Hi, I’m trying to automate the vulnerability scanner with python-gvm. Unfortunately my reports only contain logs whereas when I scan the same machine with the Greenbone Enterprise Free Trial VM I get much better results with High, Medium, Low criticality. On my machine I’ve installed the GVM from source.
Can you help me find a solution to my problem?
I’m sorry to put the code like this, but I’ve been looking for a solution for several months and I can’t find it.
Here is my code :
def create_report(tname, report_id, gmp, path):
# Get the current datetime
time1 = datetime.datetime.now()
# Format the datetime as a string in the format 'YYYY-MM-DD_HH_MM'
timestamp = time1.strftime('%Y-%m-%d_%H_%M')
# Set the filename of the PDF report to be created
# It will be in the format 'tname-YYYY-MM-DD_HH_MM.pdf'
pdf_filename = path + "/" + tname + "-" + timestamp + ".pdf"
# Set the ID of the report format to be used
pdf_report_format_id = "c402cc3e-b531-11e1-9163-406186ea4fc5"
# Get the report from the Greenbone Management Protocol
# The report is returned as an XML string
response = gmp.get_report(report_id=report_id,
details=True,
report_format_id=pdf_report_format_id)
# Parse the XML string into an ElementTree object
response = ET.fromstring(response)
# Find the 'report' element in the XML
report_element = response.find("report")
# Get the content of the report
# This is the base64 encoded PDF data
content = report_element.find("report_format").tail
# Encode the content as ASCII
binary_base64_encoded_pdf = content.encode('ascii')
# Decode the base64 encoded PDF data
binary_pdf = b64decode(binary_base64_encoded_pdf)
# Set the full path of the PDF file to be created
pdf_path = Path(pdf_filename).expanduser()
# Check if the PDF file already exists
if os.path.isfile(pdf_path):
print("PDF Already Exist")
else:
# Write the decoded PDF data to a file
pdf_path.write_bytes(binary_pdf)
print("PDF: " + pdf_filename + " created")
# Return the filename of the created PDF
return pdf_filename
def openvas_scan(ip_address, path):
# Print a message indicating that the function is starting
print("Starting use of GVM Openvas")
# Establish a connection to the GVM Openvas server
connection = UnixSocketConnection(path="/run/gvmd/gvmd.sock")
# Create a Gmp object and authenticate with the server
with (Gmp(connection=connection) as gmp):
gmp.authenticate("*****", "******")
# Print a message indicating that existing targets, tasks, and reports will be deleted
print("OpenVAS : Deleting existing Targets, Tasks and Reports")
# Get a list of all targets and delete them
targets_xml = gmp.get_targets()
root = ET.fromstring(targets_xml)
target_ids = [target.get('id') for target in root.findall('.//target')]
for target_id in target_ids:
gmp.delete_target(target_id, ultimate=True)
# Get a list of all tasks and delete them
tasks_xml = gmp.get_tasks()
root = ET.fromstring(tasks_xml)
tasks_ids = [task.get('id') for task in root.findall('.//task')]
for task_id in tasks_ids:
gmp.delete_task(task_id, ultimate=True)
# Get a list of all reports and delete them
reports_xml = gmp.get_reports()
root = ET.fromstring(reports_xml)
report_ids = [report.get('id') for report in root.findall('.//report')]
for report_id in report_ids:
gmp.delete_report(report_id)
# Pause execution for 1 second
sleep(1)
# Print a message indicating that a new target will be created
print("OpenVAS : Creating Target")
# Set the name and hosts of the new target
target_name = "Target-" + ip_address
target_hosts = [ip_address]
# Set the ID of the port list to be used
port_list_id = "730ef368-57e2-11e1-a90f-406186ea4fc5"
# Create the new target
target = gmp.create_target(name=target_name, hosts=target_hosts, port_list_id=port_list_id)
print("Target created", target)
# Get a list of all targets and extract their IDs
targets_xml = gmp.get_targets()
root = ET.fromstring(targets_xml)
target_ids = [target.get('id') for target in root.findall('.//target')]
# Print a message indicating that a new task will be created
print("OpenVAS : Creating Task")
# Set the ID of the target and scanner to be used
target_id = target_ids[0]
scanner_id = "08b69003-5fc2-4037-a479-93b440211c73"
# Get a list of all scan configurations
configs_xml = gmp.get_scan_configs()
root = ET.fromstring(configs_xml)
config_ids = [config.get('id') for config in root.findall('.//config')]
config_names = [config.find('name').text for config in root.findall('.//config')]
# Print a list of the available configurations and prompt the user to choose one
print("Choose one of the following configurations: ")
i = 0
for conf_id in config_ids:
print(i, "-", config_names[i], conf_id)
i += 1
config_choice = input("-> ")
config_id = config_ids[int(config_choice)]
# Create the new task
task = gmp.create_task(name="GVM_OpenVAS", config_id=config_id, target_id=target_id, scanner_id=scanner_id)
print("Task created", task)
# Get a list of all tasks and extract their IDs
tasks_xml = gmp.get_tasks()
root = ET.fromstring(tasks_xml)
task_ids = [task.get('id') for task in root.findall('.//task')]
task_id = task_ids[0]
# Start the task
gmp.start_task(task_id)
sys.stdout.write("OpenVAS : Starting Openvas scan")
# Print the status of the task until it is complete
prev_status = ''
while True:
task = gmp.get_task(task_id)
root = ET.fromstring(task)
task_element = root.find(".//task")
if task_element is not None:
status_element = task_element.find("status")
if status_element.text != prev_status:
sys.stdout.write("\rOpenVAS Task Status = " + status_element.text)
sys.stdout.flush()
prev_status = status_element.text
if status_element is not None and status_element.text in ["Done", "Stopped", "Aborted"]:
break
sys.stdout.write("\rOpenVAS : Creating Report")
# Get a list of all reports and extract their IDs
reports_xml = gmp.get_reports()
root = ET.fromstring(reports_xml)
report_ids = [report.get('id') for report in root.findall('.//report')]
# Create a PDF report
create_report("GVM_OpenVAS", report_ids[0], gmp, path)