How to modify the NVT default timeouts and also disable NVT using gvm-cli

Question - 1 ?

  • Can default NVT timeouts be overriden. For Eg: Generic HTTP Directory Traversal (Web Root) - Active Check NVT: 1.3.6.1.4.1.25623.1.0.106756 has timeout of 1200 seconds. I used gvm-cli to override the default timeout and set the value to 300 as you can see below.

However after my scan is done, I could see all timeouts with 1200 seconds. Why? I configured timeout as 300 seconds.

  • NOTE: I have stopped all containers, deleted redis volume so all NVT will be loaded again into cache, but still did not work.

Question - 2:

  • How to disable a single VT inside a NVT family using gvm-cli.

For Eg:

  • I am trying to disable the checkbox (for ex: for CPE inventory which is enabled)

  • I tried using gvm-cli modify_configs, but it did not work. Here is the command I tried

 gvm-cli --gmp-username admin --gmp-password admin socket --socketpath run/gvmd/gvmd.sock --xml '<modify_config config_id="766ff569-80aa-4a48-9bf4-6d586f288e7a"><preference><nvt oid="1.3.6.1.4.1.25623.1.0.810002"/><name>nvt:1.3.6.1.4.1.25623.1.0.810002</name><value>bm8=</value></preference></modify_config>'

  • where the value bm8== is base64 encoded version of no. I also tried base 64 encoded version of 0 as value still, i could see there is no change.

  • I tried below command, but unfortunately, all the VT’s within Service detection got disabled except the CPE inventory.
gvm-cli --gmp-username admin --gmp-password admin socket --socketpath gvmd/gvmd.sock --xml '<modify_config config_id="766ff569-80aa-4a48-9bf4-6d586f288e7a"><nvt_selection><family>Service detection</family><nvt oid="1.3.6.1.4.1.25623.1.0.810002"/><name>nvt:1.3.6.1.4.1.25623.1.0.810002</name><value>MA==</value></nvt_selection></modify_config>'
  • I though passing single nvt with disable status will actually remove only it. But instead it actually removed rest of the NVT from the family.

Note

My post was hidden strangely due to wrong category selection. Just copying the contents from my previous questions into single one.

Also, I have observed that VT’s are taking longer than default Timeout.

For Eg: The current server time is 08:28, and the NASL script gb_generic_http_web_root_dir_trav.nasl started at 7:57 am, so its like almost 30 Minutes. The default timeout for gb_generic_http_web_root_dir_trav is 1200 seconds. So any idea why is it taking more than 20 min and still no time out occured.

  • However in the GSA, when errors are looked, it says NVT Timed out at 1200 seconds.
ubuntu@ubuntu-dev-vulnscanner-1:~$ date
Fri Dec  6 08:28:14 UTC 2024
ubuntu@ubuntu-dev-vulnscanner-1:~$ ps -eo pid,lstart,cmd | grep "[o]penvas: testing"
 ubuntu@ubuntu-dev-vulnscanner-1:~$ ps -eo pid,lstart,cmd | grep "[o]penvas: testing"
  15591 Fri Dec  6 07:26:14 2024 openvas: openvas: testing XX.YY.ZZ.AA
  17532 Fri Dec  6 07:26:46 2024 openvas: openvas: testing XX.YY.ZZ.AA
  17671 Fri Dec  6 07:26:47 2024 openvas: openvas: testing XX.YY.ZZ.AA
 125056 Fri Dec  6 07:57:29 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 125057 Fri Dec  6 07:57:29 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 125058 Fri Dec  6 07:57:29 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 125857 Fri Dec  6 07:57:37 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 125858 Fri Dec  6 07:57:37 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 125859 Fri Dec  6 07:57:37 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 126017 Fri Dec  6 07:57:39 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 126018 Fri Dec  6 07:57:39 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
 126019 Fri Dec  6 07:57:39 2024 openvas: openvas: testing XX.YY.ZZ.AA (gb_generic_http_web_root_dir_trav.nasl)
ubuntu@ubuntu-dev-vulnscanner-1:~$