Greenbone on Kali

Linux Distribution and External Repo Discussion
1

I’m trying to sort out why, when using Greenbone (docker) or in this specific case installed on Kali linux following the official documentation that I get randomly logged out of the web console, either immediately after login or when clicking into a report.

From my web console I get these errors as repeating issues but I’m not able to find any solutions. Anyone else having these issues and found any solutions?

Failed to load resource: the server responded with a status of 404 (Not Found)
gmp?token=2b6fceb2-798a-44a7-9f32-b37e6cb37a00&cmd=get_setting&setting_id=1c981851-8244-466c-92c4-865ffe05e721:1 
        
        
        Failed to load resource: the server responded with a status of 401 (Unauthorized)
gmp?token=2b6fceb2-798a-44a7-9f32-b37e6cb37a00&cmd=get_license:1 
        
        
        Failed to load resource: the server responded with a status of 503 (Service Unavailable)
gmp:1 
        
        
        Failed to load resource: the server responded with a status of 500 (Internal Server Error)
log.js:62  web.login lh
bo.silent.<computed> @ log.js:62
[NEW] Explain Console errors by using Copilot in Edge: click
         
         to explain an error. 
        Learn more
        Don't show again
gmp:1 
        
        
        Failed to load resource: the server responded with a status of 503 (Service Unavailable)
http.js:154 
        
        
        GET https://192.168.1.29/gmp?token=cfd560db-a2d6-4a06-b66f-b46f2dd5ccb6&cmd=get_setting&setting_id=48ae588e-9085-41bc-abcb-3d6389cf7237 500 (Internal Server Error)
(anonymous) @ http.js:154
request @ http.js:112
httpGet @ http.js:45
getSetting @ users.js:135
(anonymous) @ actions.js:65
(anonymous) @ index.js:16
(anonymous) @ filterprovider.js:71
ps @ react-dom.production.min.js:211
kl @ react-dom.production.min.js:257
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Rl @ react-dom.production.min.js:257
(anonymous) @ react-dom.production.min.js:256
D @ scheduler.production.min.js:17
v.port1.onmessage @ scheduler.production.min.js:14
Show 9 more frames
Show less
http.js:154 
        
        
        GET https://192.168.1.29/gmp?token=cfd560db-a2d6-4a06-b66f-b46f2dd5ccb6&cmd=get_settings 500 (Internal Server Error)
(anonymous) @ http.js:154
request @ http.js:112
httpGet @ http.js:45
currentSettings @ users.js:150
(anonymous) @ actions.js:57
(anonymous) @ index.js:16
loadSettings @ container.js:632
componentDidMount @ container.js:145
us @ react-dom.production.min.js:212
jl @ react-dom.production.min.js:255
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
wl @ react-dom.production.min.js:248
Ml @ react-dom.production.min.js:239
(anonymous) @ react-dom.production.min.js:123
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Jo @ react-dom.production.min.js:123
Qo @ react-dom.production.min.js:122
zl @ react-dom.production.min.js:240
notify @ Subscription.js:16
notifyNestedSubs @ Subscription.js:101
a @ Subscription.js:106
u @ redux.js:296
(anonymous) @ index.js:20
dispatch @ redux.js:691
(anonymous) @ actions.js:84
Promise.catch
(anonymous) @ actions.js:82
(anonymous) @ index.js:16
(anonymous) @ filterprovider.js:71
ps @ react-dom.production.min.js:211
kl @ react-dom.production.min.js:257
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Rl @ react-dom.production.min.js:257
(anonymous) @ react-dom.production.min.js:256
D @ scheduler.production.min.js:17
v.port1.onmessage @ scheduler.production.min.js:14
Show 28 more frames
Show less
http.js:154 
        
        
        GET https://192.168.1.29/gmp?token=cfd560db-a2d6-4a06-b66f-b46f2dd5ccb6&cmd=get_setting&setting_id=739ab810-163d-11e3-9af6-406186ea4fc5 500 (Internal Server Error)
(anonymous) @ http.js:154
request @ http.js:112
httpGet @ http.js:45
getSetting @ users.js:135
(anonymous) @ actions.js:65
(anonymous) @ index.js:16
(anonymous) @ filterprovider.js:71
ps @ react-dom.production.min.js:211
kl @ react-dom.production.min.js:257
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Rl @ react-dom.production.min.js:257
(anonymous) @ react-dom.production.min.js:256
D @ scheduler.production.min.js:17
v.port1.onmessage @ scheduler.production.min.js:14
Show 9 more frames
Show less
log.js:62  gmp.commands.users Could not parse saved report composer defaults, setting back to default defaults...
bo.silent.<computed> @ log.js:62
(anonymous) @ users.js:346
Promise.then
getReportComposerDefaults @ users.js:337
(anonymous) @ actions.js:34
(anonymous) @ index.js:16
loadReportComposerDefaults @ alertactions.js:237
componentDidMount @ alertactions.js:79
us @ react-dom.production.min.js:212
jl @ react-dom.production.min.js:255
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
wl @ react-dom.production.min.js:248
Ml @ react-dom.production.min.js:239
(anonymous) @ react-dom.production.min.js:123
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Jo @ react-dom.production.min.js:123
Qo @ react-dom.production.min.js:122
zl @ react-dom.production.min.js:240
notify @ Subscription.js:16
notifyNestedSubs @ Subscription.js:101
a @ Subscription.js:106
u @ redux.js:296
(anonymous) @ index.js:20
dispatch @ redux.js:691
(anonymous) @ actions.js:84
Promise.catch
(anonymous) @ actions.js:82
(anonymous) @ index.js:16
(anonymous) @ filterprovider.js:71
ps @ react-dom.production.min.js:211
kl @ react-dom.production.min.js:257
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Rl @ react-dom.production.min.js:257
(anonymous) @ react-dom.production.min.js:256
D @ scheduler.production.min.js:17
v.port1.onmessage @ scheduler.production.min.js:14
Show 28 more frames
Show less
http.js:154 
        
        
        GET https://192.168.1.29/gmp?token=cfd560db-a2d6-4a06-b66f-b46f2dd5ccb6&cmd=get_report&lean=1&ignore_pagination=1&details=0&filter=levels%3Dhml%20rows%3D100%20min_qod%3D70%20first%3D1%20sort-reverse%3Dseverity&report_id=a7223063-469d-4b20-93f5-e316ea048038 401 (Unauthorized)
(anonymous) @ http.js:154
request @ http.js:112
httpGet @ http.js:45
get @ reports.js:155
(anonymous) @ actions.js:101
(anonymous) @ index.js:16
loadReportWithThreshold @ detailspage.js:789
(anonymous) @ detailspage.js:743
internalLoad @ reload.js:231
componentDidMount @ reload.js:62
us @ react-dom.production.min.js:212
jl @ react-dom.production.min.js:255
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
wl @ react-dom.production.min.js:248
Ml @ react-dom.production.min.js:239
(anonymous) @ react-dom.production.min.js:123
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Jo @ react-dom.production.min.js:123
Qo @ react-dom.production.min.js:122
zl @ react-dom.production.min.js:240
notify @ Subscription.js:16
notifyNestedSubs @ Subscription.js:101
a @ Subscription.js:106
u @ redux.js:296
(anonymous) @ index.js:20
dispatch @ redux.js:691
(anonymous) @ actions.js:84
Promise.catch
(anonymous) @ actions.js:82
(anonymous) @ index.js:16
(anonymous) @ filterprovider.js:71
ps @ react-dom.production.min.js:211
kl @ react-dom.production.min.js:257
t.unstable_runWithPriority @ scheduler.production.min.js:19
Go @ react-dom.production.min.js:122
Rl @ react-dom.production.min.js:257
(anonymous) @ react-dom.production.min.js:256
D @ scheduler.production.min.js:17
v.port1.onmessage @ scheduler.production.min.js:14
Show 28 more frames
Show less
log.js:62  gmp.commands.users Could not parse saved report composer defaults, setting back to default defaults...

To answer a few questions.

  1. Yes I’ve read over the troubleshooting document, this isn’t listed.
  2. Yes all feeds are up to date, and are not syncing at the moment.
  3. This system is on my local LAN and there is no proxy between me and the web console.
    3a. This issue also occurs on the https://localhost of the Kali system, so it’s not a network issue.
2

Hmm that is strange, if you run it in a docker and you access localhost, do you have a proxy involved between your host and the docker ?

It looks like your virtual network and your proxy might be an issue. For Kali packages please contact the Kali Maintainer at the Kali Bugtracker, there is nothing Greenbone can do here …

3

Dustin, since you mentioned before, that you are want to use Greenbone for vulnerability scanning and are not directly interested in developing the platform, I strongly suggest using the Greenbone Basic Free Trial, I’m using it for testing vulnerability detection now and the difference between using the Enterprise version of Greenbone and the Community Edition(s) is night and day. I’m not trying to be a sales pitch here, but just trying to use common sense. :slight_smile:

When I’m interested in getting scanning done efficiently, I want to use the Enterprise VMs.

4

Lukas, in both Docker installation and the Kali deploy there is no Proxy between me and the server. It’s a direct connection to the hosted web page, this behavior happens to both.

As for contacting the package maintainers, I followed the documented steps verbatim on this website for installing on both Docker and Kali and both perform the same.

The Docker image is managed by Greenbone, the Kali package process is documented on your website as the “official process”.

rippledj, I get it, people need to eat and put food on the table.

If you’re unwilling to help that is fine, but please stop trying to push me and anyone else into paying for an opensource product.

If Greenbone wants to close their software off to the world, change the base code and write it from scratch. The onus isn’t on me to pay for something when asking the community (this forum) if they’ve encountered a similar issue and what they may have done to address it.

6

How do you access via Docker ? Are you sure you deployed it exactly like documented ? Did you use a browser without any extensions ?

Plain Firefox for example ?

It still sounds like you are loosing the session every time.

How can you access to localhost without a internal network and a proxy on the docker scenario ?

7

I’d reckon @Lukas is on the right track with his question -

I took a look at a problem that sounds similar to the issues you are describing - UI authentication problems (Cookie missing or bad) - #10 by ndejong

The thing to note is this -

A hint for us came when we noticed different source (internal) ip-addresses logged when users authenticated - it appears the gsad session is bound with the observed client IP address and when you have a load-balancer in front of gsad the internal client-address that connects can change which in turn then invalidates the auth session token.

Which boils down to - if the apparent client source address that Greenbone observes changes between subsequent requests then the auth-session is invalidated and thus logged out - the fix is to make sure the apparent client source address is consistent which can be achieved by setting the X-Real-IP http-header

How you’d implement this is really up to you and your environment

8

But DustinB is sure not using a Proxy nor LoadBlancer, etc … :wink: But I don’t believe that.

9

I have a single Virtual Machine running on the same LAN as my workstation. I have a Docker VM which I’ve powered off and am using a Kali VM which is running Greenbone which is a separate VM.

I’m accessing the IP address of the Kali VM directly from my workstation “https://ipaddress” and am able to login from Edge/Firefox/Chrome with no plugins without issue.

I don’t have a load balancer or proxy between my workstation and the VM. This is all operating within my LAN.

Why is everyone assuming I’ve setup a Proxy or Load Balancer for a single VM running on my local LAN? Those are some crazy assumptions to have made, and it’s even more wild that you’re assuming I don’t know how my LAN is configured.

10

That´s simple you giving us very little information to help you. Can you install a ngrep within the VM/Container an just access with plain HTTP session to ensure that the session is not got lost ?

Additional any web and GVMD related logs would help. You are loosing a session and that is a fact and to be able to help you the community needs to figure out why :wink:

Did you tried it with a “Free Trail” like rippledj suggested, does it work with that VM ?