AlexSN
July 13, 2023, 9:17am
1
Hi everybody. First post, please be gentle.
We do a get_configs using gvm_cli with the id of a Scan Config and preferences, families and tasks set to true, it returns a xml string that starts with <get_configs_response> as stated in the documentation.
We save that string to a xml file
Then, we try to import it with a python-gvm script (see below).
The script fails with error: <create_config_response status=“400” status_text=“Error in NVT_SELECTORS element.”/>
Any hints of what’s happening?
We use v22.4 in Kali
userpass = ConfigParser()
userpass.read("/home/sensor/.config/gvm-tools.conf")
sconfig = open("../ScansETIC/ETICComplete.xml", 'r')
txt = sconfig.read()
with Gmp(connection=connection) as gmp:
gmp.authenticate(userpass['gmp']['username'],userpass['gmp']['password'])
ret = gmp.import_scan_config(txt)
print(ret)
Sorry about my previous response, I just saw the import_scan_config()
function should accept that <get_configs_response>
XML root tag.
Looks like a bug importing. Maybe you can post the XML string for to understand.
However, there also appears to be a clone_scan_config()
function which may allow you to complete your whole use-case from within python-gvm
?
AlexSN
July 14, 2023, 1:43pm
3
No offense taken, thank you for your time
The XML is quite large as it is a clone of Full & Fast. Let me think how I post that.
I don’t want to clone an existing Scan Config. We have to sites, and I’m preparing a synchronization script so when we change something both sites scan same things.
AlexSN
July 14, 2023, 1:48pm
5
Can’t attach as file (I’m a new user) nor send as text as it is too large… just a minute
AlexSN
July 14, 2023, 1:51pm
6
I should say that I guess it is either a bug with the gvm-cli
export or python-gvm
import.
Can you import other scan-configs that have been exported from gvm-cli
such as the Base scan config? I guess that you can since the python-gvm
import is complaining about a specific XML element. Perhaps one of the VTs metadata, description, etc has some special character that breaks the standard XML protocol formatting.
AlexSN
July 15, 2023, 12:26pm
8
Thanks again.
I’ll do some testing with simpler Scan Configs and update.
The whole XML itself is valid and well-formatted.
Here is the extracted <nvt_selectors>
section from the XML, I guess it would be a problem with the python-gvm
import_scan_config()
function. Maybe it cannot read the whole string?
<nvt_selectors>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.14272</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.104000</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.14259</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.80001</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.10335</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.10796</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.11219</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.100315</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>2</type>
<family_or_nvt>1.3.6.1.4.1.25623.1.0.14274</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>AIX Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Amazon Linux Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Brute force attacks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Buffer overflow</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>CISCO</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>CentOS Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Citrix Xenserver Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Compliance</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Databases</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Debian Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Default Accounts</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Denial of Service</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>F5 Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>FTP</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Fedora Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>FortiOS Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>FreeBSD Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Gain a shell remotely</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Gentoo Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>HP-UX Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Huawei</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Huawei EulerOS Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>IT-Grundschutz</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>IT-Grundschutz-15</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>IT-Grundschutz-deprecated</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>JunOS Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Mac OS X Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Mageia Linux Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Malware</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Mandrake Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Nmap NSE</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Nmap NSE net</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Oracle Linux Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Palo Alto PAN-OS Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Peer-To-Peer File Sharing</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Policy</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Privilege escalation</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Product detection</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>RPC</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Red Hat Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Remote file access</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>SMTP problems</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>SNMP</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>SSL and TLS</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Service detection</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Settings</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Slackware Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Solaris Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>SuSE Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Ubuntu Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Useless services</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>VMware Local Security Checks</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Web Servers</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Web application abuses</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Windows</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>Windows : Microsoft Bulletins</family_or_nvt>
</nvt_selector>
<nvt_selector>
<name>ac601cf5-1a5c-447e-be5f-b66d177f4674</name>
<include>1</include>
<type>1</type>
<family_or_nvt>General</family_or_nvt>
</nvt_selector>
</nvt_selectors>
I don’t know if this will be helpful to you as the OP, but…
So, as for a traceback on this error: Error in NVT_SELECTORS element.
- it looks like that GVMD will return this error when the error code is -3 as seen in the link.
Traceback on that will point to the /gvmd/src/manage_sql_configs.c
=> insert_nvt_selectors()
function. It will return -3
error code when selectors == NULL
or when a selector doesn’t have a type
set. Looking at the XML there is a type set for all items.
The config data is parsed from the XML content from the function parse_config_entity()
to the variable import_nvt_selectors
.
Maybe some problem parsing the nvt_selectors in that code That’s all I can figure out so far. :D.
AlexSN
July 16, 2023, 1:18pm
11
Your time is much appreciated. Thanks!
We have solved it by exporting with gvm-script instead of gvm-cli. Don’t really know what was the difference. It can easily be something on our code.
Regards,
Ă€lex
Glad to hear it’s resolved.