Sorry if I am asking too much questions, but I don’t get it anymore.
On my last topic, someone gave me advice to use sockets with PHP instead of shell_exec. Okay, I can (try to) use sockets.
When I look to the documentation, they still use the gvm-tools to connect to a socket?
Is there a way to connect to the socket directly (and on which port). Is there any piece of documentation that I am not seeing?
You do not use the GVM-Tools you speak GMP direct via Socket to the manager !
I strongly suggest to understand how permissions, sockets and communication over the network works. If not you on the perfect road to disaster.
I know how sockets and network communication works.
But for sockets you need to connect to a specific port, I don’t see that somewhere documented. Or I am missing something?
And when connected to the socket, I can just use the gmp commands like gmp.start_task(“id”) etc, or does it need anything special?
On unix systems a socket is not necessarily bound to the TCP/IP stack. By default
gvmd provides access to the data via GMP through a unix domain socket.
gvm-tools uses our
python-gvmlibrary internally that provides a Python API on top of GMP. See https://python-gvm.readthedocs.io/ for the documentation.
Please use our last software components and their documentation. You are referring to the GOS 5 manual, but you should use GOS 20.8 manual.
But GMP and PHP are on 2 different servers. Unix domain sockets are usually on the same PC.
So if it’s using unix domain sockets, I can’t acces GMP from another device?
Technically this is possible of course. You can switch
gvmd to listening on a TCP socket and use TLS for the communication.
Don’t take this as an offense but it seems you are trying something technically difficult without much experience in security, unix, python and GVM setup. You really should think about using some of our products. If you don’t get this thing right it will be a security nightmare.
That is completely true. But it is for education purposes, not for production use. I’am still in school and learning things. So buying one of the products doesn’t make much sense
I have a lot of programming experience (but no Python). Also learned yet much about security in school.
It should be possible to control the GreenBone applicance using PHP, right? Or is this even not (securely) possible?
That is kind of the goal of the project:
Control the scanner using an existing PHP application.
Yes it will be possible to control our GVM stack via PHP. You should write something similar as python-gvm for PHP in that case.