in python 3.x. Request to help me with some examples of the same.
Please help asap. Thanks in Advance.
Prashant

Hi,

Why did get_report_pdf() dissappeared from ompv4.py to ompv7.py ?
Can't be done anymore?
How could I download the pdf now?

Thanks in advance,

Hi,
I used this library in my code for scan targets. Does it have any functions to stop a scan with target id?
If not, How can I do it? What's your suggestion for stop a scan?

thanks.