OpenVAS:OSPD 扫描仪不能用作新任务中的扫描仪
OpenVAS: OSPD scanner can't be used as scanner in new task
了解如何添加 ospd 扫描器后,验证它等...
我虽然最终可以使用它,但通过 UI 将其添加到任务时遇到错误。
在我的例子中,我 运行 在 debian 9 上安装了 OpenVAS 9 并且我试图包含一个 w3af 扫描器,但是我添加的每个 OSP 扫描器都遇到了同样的问题。
我的 pip 冻结:
ospd==1.2.0
ospd-debsecan==1.2b1
ospd-nmap==1.0b1
ospd-w3af==1.0.0
请注意,这里是 w3af 的示例,但 debsecan 扫描器和 nmap 扫描器的问题是相同的。
我的 openvas-check-setup :
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 5.1.1.
OK: redis-server is present in version v=3.2.6.
OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock
OK: redis-server is running and listening on socket: /tmp/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 47727 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /usr/local/var/cache/openvas contains 47727 files for 47727 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 7.0.2.
OK: OpenVAS Manager database found in /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 184.
OK: OpenVAS Manager expects database at revision 184.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 47727 NVTs.
OK: At least one user exists.
OK: OpenVAS SCAP database found in /usr/local/var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in /usr/local/var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration ...
WARNING: Your password policy is empty.
SUGGEST: Edit the /usr/local/etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 7.0.2.
OK: Your OpenVAS certificate infrastructure passed validation.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) ...
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening on a Unix domain socket.
OK: OpenVAS Manager is running and listening on a Unix domain socket.
OK: Greenbone Security Assistant is listening on port 443, which is the default port.
Step 8: Checking nmap installation ...
WARNING: Your version of nmap is not fully supported: 7.40
SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
OK: pdflatex found.
WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.
SUGGEST: Install required LaTeX packages.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
OK: alien found, LSC credential package generation for DEB based targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
要在 openvas 中创建扫描仪,我使用:
openvasmd --create-scanner="w3af" --scanner-host=127.0.0.1 --scanner-port=1235 --scanner-type="OSP" \
--scanner-ca-pub=/usr/local/var/lib/openvas/CA/cacert.pem \
--scanner-key-pub=/usr/local/var/lib/openvas/CA/clientcert.pem \
--scanner-key-priv=/usr/local/var/lib/openvas/private/CA/clientkey.pem
对于运行 ospd-w3af扫描仪,我使用:
~# ospd-w3af -b 127.0.0.1 -p 1235 -k \
/usr/local/var/lib/openvas/private/CA/clientkey.pem -c \
/usr/local/var/lib/openvas/CA/clientcert.pem --ca-file \
/usr/local/var/lib/openvas/CA/cacert.pem -L DEBUG
当我使用 openvasmd --verify-scanner xxxxx 验证扫描仪时,我得到
Scanner version: 2018.8.22.
注意:在扫描仪的日志中,我每次验证时都会得到这个,我不知道它是否相关,我也没有找到解决这个问题的方法:
2018-10-15 14:27:47,413 ospd.ospd: DEBUG: New connection from 127.0.0.1:60078
2018-10-15 14:27:49,430 ospd.ospd: DEBUG: Error: ('The read operation timed out',)
2018-10-15 14:27:49,433 ospd.ospd: DEBUG: 127.0.0.1:60078: Connection closed
所以,我的验证通过了,我想创建一个使用这个扫描仪的任务,但由于错误我无法保存它 "Given scanner_type was invalid" :
https://i.stack.imgur.com/fvIJd.png
此时我与所选扫描仪的连接为 0,而且我在日志中找不到任何内容(也许我无法搜索)。我怀疑 gsad UI 对此负责,但我找不到它。
我不知道该怎么做,如果有人比我更专业(不是很难)可以提供帮助,那就太好了:)
提前致谢。
我通过为 ospd 扫描器创建一个扫描配置解决了这个问题(虽然它不需要一个,因为它导入了它们)
我遇到了另一个关于 ospd-w3af 配置的问题,我无法创建一个,因为它需要安装 ospd 1.0.0,我几天前修改了依赖项,但它不适用于 ospd 1.2.0
现在我面临扫描无法正常启动的问题。它停在 1%
在 Ubuntu 18 的新安装上安装 openvas 9 运行 很痛苦。一旦我通过为 redis-server socks 连接创建文件和 ln -s 克服了所有错误,我的任务就以 1% 的速度完成了。在扫描工作和检查设置工作之后,我的修复是安装 sudo apt install libopenvas-dev。检查设置报告没有扫描仪,但 openvassd 是 运行 并且 openvasmd --verify-scanner (uuid) 显示了扫描仪。
了解如何添加 ospd 扫描器后,验证它等... 我虽然最终可以使用它,但通过 UI 将其添加到任务时遇到错误。
在我的例子中,我 运行 在 debian 9 上安装了 OpenVAS 9 并且我试图包含一个 w3af 扫描器,但是我添加的每个 OSP 扫描器都遇到了同样的问题。
我的 pip 冻结:
ospd==1.2.0
ospd-debsecan==1.2b1
ospd-nmap==1.0b1
ospd-w3af==1.0.0
请注意,这里是 w3af 的示例,但 debsecan 扫描器和 nmap 扫描器的问题是相同的。
我的 openvas-check-setup :
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 5.1.1.
OK: redis-server is present in version v=3.2.6.
OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock
OK: redis-server is running and listening on socket: /tmp/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 47727 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /usr/local/var/cache/openvas contains 47727 files for 47727 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 7.0.2.
OK: OpenVAS Manager database found in /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 184.
OK: OpenVAS Manager expects database at revision 184.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 47727 NVTs.
OK: At least one user exists.
OK: OpenVAS SCAP database found in /usr/local/var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in /usr/local/var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration ...
WARNING: Your password policy is empty.
SUGGEST: Edit the /usr/local/etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 7.0.2.
OK: Your OpenVAS certificate infrastructure passed validation.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) ...
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening on a Unix domain socket.
OK: OpenVAS Manager is running and listening on a Unix domain socket.
OK: Greenbone Security Assistant is listening on port 443, which is the default port.
Step 8: Checking nmap installation ...
WARNING: Your version of nmap is not fully supported: 7.40
SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
OK: pdflatex found.
WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.
SUGGEST: Install required LaTeX packages.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
OK: alien found, LSC credential package generation for DEB based targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
要在 openvas 中创建扫描仪,我使用:
openvasmd --create-scanner="w3af" --scanner-host=127.0.0.1 --scanner-port=1235 --scanner-type="OSP" \
--scanner-ca-pub=/usr/local/var/lib/openvas/CA/cacert.pem \
--scanner-key-pub=/usr/local/var/lib/openvas/CA/clientcert.pem \
--scanner-key-priv=/usr/local/var/lib/openvas/private/CA/clientkey.pem
对于运行 ospd-w3af扫描仪,我使用:
~# ospd-w3af -b 127.0.0.1 -p 1235 -k \
/usr/local/var/lib/openvas/private/CA/clientkey.pem -c \
/usr/local/var/lib/openvas/CA/clientcert.pem --ca-file \
/usr/local/var/lib/openvas/CA/cacert.pem -L DEBUG
当我使用 openvasmd --verify-scanner xxxxx 验证扫描仪时,我得到
Scanner version: 2018.8.22.
注意:在扫描仪的日志中,我每次验证时都会得到这个,我不知道它是否相关,我也没有找到解决这个问题的方法:
2018-10-15 14:27:47,413 ospd.ospd: DEBUG: New connection from 127.0.0.1:60078
2018-10-15 14:27:49,430 ospd.ospd: DEBUG: Error: ('The read operation timed out',)
2018-10-15 14:27:49,433 ospd.ospd: DEBUG: 127.0.0.1:60078: Connection closed
所以,我的验证通过了,我想创建一个使用这个扫描仪的任务,但由于错误我无法保存它 "Given scanner_type was invalid" :
https://i.stack.imgur.com/fvIJd.png
此时我与所选扫描仪的连接为 0,而且我在日志中找不到任何内容(也许我无法搜索)。我怀疑 gsad UI 对此负责,但我找不到它。
我不知道该怎么做,如果有人比我更专业(不是很难)可以提供帮助,那就太好了:)
提前致谢。
我通过为 ospd 扫描器创建一个扫描配置解决了这个问题(虽然它不需要一个,因为它导入了它们)
我遇到了另一个关于 ospd-w3af 配置的问题,我无法创建一个,因为它需要安装 ospd 1.0.0,我几天前修改了依赖项,但它不适用于 ospd 1.2.0
现在我面临扫描无法正常启动的问题。它停在 1%
在 Ubuntu 18 的新安装上安装 openvas 9 运行 很痛苦。一旦我通过为 redis-server socks 连接创建文件和 ln -s 克服了所有错误,我的任务就以 1% 的速度完成了。在扫描工作和检查设置工作之后,我的修复是安装 sudo apt install libopenvas-dev。检查设置报告没有扫描仪,但 openvassd 是 运行 并且 openvasmd --verify-scanner (uuid) 显示了扫描仪。