I have installed OpenVAS community using docker container and everything works well.
After trying to fix all the issues for running gvm-scripts with sudo gvn-check-setup -h and following the instructions, the OpenVAS was on https which is good but the GVM_DATA (like Port Lists and Scan Configs) were removed. I have tried every possible workaround I found on the internet to retrieve GVM data but none worked.
I believe the issues come from the following command when I tried to fix the issues for running the gvm-scripts: sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database
Some useful information that may help:
OpenVAS Scanner: 22.4
GMP Version:22.4
gvm-script: 23.4.0
API version: 23.4.2
PostgreSQL Version: 15.4
Any idea on how to retrieve GVM_DATA so as to be able to run scans?
The Docker containers don’t use the gvm-check-setup command. So, I don’t know why you are using it. Looks like you have confused the Kali native install and the Docker containers install.
What I want to achieve finally by leveraging the dockerized version of the OpenVAS Community, is with the use of a script (as I believe is the best option) to create the targets, tasks, run the scans, and finally get the results. So to make the commencement of this process, as a first step, I am trying to run the example script that is on the following link:
For the sake of ease, I am placing a sprintscrean of the script:
However, after running the script, I got the following error:
I think, is better to find a way to overcome the above error and then I can play with the scripts and get the desired results. To overcome the above issue I used gvm-check-setup which it was a wrong direction…
I have also tried the below but again I got errors:
IMHO native packages are way easier!
If you don’t have a dedicated system, then Docker containers are maybe less resource intensive than running a full VM for native package installation. However, I know that native packages for Ubuntu 22.04 are broken and for Ubuntu 23.04 are somewhat improved but still not 100% functional which just leave Kali for easy native installation support. I also find making some persistent changes to the environment are easier for native packages (bare-metal or VM) than Docker.
By replacing it didn’t mean a one to one replacement
gvm-cli and gvm-script do different things and require different arguments. gvm-cli is for running XML based GMP commands directly against gvmd. gvm-script is for executing a Python base GMP script. That said <get_version/> is of course not an existing file containing a Python based GMP script
If you want to run a GMP script from your host you need to do the following:
Run a GMP script using the unix socket at /tmp/gvm/gvmd/gvmd.sock (something like gvm-script --gmp-username admin socket --socketpath /tmp/gvm/gvmd/gvmd.sock /path/to/gmp-script.py)
You can use gvm-script with a docker container you will just need to mount the script your going to in the docke gvm-tools container with -v(voiume), -w (workdir) makes it easier to run the script.
I use --no-deps here to ensure that I do not replace any existing containers. That way my communications with gvmd are immediate and error handling is simpler if the server I am taking to is in a failed state. It does assume that my script is only talking to a gvmd container that is always running.
I am sorry for the late reply and thank you for your suggestions.
I had some issues and I needed to go offline. Now I am back and I will resume the work.
I will try your suggested workaround and let you know if all is good!
I will try to run a script that returns OpenVAS version, targets, and tasks as a simple proof-of-concept.