The scanner should have been able to log into the remote Linux server via SSH with the credentials provided and perform an internal scan of the target.
Actual behavior
The scan failed with the message "Interrupted at 2 %".
Steps to reproduce
Create a credential in GVM using the user & SSH key option, generated by GVM.
Upload the public key to /home/$user/.ssh/authorized_keys
Configure the target with the SSH credential and create a scan task of the target.
Run the scan, observe the error.
To confirm it's related to authentication, re-create the same target but this time with no credential and run the scan.
Observe it scans to completion with no errors, but with no internal credentialed scan.
The issue also happens if you use a user & password combination.
event task:MESSAGE:2024-08-21 16h44.31 utc:1734: Status of task x.x.x.x (f852374b-fb29-4fec-87c1-7514190ba5ca) has changed to Running
event task:MESSAGE:2024-08-21 16h50.16 utc:1734: Status of task x.x.x.x (f852374b-fb29-4fec-87c1-7514190ba5ca) has changed to Interrupted
UPDATE - It appears that openvas container attempts to access http://openvasd/notus/ubuntu_22.04 but as my scanner is located behind a proxy, it is trying to send this request out via proxy, and the proxy server is returning with an error "504 DNS look up failed", obviously because it is being asked to serve a HTTP request for a single host name only, with no domain. Why is the openvas scanner a. trying to reach "http://openvasd/notus/ubuntu_22.04" via proxy , and only when b. the scan is configured to use a credential??
Updated logs:
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.32 utc:3302: get_redis_ctx: connected to redis:///run/redis/redis.sock/3
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.32 utc:3302: get_redis_ctx: connected to redis:///run/redis/redis.sock/3
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.32 utc:3302: get_redis_ctx: connected to redis:///run/redis/redis.sock/3
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.32 utc:3302: get_redis_ctx: connected to redis:///run/redis/redis.sock/3
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.32 utc:3302: get_redis_ctx: connected to redis:///run/redis/redis.sock/3
greenbone-community-edition-openvas-1 | lib misc:MESSAGE:2024-08-21 19h28.32 utc:3302: Running Notus for REDACTED-IP via openvasd
greenbone-community-edition-openvas-1 | lib misc: DEBUG:2024-08-21 19h28.32 utc:3302: send_request: URL: http://openvasd:80/notus/ubuntu_22.04
greenbone-community-edition-openvas-1 | lib misc: DEBUG:2024-08-21 19h28.33 utc:3302: Server response <!-- IE friendly error message walkround.
greenbone-community-edition-openvas-1 | if error message from server is less than
greenbone-community-edition-openvas-1 | 512 bytes IE v5+ will use its own error
greenbone-community-edition-openvas-1 | message instead of the one returned by
greenbone-community-edition-openvas-1 | server. -->
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 |
greenbone-community-edition-openvas-1 | <!DOCTYPE html><html lang="en"> <head> REDACTED HTML CONTENT OF PROXY SERVER REPORTING THE 504 DNS ERROR </html>
greenbone-community-edition-openvas-1 | lib misc:MESSAGE:2024-08-21 19h28.33 utc:3302: Errror parsing
greenbone-community-edition-openvas-1 | lib misc:MESSAGE:2024-08-21 19h28.33 utc:3302: No es un object
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: SIGSEGV occurred!
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(sighand_segv+0x28) [0x560f2aeac818]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: /lib/x86_64-linux-gnu/libc.so.6(+0x3c050) [0x7f6dbc355050]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: /usr/local/lib/libopenvas_misc.so.23(run_table_driven_lsc+0x674) [0x7f6dbc87e054]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(+0x5eb8) [0x560f2aea4eb8]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(+0x67f1) [0x560f2aea57f1]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(+0x72f0) [0x560f2aea62f0]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: /usr/local/lib/libopenvas_misc.so.23(ipc_exec_as_process+0x8a) [0x7f6dbc87f21a]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(create_ipc_process+0x109) [0x560f2aeac589]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(attack_network+0x967) [0x560f2aea6e87]
greenbone-community-edition-openvas-1 | sd main:WARNING:2024-08-21 19h28.33 utc:3302: openvas: openvas: testing REDACTED-IP(openvas+0x527) [0x560f2aea8f17]
greenbone-community-edition-openvas-1 | sd main: DEBUG:2024-08-21 19h28.33 utc:3293: waitpid() failed. No child processes)
greenbone-community-edition-openvas-1 | libgvm util: DEBUG:2024-08-21 19h28.33 utc:3293: redis_delete_all: deleting all elements from KB #4
greenbone-community-edition-openvas-1 | sd main: DEBUG:2024-08-21 19h28.33 utc:3293: Test complete
greenbone-community-edition-openvas-1 | sd main: DEBUG:2024-08-21 19h28.33 utc:3293: attack_network: free alive detection data
greenbone-community-edition-openvas-1 | sd main: DEBUG:2024-08-21 19h28.33 utc:3293: attack_network: waiting for alive detection thread to be finished...
greenbone-community-edition-openvas-1 | sd main: DEBUG:2024-08-21 19h28.33 utc:3293: attack_network: Finished waiting for alive detection thread.
greenbone-community-edition-openvas-1 | sd main:MESSAGE:2024-08-21 19h28.33 utc:3293: Vulnerability scan e05ff5b9-bd69-4e48-b157-a5899256373b finished in 149 seconds: 1 alive hosts of 1
greenbone-community-edition-openvas-1 | GLib:UNKNOWN:2024-08-21 19h28.33 utc:3293: ../../../glib/gmem.c:169: failed to allocate 11827893825724 bytes
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:35,478: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Host scan finished.
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:35,480: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Host scan got interrupted. Progress: 2, Status: RUNNING
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:35,481: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan interrupted.
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,757: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan process is dead and its progress is 2
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,758: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan interrupted.
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,760: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan process is dead and its progress is 2
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,761: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan interrupted.
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,774: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan process is dead and its progress is 2
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,775: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan interrupted.
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,786: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan process is dead and its progress is 2
greenbone-community-edition-ospd-openvas-1 | OSPD[7] 2024-08-21 19:28:37,786: INFO: (ospd.ospd) e05ff5b9-bd69-4e48-b157-a5899256373b: Scan interrupted.
greenbone-community-edition-gvmd-1 | event task:MESSAGE:2024-08-21 19h28.37 utc:5064: Status of task REDACTED-IP (006e17b9-4e97-48d5-8527-3f4b9beda193) has changed to Interrupted
I have a temporary bodge-style workaround that requires me to manually add openvasd to the $no_proxy environmental variable.
Edit your ~/.docker/config.json file and add the following before building with the GVM Dockerfile:
Expected behavior
The scanner should have been able to log into the remote Linux server via SSH with the credentials provided and perform an internal scan of the target.
Actual behavior
The scan failed with the message "Interrupted at 2 %".
Steps to reproduce
GVM versions
Whatever versions come with https://greenbone.github.io/docs/latest/_static/docker-compose-22.4.yml gsa: (gsad --version)
gvm: (gvmd --version)
openvas-scanner: (openvas --version)
gvm-libs:
Environment
Operating system: Ubuntu 22.04.4 LTS \n \l
Installation method / source: (packages, source installation) Dockerfile https://greenbone.github.io/docs/latest/_static/docker-compose-22.4.yml
Logfiles
UPDATE - It appears that openvas container attempts to access http://openvasd/notus/ubuntu_22.04 but as my scanner is located behind a proxy, it is trying to send this request out via proxy, and the proxy server is returning with an error "504 DNS look up failed", obviously because it is being asked to serve a HTTP request for a single host name only, with no domain. Why is the openvas scanner a. trying to reach "http://openvasd/notus/ubuntu_22.04" via proxy , and only when b. the scan is configured to use a credential??
Updated logs:
I have a temporary bodge-style workaround that requires me to manually add
openvasdto the $no_proxy environmental variable.Edit your
~/.docker/config.jsonfile and add the following before building with the GVM Dockerfile: