HASecuritySolutions / VulnWhisperer

Create actionable data from your Vulnerability Scans
https://twitter.com/VulnWhisperer
Apache License 2.0
1.36k stars 267 forks source link

OpenVAS/Centos 7 - ERROR: 'NoneType' object has no attribute 'text' #175

Open wmcleod-at-nvt opened 5 years ago

wmcleod-at-nvt commented 5 years ago

When running vulnwhisperer on a fresh install of Centos 7 and OpenVAS, I receive the following error: ERROR:root:main:'NoneType' object has no attribute 'text' ERROR: 'NoneType' object has no attribute 'text'

This affects the OpenVAS module

[centos@vuln-test VulnWhisperer]$ cat configs/openvas.ini [openvas] enabled = true hostname = localhost port = 9443 username = admin password = **** write_path=/opt/VulnWhisperer/data/openvas/ db_path=/opt/VulnWhisperer/data/database verbose=true

[centos@vuln-test VulnWhisperer]$ sudo python bin/vuln_whisperer -c configs/openvas.ini -s openvas -d INFO:root:main:Running vulnwhisperer for section openvas DEBUG:vwConfig:get:Calling get for openvas:enabled DEBUG:vwConfig:get:Calling get for openvas:hostname DEBUG:vwConfig:get:Calling get for openvas:username DEBUG:vwConfig:get:Calling get for openvas:password DEBUG:vwConfig:get:Calling get for openvas:write_path DEBUG:vwConfig:get:Calling get for openvas:db_path DEBUG:vwConfig:getbool:Calling getbool for openvas:verbose INFO:vulnWhispererBase:init:Connected to database at /opt/VulnWhisperer/data/database/report_tracker.db INFO:vulnWhispererOpenVAS:directory_check:Directory already exist for /opt/VulnWhisperer/data/openvas/ - Skipping creation DEBUG:vwConfig:get:Calling get for openvas:port DEBUG:urllib3.connectionpool:_new_conn:Starting new HTTPS connection (1): localhost DEBUG:urllib3.connectionpool:_make_request:https://localhost:9443 "POST /omp HTTP/1.1" 303 214 DEBUG:urllib3.connectionpool:_make_request:https://localhost:9443 "GET /omp?r=1&token=dcedc570-b6b9-4b0f-9830-97b8be9693cd HTTP/1.1" 200 30568 ERROR:root:main:'NoneType' object has no attribute 'text' ERROR: 'NoneType' object has no attribute 'text'

To reproduce:

  1. Fresh installation of Centos 7
  2. Add EPEL repository
  3. Install and configure OpenVAS
  4. git clone https://github.com/HASecuritySolutions/VulnWhisperer.git
  5. cd VulnWhisperer
  6. pip install -r requirements.txt
  7. python setup.py install
  8. configure VulnWhisperer ini file
  9. sudo python bin/vuln_whisperer -c configs/openvas.ini -s openvas -d

    • OS: Centos
    • Version: 7
    • VulnWhisperer Version: 1.8

Error seems to stem from /usr/lib/python2.7/site-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/frameworks/openvas.py - Line 59:

 def login(self):
 56         resp = self.get_token()
 57         if resp.status_code is 200:
 58             xml_response = BeautifulSoup(resp.content, 'lxml')
 59             **self.token = xml_response.find(attrs={'id': 'gsa-token'}).text**

xml_response contain html data but printing xml_response.find(attrs={'id': 'gsa-token'}).text returns 'None'.

I have attached the contents of xml_response xml_response.txt

presianbg commented 5 years ago

Same here. Does not work on:

Thanks to @wmcleod-at-nvt was able to identify that this line:

self.token = xml_response.find(attrs={'id': 'gsa-token'}).text

is failing to extract the session token from the response xml, which is different from the one used in older versions of Openvas/Greenbone:

<html><body><envelope><version>8.0.0</version><vendor_version></vendor_version><token>126510a3-6fcd-4fe2-854d-8e2fcb0cbd7a</token><time>Tue Jun 18 13:57:17 2019 EEST</time><timezone>Europe/Sofia</timezone><login>admin</login><session>1560856337</session><role>Admin</role><severity>nist</severity><i18n>Browser Language</i18n><guest>0</guest><client_address>::1</client_address><backend_operation>1560855437.05</backend_operation><capabilities><help_response status="200" status_text="OK">
<schema content_type="text/xml" extension="xml" format="XML"><command><name>AUTHENTICATE</name><summary>Authenticate with the manager.</summary></command><command><name>COMMANDS</name><summary>Run a list of commands.</summary></command><command><name>CREATE_AGENT</name><summary>Create an agent.</summary></command><command><name>CREATE_ALERT</name><summary>Create an alert.</summary></command><command><name>CREATE_ASSET</name><summary>Create an asset.</summary></command><command><name>CREATE_CONFIG</name><summary>Create a config.</summary></command><command><name>CREATE_CREDENTIAL</name><summary>Create a credential.</summary></command><command><name>CREATE_FILTER</name>....
....

for comparison this is how the old format looks like:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" http-equiv="Content-Type"/><link href="/img/favicon.gif" rel="icon" type="image/gif"/><title>Greenbone Security Assistant</title><link href="/css/gsa-base.css" rel="stylesheet" type="text/css"/><link href="/css/select2.min.css" rel="stylesheet" type="text/css"/><link href="/css/jquery-ui.structure.min.css" rel="stylesheet" type="text/css"/><link href="/css/jquery-ui.theme.min.css" rel="stylesheet" type="text/css"/><link href="/css/gsa-style.css" rel="stylesheet" type="text/css"/><script src="/js/jquery-2.1.4.js" type="text/javascript"></script><script src="/js/jquery-ui.js" type="text/javascript"></script><script src="/js/select2.js" type="text/javascript"></script><script src="/js/i18next-2.3.4.js" type="text/javascript"></script><script src="/js/i18next-xhr-0.5.3.js" type="text/javascript"></script><script src="/js/i18next-languagedetector-0.2.2.js" type="text/javascript"></script><script src="/js/moment.js" type="text/javascript"></script><script src="/js/moment-timezone-with-data.js" type="text/javascript"></script><script src="/js/greenbone-ui.js" type="text/javascript"></script><script src="/js/greenbone.js" type="text/javascript"></script><script src="/js/gsa_polyfill.js" type="text/javascript"></script><script type="text/javascript">
    window.autorefresh_enabled = true;
    </script></head><body><div class="gsa-head"><div id="gb_header"><div class="logo"><a href="/omp?token=b631723c-8a45-461a-829d-5eb2f00567f1" title="Dashboard"><img alt="Greenbone Security Assistant" class="greenbone-icon" src="/img/greenbone.svg"/><img alt="Greenbone Security Assistant" class="greenbone-text" src="/img/gsa.svg"/></a></div><div><div class="logout_panel">Logged in as 
        Admin 
        <b><a href="/omp?cmd=get_my_settings&amp;token=b631723c-8a45-461a-829d-5eb2f00567f1">pyankulov</a></b> |
        ...
        ...

But even if we workaround this issue with hard coding a valid session token like this:

def login(self):
        resp = self.get_token()
        if resp.status_code is 200:
            xml_response = BeautifulSoup(resp.content, 'lxml')
            print xml_response
            #self.token = xml_response.find(attrs={'id': 'gsa-token'}).text
            self.token = "6bcab699-f708-4160-8c98-b818e259e133"

The are new error:

INFO:OpenVAS_API:get_reports:Retreiving OpenVAS report data... ERROR:root:main:'NoneType' object has no attribute 'find' ERROR: 'NoneType' object has no attribute 'find'

qmontal commented 5 years ago

Hi @presianbg,

I guess this must be related to issue #181, that requests VulnWhisperer support for OpenVAS 10. I didn't see in the first comment of this issue the OpenVAS version and didn't know that there had been released a new version (which changed the API responses and thus makes it incompatible with VulnWhisperer), so I just supposed it was a bug within the code that had been already reviewed and didn't manage to reproduce.

We will need to review the responses of the new OpenVAS release and see how we can make it work with VulnWhisperer while maintaining backwards compatibility.

Cheers!

paogior commented 5 years ago

We will need to review the responses of the new OpenVAS release and see how we can make it work with VulnWhisperer while maintaining backwards compatibility.

Will the new release reflect naming change of Openvas to Greenbone Vulnerability Manager?

ManuelFFF commented 4 years ago

Hi,

I am having the same issue, but I don't see a valid response about how to fix it. Please help

INFO:root:main:Running vulnwhisperer for section openvas INFO:vulnWhispererBase:init:Connected to database at /opt/VulnWhisperer/data/database/report_tracker.db INFO:vulnWhispererOpenVAS:directory_check:Directory already exist for /opt/VulnWhisperer/data/openvas/ - Skipping creation ERROR:vulnWhispererOpenVAS:init:Unable to establish connection with OpenVAS scanner. Reason: 'NoneType' object has no attribute 'text' ERROR:root:main:init() should return None, not 'bool' ERROR: init() should return None, not 'bool'

das-subha123 commented 4 years ago

Hello guys, do we have any work arround for this error yet? Vulnwhisperer is such an amazing project and I really want to use it the software that I am building. Please let me know if you have any workaround for this error. I desperately need your help. Thank you so much in advance guys.