Question: How to add scanner?

[frakman1]

I want to add a new scanner (w3af). The GVM documentation points to adding it using the GOS admin menu. Since this is a docker container and not the official VM, it doesn't seem to contain the GOS menu. How do I accomplish this?

How do I access this menu/functionality?

[disarmm]

If you are running our latest version, you can deploy a remote sensor using the instructions found here https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker/wiki/Setup-Remote-scanner

The instructions need to be rewritten to be a little more clear and concise, and we are also working on a reorganization of repos and a gitbook deployment with much better documentation, but it does work with those instructions. let me know if you get stuck and i can help clarify.

[frakman1]

Thank you @disarmm . I am using version tag: securecompliance/gvm:11.0.1-r3 Will that work or do I need to explicitly use latest?

Also, how does calling add-scanner.sh let me add the specific w3af scanner that is selectable from the menu in the screenshot above? The script just adds a generic scanner. Where do all the various selections of type of scanner come into it?

#!/usr/bin/env bash
set -Eeuo pipefail

read -p "Scanner Name: " SCANNER_NAME
read -p "Scanner ID: " SCANNER_ID
read -p "Scanner public key: " SCANNER_KEY

echo "Adding scanner $SCANNER_NAME..."

su -c "gvmd --create-scanner='$SCANNER_NAME' --scanner-type=OpenVAS --scanner-host='/sockets/$SCANNER_ID.sock'" gvm

echo "$SCANNER_KEY\n" >> /data/scanner-ssh-keys/authorized_keys
chown gvm:gvm -R /data/scanner-ssh-keys

[disarmm]

Sorry, i missed the w3af part. We're still working on some things. 11.0.1-r3 supports remote openvas scanners, but we don't have w3af yet.