Closed montjoie closed 9 months ago
Hi,
I am sorry but I am not able to reproduce your issue
mkdir -p /tmp/python-gvm-test
cd /tmp/python-gvm-test
python3 -m venv .venv
source .venv/bin/activate
python3 -m pip install python-gvm
pip list
Package Version
------------ -------
bcrypt 4.1.2
cffi 1.16.0
cryptography 42.0.2
defusedxml 0.7.1
lxml 5.1.0
paramiko 3.4.0
pip 23.2
pycparser 2.21
PyNaCl 1.5.0
python-gvm 24.1.0
setuptools 68.1.2
import sys
from gvm.connections import UnixSocketConnection
from gvm.protocols.gmp import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print
connection = UnixSocketConnection(path=sys.argv[1])
transform = EtreeTransform()
with Gmp(connection, transform=transform) as gmp:
# Retrieve GMP version supported by the remote daemon
version = gmp.get_version()
# Prints the XML in beautiful form
pretty_print(version)
python3 main.py /path/to/gvmd.sock
<get_version_response status="200" status_text="OK">
<version>22.5</version>
</get_version_response>
If GMP 22.5 isn't supported the same error message would have been raised. Remote manager daemon uses an unsupported version of GMP. The GMP version was 22.5.
See https://github.com/greenbone/python-gvm/blob/main/gvm/protocols/gmp.py#L95-L101 for the code.
If I understand correctly the code, the error is that the remote is 22.5
The error is, the remote GMP version of gvmd is at 22.5 and your imported python-gvm version doesn't support 22.5.
But the current release of python-gvm (24.1.0) supports GMP 22.5 as my code example shows. Thus I suspect your python environment doesn't contain the latest release of python-gvm.
To print the version of python-gvm in your current environment you can use the following snippet.
python3 -c "import gvm;print(gvm.get_version())"
I got 23.5.1, but I dont understand why, it is a fresh docker and the pip install show: Successfully installed aiohttp-3.9.3 aiosignal-1.3.1 attrs-23.2.0 bcrypt-4.1.2 cffi-1.16.0 cryptography-42.0.2 defusedxml-0.7.1 frozenlist-1.4.1 idna-3.6 lxml-5.1.0 multidict-6.0.5 paramiko-3.4.0 pycparser-2.21 pynacl-1.5.0 python-gvm-24.1.0 slackclient-2.9.4 yarl-1.9.4
I found why, a docker volume was masking the install directory. Sorry
I am with the same error here:
Traceback (most recent call last): File "/usr/lib/python3/dist-packages/gvmtools/script.py", line 87, in main with protocol_class(connection, transform=transform) as protocol: File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 119, in enter self._gmp = self.determine_supported_gmp() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/gvm/protocols/gmp.py", line 111, in determine_supported_gmp raise GvmError( gvm.errors.GvmError: Remote manager daemon uses an unsupported version of GMP. The GMP version was 22.5
My GVM are up-to-date (GVM-23.11.0) and my python-gvm are 24.3.0 Still getting this error :(
Im not using docker BTW
If you have python-gvm >= 23.12.0 installed in the correct Python environment you have support for GMP 22.5
https://github.com/greenbone/python-gvm/releases/tag/v23.12.0 https://github.com/greenbone/python-gvm/pull/1097 https://github.com/greenbone/python-gvm/blob/main/gvm/protocols/gmp.py#L95-L96
Thanks for the reply So how do I see if my python-gvm are installed in the correct python environment?
So, i created the gmp.py file with the code you provided, and tried run the command again, and i got this other error.
Traceback (most recent call last):
File "/usr/bin/gvm-script", line 5, in
I dont think just changing the code will fix the problem, do you have any other solution?
BTW... I updated it for version 24.3.0 latest on, using normal user and root user, both are showing that my python-gvm are 24.3.0
My environment are the following I have Kali Linux running GVM installed on it, not in container, and everything are updated.
PRETTY_NAME="Kali GNU/Linux Rolling" NAME="Kali GNU/Linux" VERSION_ID="2024.1" VERSION="2024.1"
gvm-check-setup 23.11.0 Test completeness and readiness of GVM-23.11.0 Step 1: Checking OpenVAS (Scanner)... OK: OpenVAS Scanner is present in version 22.7.9. OK: Notus Scanner is present in version 22.6.2. OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem. Checking permissions of /var/lib/openvas/gnupg/* OK: _gvm owns all files in /var/lib/openvas/gnupg OK: redis-server is present. OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf OK: _gvm owns all files in /var/lib/openvas/plugins OK: NVT collection in /var/lib/openvas/plugins contains 89001 NVTs. OK: The notus directory /var/lib/notus/products contains 456 NVTs. Checking that the obsolete redis database has been removed OK: No old Redis DB OK: ospd-openvas service is active. OK: ospd-OpenVAS is present in version 22.6.2. Step 2: Checking GVMD Manager ... OK: GVM Manager (gvmd) is present in version 23.3.0. Step 3: Checking Certificates ... OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem. OK: Your GVM certificate infrastructure passed validation. Step 4: Checking data ... OK: SCAP data found in /var/lib/gvm/scap-data. OK: CERT data found in /var/lib/gvm/cert-data. Step 5: Checking Postgresql DB and user ... OK: Postgresql version and default port are OK. gvmd | _gvm | UTF8 | libc | en_US.UTF-8 | en_US.UTF-8 | | | 18151|pg-gvm|10|2200|f|22.6|| OK: At least one user exists. Step 6: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 22.9.1~git. Step 7: Checking if GVM services are up and running ... OK: gvmd service is active. OK: gsad service is active. Step 8: Checking few other requirements... OK: nmap is present. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. OK: xsltproc found. WARNING: Your password policy is empty. SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy. Step 9: Checking greenbone-security-assistant... OK: greenbone-security-assistant is installed
It seems like your GVM-23.11.0 installation is OK.
Requirement already satisfied: gvm-tools==24.3.0 in /home/suporte/.local/lib/python3.11/site-packages (24.3.0) Requirement already satisfied: python-gvm>=23.4.2 in /home/suporte/.local/lib/python3.11/site-packages (from gvm-tools==24.3.0) (24.3.0) Requirement already satisfied: defusedxml>=0.6 in /usr/lib/python3/dist-packages (from python-gvm>=23.4.2->gvm-tools==24.3.0) (0.7.1) Requirement already satisfied: lxml>=4.5.0 in /usr/lib/python3/dist-packages (from python-gvm>=23.4.2->gvm-tools==24.3.0) (5.1.0) Requirement already satisfied: paramiko>=2.7.1 in /usr/lib/python3/dist-packages (from python-gvm>=23.4.2->gvm-tools==24.3.0) (2.12.0) Requirement already satisfied: typing-extensions>=4.9.0 in /usr/lib/python3/dist-packages (from python-gvm>=23.4.2->gvm-tools==24.3.0) (4.10.0)
I have the scan finished and ready to make the report. So, for that, I use a script using a command like the following:
sudo -u _gvm gvm-script --gmp-username user --gmp-password "P@ss" socket --socketpath /var/run/gvmd/gvmd.sock /tmp/gen_report.py 15ce5f51-431f-445a-a4d3-b65dd1d0d61f /tmp/report.xml
This command will generate a XML that later I can use openvasreporting to generate the xlsx
With up to date python-gvm (python_gvm-24.1.0-py3-none-any.whl), I have: An error occurred Remote manager daemon uses an unsupported version of GMP. The GMP version was 22.5 when doing with Gmp(connection=connection, transform=transform) as gmp: gmp.authenticate(username, password)
The running openvas is up to date using the official docker-compose.yml