Techno-Fox
commented
4 years ago would you like me to provide the openvas_scan command as well?
Open Techno-Fox opened 4 years ago
Techno-Fox
commented
4 years ago would you like me to provide the openvas_scan command as well?
bcoles
commented
4 years ago For tracking purposes, here's a couple of recent issues related to the OpenVAS plugin and dependencies:
@busterb not sure how far you got with making OpenVAS changes?
Techno-Fox
commented
4 years ago well I plan on adding a few more commands to make life easier. I also notice that (at least on my system, don't know about any one else) that there at times can be a openvas error while making a request, but connecting again and retrying NORMALY fixes the problem. So I plan on adding automatic reconnect, and other features.
P.S. I see why you all coded it in ruby. The plugin system is amazing
busterb
commented
4 years ago Late followup here:
The underlying problem I found when looking at this earlier @bcoles is that the openvas-omp Ruby gem has not had any updates from the maintainers in 10 years: https://github.com/kost/openvas-omp-ruby . It's basically abandoned as far as I can tell (gentoo appears to be planning to depackage it soon), and it's not a dependency we maintain locally with this project. So we have a few possibilities:
There's another open source project that's had updates in the last 2 years, https://github.com/Cyberwatch/ruby-openvas and I experimented with switching to that, but it is missing most of the features this plugin uses; it only does really basic stuff. To port to it as-is would require moving most of the functionality from this plugin, though maybe only a little is really used.
I see a few options:
If you want to just work on your own, either writing your own fork of the client gem or even embedding the actual client logic straight into the plugin would be one option (removing the gem dependency altogether). Before this plugin was incorporated into the Metasploit tree, it had a standalone version of the OMP library. Maybe we could also switch back to that approach if upstream can't be rescued: https://github.com/kost/metasploit-openvas-bridge
The last option, wrapping the 'omp' command line tool would give you all of the functionality you might want too, and possible future proofing against the OMP network protocol changing again, at the expense of the user needing to have the omp tool installed (likely for most users).
If you want to make a more general community solution, I'd say work with the upstream gem maintainer of your choosing. I suspect the 10 year old one isn't going to spring to life soon, though I'll note that @kost is both the original maintainer of the gem used here, and listed as an author of this plugin. Maybe they would have some advice on the best path forward.
busterb
commented
4 years ago BTW, here's the upstream PR from a few years back for making the fix suggested originally here: https://github.com/kost/openvas-omp-ruby/pull/4
bcoles
commented
4 years ago Presumably issue #12715 related to changing openvas-omp to greenbone-omp would also be resolved by using a different gem.
busterb
commented
4 years ago Maybe, I couldn't find a published greenbone-omp gem or ruby client source anywhere. I think #12715 is implying that someone should make one?
bcoles
commented
4 years ago Maybe, I couldn't find a published greenbone-omp gem or ruby client source anywhere. I think #12715 is implying that someone should make one?
Probably. Poor OpenVAS gets no love.
busterb
commented
4 years ago Submitted a PR above for revendoring this gem in order to make forward progress.
github-actions[bot]
commented
4 years ago Hi!
This issue has been left open with no activity for a while now.
We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
Techno-Fox
commented
4 years ago well. There seems to be an issue. openvas has been replaced with gvmd, I can no longer use openvas in metasploit. I can't install it, because apt gives the following error
apt-get install openvas
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
gvmd : Breaks: openvas-manager but 7.0.3-1 is to be installed
libgvm11 : Conflicts: libopenvas9 but 9.0.3-1+b2 is to be installed
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.Is there a way to use gvmd instead?
busterb
commented
4 years ago You could try the PR above #13944 - it worked with OpenVAS. Unfortunately it seems Kali / Debian / Parrot currently have largely broken openvas in their trees as a result of the greenbone-security-manager transition, so not much we can do there. In addition, it seems Greenbone has deleted features like OMP / GMP from their free offerings too (https://www.greenbone.net/en/community-edition/) so I'm not sure how to even test this anymore, since all of the API access options are either currently broken or restricted.
Techno-Fox
commented
4 years ago Ok. So from my understanding. We can't use OpenVAS in metasploit anymore. Although there is a web interface, we want that console (gotta love the retro feel, and takes up less system resources), and database integration. However, greenbone security transitioned, and that broke a lot of things.
Is there any api to connect using the GMP protocol via ruby?
Techno-Fox
commented
4 years ago I've found some gvm modules for python, but I don't think you can make a plugin in Metasploit using python. I know you can make a metasploit module. Is there any support for python plugins.
friedrico
commented
3 years ago Is an update planned?
Techno-Fox
commented
8 months ago I haven't worked on it in a while. I've lost the old code (was bad anyway). I would actually like to work on this again. As it was a good idea. And I'll see if anything has changed.
Summary
I was working on some modufications of the openvas plugin in the making of creating a commmand openvas_scan that automates creates target, task, scan, and imports data to the database. Now this addon I've created shows the states every ten seconds. Now this is my first real project with ruby (so please forgive me for any misconceptions, and please correct me if I'm wrong). When I do anything with the openvas gem, i.e., connected, target create, task create, et cetra. I get this message /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201: warning: Object#timeout is deprecated, use Timeout.timeout instead. Now I'm not one to be annoyed easy. Years of segmantation faults helps with patience, however, When I try to read the targets, tasks, or anything else. A barage of that deprecation method appears message. I did my research I found that all I need to do was replace this segment in the openvas-omp gem (line 201)
with
Basic example
If the proposal involves a new or changed API, include a basic code example.
To
Motivation
Why are we doing this you ask? Because I like to autmate things. Including when You have to create a new target or task every time. What use cases does it support you ask? When you want to scan automaticly. What is the expected outcome you ask? no deprecation message
Results of change
This
turns into