2

I am exploring OpenVas tool for a project requirement, openVas is currently managed by Greenbone. I am getting error when I try to use remote scanner using python api.

I did all initial configuration, setup the required gui account etc and was able to scan the required systems manually however when I try to do the same using Python Api its not working. There isn't any example available on internet nor in there manual to verify my code. I have used [https://pypi.org/project/python-gvm/] api.

I wrote simple code but its not working..

from gvm.connections import SSHConnection
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print

connection = SSHConnection(hostname='192.168.1.84',username='alex',password='alex@123')
gmp = Gmp(connection)
gmp.authenticate('admin', 'admin')

# Retrieve current GMP version
version = gmp.get_version()

# Prints the XML in beautiful form
pretty_print(version)

I am getting error-

/usr/bin/python3.7 /home/punshi/PycharmProjects/nessus_api/openvas-greenbone.py
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:39: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  m.add_string(self.Q_C.public_numbers().encode_point())
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:96: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.curve, Q_S_bytes
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:111: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  hm.add_string(self.Q_C.public_numbers().encode_point())
Traceback (most recent call last):
  File "/home/punshi/PycharmProjects/nessus_api/openvas-greenbone.py", line 8, in <module>
    gmp.authenticate('admin', 'admin')
  File "/usr/local/lib/python3.7/dist-packages/gvm/protocols/gmpv7.py", line 211, in authenticate
    response = self._read()
  File "/usr/local/lib/python3.7/dist-packages/gvm/protocols/base.py", line 54, in _read
    return self._connection.read()
  File "/usr/local/lib/python3.7/dist-packages/gvm/connections.py", line 126, in read
    raise GvmError('Remote closed the connection')
gvm.errors.GvmError: Remote closed the connection

Process finished with exit code 1

I have tested SSH connection manually so the problem is either with my code or some other.

Additional Detail-

Ubuntu 16,
Greenbone Security Assistant 7.0.3 (gui)
Open Vas - 9.0.3
4

2 回答 2

5

我有完全相同的问题,我用TLSConnection而不是SSHConnection. 这是您的代码:

import gvm
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print

connection =gvm.connections.TLSConnection(hostname='192.168.1.84')
gmp = Gmp(connection)
gmp.authenticate('admin', 'admin')

# Retrieve current GMP version
version = gmp.get_version()

# Prints the XML in beautiful form
pretty_print(version)
于 2019-05-02T16:29:39.423 回答
2

我正在为项目需求探索 OpenVas 工具,openVas 目前由 Greenbone 管理。

只是一个旁注。OpenVAS 由 Greenbone 开发多年。因此,我们确实将项目重命名为版本 10 的Greenbone Vulnerability Management (GVM)。只有实际的扫描仪组件仍以 OpenVAS 命名。有关更多详细信息,请参阅https://community.greenbone.net/t/is-openvas-manager-and-gvmd-the-same/1777/3

使用 SSHConnection 需要在远程服务器上进行一些额外的设置。使用 TLSConnection 可能更容易,但也需要更改 gvmd/openvasmd 的设置,因为默认情况下它只侦听 unix 套接字。

于 2019-05-16T06:13:43.897 回答