How to start a scan from the CLI?

I want to start a scan from the command-line with the openvas executable and the --scan-start parameter.
If i understand correctly the --scan-start parameter should be a uuid of an existing task.

But if i try this i get:
“No preferences found for the scan c19cd025-fa66-46c9-bd1f-0d21f3f445c5” in the logfile of openvas, and the scan is not executed (no other errors).

Is this possible and if so how?

GVM versions

gsad: Greenbone Security Assistant 9.0.1
gvmd: Greenbone Vulnerability Manager 9.0.1
openvas-scanner: OpenVAS 7.0.1
gvm-libs: gvm-libs 11.0.1


Operating system: Ubuntu 20.04
Kernel: Linux 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Installation method / source:

Hi Mark1,
this is possible only but is is quite hard, you should add the preferences by hand into redis. The right way to do this is via OSPd Openvas + gvm-cli.
From the console, you can do something like:

gvm-cli --protocol OSP --timeout 120 socket --socketpath=/home/jnicola/install/var/run/ospd/openvas.sock --xml 
"<start_scan scan_id='97079ee9-8917-49da-aa4f-4ef95f757ac1' parallel='20'>
    <vt_single id=''/>
    <vt_single id=''/>
    <vt_single id=''/>

More info about OSP here

1 Like

Thanks for the quick response to my question.

How do i authenticate before running this xml because when i execute this i get:
“Response Error 400. Only commands GET_VERSION and COMMANDS are allowed before AUTHENTICATE”

(I tried adding my username and password to the ~/.config/gvm-tools.conf under the [gmp] section, and adding the --gmp-username and --gmp-password to the command line but this error remains.)

So i could not test your xml, but i was wondering if this will only create the scan which i then can start with the openvas binary or if this xml will also start the scan as the tag “start_scan” suggests?

It seems you are trying to run the command against the gvmd socket. You have to use the ospd-openvas socket. When you start ospd-openvas, you can specify the socket path (or set it in the ospd configuration file).


You are right, that was my mistake.
I have your xml running now, but it starts the scan right away as i already suspected.

Is there no command/xml to setup the scan in redis (with the keys in db16 as i found out), and then start the scan with the openvas binary?

Sorry you should be more precise with your use case. First it seemed you just wanted to start a scan via the openvas scanner application directly. This is solved by @jjnicola answer. You should not put any data into redis manually. Redis is just a data cache for us and is used for some kind of IPC. The data format in redis may change very often and may break with every bugfix release.

For me it seems you want to use the full features of our software stack with tasks, etc. In that case you should take a look at our Greenbone Management Protocol (GMP) provided by gvmd.

1 Like

Well my use case is that i sometimes need to scan through a socks proxy like tor.
If i could start the scan by calling the openvas binary directly (with the --start-scan parameter), then i can use something like torsocks or proxychains to proxify my scan.

This worked with the openvas 9 version where i could change the openvas-scanner service to start the scanner with torsocks or proxychains. This all changed with gvm11 where the scanner service is a wrapper around the openvas binary and as far as i can tell this trick is not longer possible.

Thank you for your patience.