Installation issue

[ManuelFFF]

Hi,

I am new to VulnWhisperer and I believe it has great potential. I already deployed ELK stack 6.8.10 and i would like to integrate VulnWhisperer into the same server to import data from OpenVas.

I tried the installation following the steps described in the official documentation, but I ended with some errors and unable to run VulnWhisperer.

Questions:

1. When cloning from GitHub, files are downloaded into "/home/user" by default. Is there any other specific location I should use instead? I don't think I should have running any application from "/home".
2. When I have to edit some configuration files (per the official steps), do I have to modify files within the source folders or somewhere in "/share" or "/opt"?

I will share exactly my steps and the errors I got at the end, hopping you can tell me what I did wrong and help me fix it.

Thank you

Steps I followed:

1. Download source files $ git clone https://github.com/HASecuritySolutions/VulnWhisperer.git

2. Install requirements $ sudo apt-get install zlib1g-dev libxml2-dev libxslt1-dev $ cd VulnWhisperer $ pip install -r requirements.txt $ python setup.py install

3. Fill out the section you want to process in frameworks_example.ini file *Note: Open config file and fill out the section corresponding to vulnerability software you are using

$ sudo nano /home/user1/VulnWhisperer/configs/frameworks_example.ini

[openvas]
enabled = true
hostname = openvas_server
port = 4000
username = vulnwhisperer
password = **********
write_path=/opt/vulnwhisperer/data/openvas/
db_path=/opt/vulnwhisperer/data/database
verbose=true

4. NOT USED (Optional) [JIRA] If using Jira, fill Jira config in the config file mentioned above.
5. [ELK] Modify the IP settings in the Logstash files to accommodate your environment *Note: Need to add a Logstash config file to process logs from a new source (input/output sections)

$ sudo nano /home/user1/VulnWhisperer/resources/elk6/pipeline/3000_openvas.conf *Note: Find ELK host section at the EOF and enter “localhost” (because ELK stack and VulnWhisperer will be running on the same server)

5.1. Copy/Move the Logstash .conf files from /VulnWhisperer/logstash/ to /etc/logstash/conf.d/

$ sudo cp /home/user1/VulnWhisperer/resources/elk6/pipeline/3000_openvas.conf /etc/logstash/conf.d/

5.2. Validate the Logstash.conf files input contains the correct location of VulnWhisper Scans in the input.file.path directory identified below:

input {
  file {
    path => "/opt/VulnWhisperer/data/openvas/*.json"
    type => json
    codec => json
    start_position => "beginning"
    tags => [ "openvas_scan", "openvas" ]
    mode => "read"
    start_position => "beginning"
    file_completed_action => "delete"

  }
}

output {
  if "openvas" in [tags] {
    stdout {
      codec => dots
    }
    elasticsearch {
      hosts => [ "localhost:9200" ]
      index => "logstash-vulnwhisperer-%{+YYYY.MM}"
    }
  }
}

6. [ELK] Import the Kibana visualizations 6.1. Log into Kibana 6.2. Go to Management (left panel last option) 6.3. Go to Saved Objects (under Kibana section to the right) 6.4. Go to Import (top right) 6.5. Import file kibana.json (previously downloaded from Github or ELK server)

7. Run Vulnwhisperer $ vuln_whisperer -c configs/frameworks_example.ini -s openvas

Console output errors:

user1@server1:~/VulnWhisperer$ vuln_whisperer -c configs/frameworks_example.ini -s openvas
Traceback (most recent call last):
  File "/usr/local/bin/vuln_whisperer", line 4, in <module>
    __import__('pkg_resources').run_script('VulnWhisperer==1.8', 'vuln_whisperer')
  File "/home/user1/.local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 661, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/home/user1/.local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 1432, in run_script
    .format(**locals()),
pkg_resources.ResolutionError: Script 'scripts/vuln_whisperer' not found in metadata at '/home/user1/VulnWhisperer/VulnWhisperer.egg-info'
user1@server1:~/VulnWhisperer$ sudo vuln_whisperer -c configs/frameworks_example.ini -s openvas
Traceback (most recent call last):
  File "/usr/local/bin/vuln_whisperer", line 4, in <module>
    __import__('pkg_resources').run_script('VulnWhisperer==1.8', 'vuln_whisperer')
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 666, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1446, in run_script
    exec(code, namespace, namespace)
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/EGG-INFO/scripts/vuln_whisperer", line 6, in <module>
    from vulnwhisp.vulnwhisp import vulnWhisperer
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/vulnwhisp.py", line 6, in <module>
    from frameworks.nessus import NessusAPI
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/frameworks/nessus.py", line 7, in <module>
    import pytz
ImportError: No module named pytz
user1@server1:~/VulnWhisperer$ cd /usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/
user1@server1:/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp$ sudo vuln_whisperer -c configs/frameworks_example.ini -s openvas
Traceback (most recent call last):
  File "/usr/local/bin/vuln_whisperer", line 4, in <module>
    __import__('pkg_resources').run_script('VulnWhisperer==1.8', 'vuln_whisperer')
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 666, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1446, in run_script
    exec(code, namespace, namespace)
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/EGG-INFO/scripts/vuln_whisperer", line 6, in <module>
    from vulnwhisp.vulnwhisp import vulnWhisperer
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/vulnwhisp.py", line 6, in <module>
    from frameworks.nessus import NessusAPI
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp/frameworks/nessus.py", line 7, in <module>
    import pytz
ImportError: No module named pytz
user1@server1:/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/vulnwhisp$ vuln_whisperer -c configs/frameworks_example.ini -s openvas
Traceback (most recent call last):
  File "/usr/local/bin/vuln_whisperer", line 4, in <module>
    __import__('pkg_resources').run_script('VulnWhisperer==1.8', 'vuln_whisperer')
  File "/home/user1/.local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 661, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/home/user1/.local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 1441, in run_script
    exec(code, namespace, namespace)
  File "/usr/local/lib/python2.7/dist-packages/VulnWhisperer-1.8-py2.7.egg/EGG-INFO/scripts/vuln_whisperer", line 6, in <module>
    from vulnwhisp.vulnwhisp import vulnWhisperer
ImportError: No module named vulnwhisp

[ManuelFFF]

Update:

I managed to reduce errors to just the following. Please help

INFO:root:main:Running vulnwhisperer for section openvas INFO:vulnWhispererBase:init:Connected to database at /opt/VulnWhisperer/data/database/report_tracker.db INFO:vulnWhispererOpenVAS:directory_check:Directory already exist for /opt/VulnWhisperer/data/openvas/ - Skipping creation ERROR:vulnWhispererOpenVAS:init:Unable to establish connection with OpenVAS scanner. Reason: 'NoneType' object has no attribute 'text' ERROR:root:main:init() should return None, not 'bool' ERROR: init() should return None, not 'bool'

[ManuelFFF]

Hi,

Any help available?

Thank you

[redy01]

to install it in different location try to use var PYTHONUSERBASE

export PYTHONUSERBASE=/opt/VulnWhisperer
python2 -m pip install --user -r VulnWhisperer/requirements.txt
python2 setup.py install --user

--user is a mandatory option for python to use $PYTHONUSERBASE variable