Open yu210148 opened 3 years ago
A bit more info here; I've tried compiling and installing the 7.80 version of nmap which is the same version as gets installed on Ubuntu 20.04 and it appears to have had no effect. I also tried with the latest 7.91 version. Don't have a solution yet but I'm guessing it might be a path related thing rather than having to do with the version of nmap.
A missing / not accessible / too new / too old nmap isn't the problem here. In that case you would get an additional output from the mentioned VT including the following:
- The "nmap" binary/package is not installed or not accessible by the scanner.
I guess it's one of the two mentioned problems, have you verified both? (e.g. check the "Error messages" tab in the scan task you have seen that result).
Humm, okay, so there's something else going on here as there're no errors reported in the report for the scans done from that instance. What was leading me there was this output in the results:
The Solutions section below where the screenshot cuts off says:
Solution Type: Based on the script output please:
add a Port scanner plugin from the 'Port scanners' family to this scan configuration. Recommended: Nmap (NASL wrapper).
either choose a port range for this target containing less ports or raise the 'scanner_plugins_timeout' scanner preference to a higher timeout.
install the 'nmap' binary/package or make it accessible to the scanner.
It's in the unfiltered results tab rather than in the error tab though.
kev.
The important part is the following:
Based on the script output please:
If nmap is missing the following text would be included in the script output (the description of a NASL can't be changed during run time so this approach had to be chosen) which isn't the case based on your provided screenshot:
if( ! get_kb_item( "Tools/Present/nmap" ) ) {
report += '\n - The "nmap" binary/package is not installed or not accessible by the scanner.';
}
(see 2018/gb_portscanner_missing.nasl
)
Gotcha, Okay, cool.
Given how quickly the scans complete I'm skeptical that the issue is with the timeout setting so that leaves the scan config not including a port scanner. Sure enough, when I cloned a copy of the 'Full and Fast' scan config then took a look at it in the edit screen the 'Port Scanners' line was unchecked (see screenshot below).
So, I checked off the box, then clicked to edit the line and checked off the box for 'NMAP (NASL wrapper).
When I changed the task to use the cloned scan config it appears to be working as expected.
So, now I at least know what's going on. I'm not sure why it's unchecked in the default Full & Fast scan config; more importantly, I'm not sure yet how to change it as that config is read-only. I'll poke around with it a bit more but I wanted to document what I've got so far :+1:
kev.
Interestingly, this doesn't seem to affect GVM version 21 on Debian 10. I did a test install and scan with it earlier today and it worked as expected.
Had the same issue using Kali 2021.2 with GVM 20.8.0, this fix worked well, thanks!
Wow after hours of banging my head against a wall with this problem, I came across your post and it fixed everything perfectly. Seems it was the default Full and Fast scan all along. Thanks Kev!
Great, glad to hear it.
Kev.
On Thu, Oct 14, 2021, 2:33 PM c0y0te @.***> wrote:
Wow after a couple days of banging my head against a wall with this problem, I came across your post and it fixed it perfectly. Seems it was the default Full and Fast scan all along. Thanks Kev!
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/yu210148/gvm_install/issues/26#issuecomment-943616459, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAKFY4K2VGLBXSD6K2F67NTUG4PAVANCNFSM4VNOEF4Q . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
Yahh its works well.
This has been bothering me literally all day, so glad I found this post, I just wish there was a way to make it more visible for more people to find it quicker! I'm on Parrot OS, and working my way through the metasploit unleashed course, didn't want to use the Nexpose vulnerability scanner.
Such a simple and elegant solution to a rather annoying error.
Many thanks [yu210148], and all who helped :-)
Glad you were able to get it going!
Kev.
On Sun, Feb 27, 2022, 9:34 AM tillsoil @.***> wrote:
This has been bothering me literally all day, so glad I found this post, I just wish there was a way to make it more visible for more people to find it quicker! I'm on Parrot OS, and working my way through the metasploit unleashed course, didn't want to use the Nexpose vulnerability scanner.
Such a simple and elegant solution to a rather annoying error.
Many thanks [yu210148], and all who helped :-)
— Reply to this email directly, view it on GitHub https://github.com/yu210148/gvm_install/issues/26#issuecomment-1053573952, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAKFY4MWM5AJETJSYQKQRZLU5IY7BANCNFSM4VNOEF4Q . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you authored the thread.Message ID: @.***>
Once the script finishes and all the feeds are updated on a Debian 10 host when installing version 20 I'm able to create a scan but when it runs the Check for enabled / working Port scanner plugin reports that nmap wasn't found:
Detection Result
The host wasn't scanned due to the following possible reasons:
Seems to work on Ubuntu 20.04 so I'm thinking it either has something to do with the versions of nmap differing. However, I've tried pulling down the latest nmap and compiling it from source with no joy.
It may have something to do with the path on the Debian host. Not sure what yet.
kev.