Hello!
I have the host in my network, which is specially configured to be vulnerable to EthernalBlue (MS17-010). Thereby plugin Microsoft Windows SMB Server Multiple Vulnerabilities-Remote (4013389) should find this issue.
I use last stable versions. gsad 8.0.1. gvmd 8.0.1. openvassd 6.0.1. gvm-libs 10.0.1.
Also i compare results with version 9. https://github.com/mikesplain/openvas-docker
So i scan with full and very deep ultimate
scan config. And my GVM-10 finds only mediocre staff like os detection, ping, hostname (severity = 0). Meanwhile GVM-9 finds MS17-010 with appropriate remote check nvt plugin.
MS17-010 is an example. Scan result differ a lot at all.
There are no any special information in log files. What may i do wrong?
Expected behavior
Find vulnerabilites
Current behavior
Dont find vulnerabilities
Environment
Installation method / source: (packages, source installation)
Build from release tar.gz archives inside Dockerfile from debian:9.5
Btw, i build with postgres backend.
Attach truncated Dockerfile:
FROM debian:9.5
...
RUN mkdir /openvas
## GVM libs
WORKDIR /openvas
RUN wget https://github.com/greenbone/gvm-libs/archive/v10.0.1.tar.gz -O gvm-libs-10.0.1.tar.gz
RUN tar xvf gvm-libs-10.0.1.tar.gz
WORKDIR /openvas/gvm-libs-10.0.1
RUN mkdir build
WORKDIR /openvas/gvm-libs-10.0.1/build
RUN cmake ..
RUN make
RUN make install
## OpenVAS Scanner
#### 1
WORKDIR /openvas
RUN wget https://github.com/greenbone/openvas/archive/v6.0.1.tar.gz -O openvas-6.0.1.tar.gz
RUN tar xvf openvas-6.0.1.tar.gz
WORKDIR /openvas/openvas-6.0.1
RUN mkdir build
WORKDIR /openvas/openvas-6.0.1/build
RUN cmake ..
RUN make
RUN make install
#### 2 update nvt
# RUN greenbone-nvt-sync
#### 3 redis
RUN cp doc/redis_config_examples/redis_3_2.conf /etc/redis/openvas_redis_3_2.conf
## Manager
#### install
WORKDIR /openvas
RUN wget https://github.com/greenbone/gvmd/archive/v8.0.1.tar.gz -O gvmd-8.0.1.tar.gz
RUN tar xvf gvmd-8.0.1.tar.gz
WORKDIR /openvas/gvmd-8.0.1
WORKDIR /openvas/gvmd-8.0.1/build
RUN cmake -DBACKEND=POSTGRESQL ..
RUN make
RUN make install
## GSA
RUN wget https://github.com/greenbone/gsa/archive/v8.0.1.tar.gz -O gsa-8.0.1.tar.gz
RUN tar xvf gsa-8.0.1.tar.gz
WORKDIR /openvas/gsa-8.0.1
RUN mkdir build
WORKDIR /openvas/gsa-8.0.1/build
RUN cmake ..
RUN make
RUN make install
...
# ldconfig because gvmd cant find gvm lib in /usr/local/bin. But folder included in ld.so.conf
RUN ldconfig
# run
ADD ./run.sh /
RUN chmod +x /run.sh
CMD bash /run.sh
And truncated run.sh content:
...
## --------------- ##
## openvas scanner ##
## --------------- ##
# redis
echo "Start Redis."
redis-server /etc/redis/openvas_redis_3_2.conf
echo "Testing redis status..."
X="$(redis-cli -s /tmp/redis.sock ping)"
while [ "${X}" != "PONG" ]; do
echo "Redis not yet ready..."
sleep 1
X="$(redis-cli -s /tmp/redis.sock ping)"
done
echo "Redis ready."
# openvas scanner itself
echo "Start openvassd: Scanner."
openvassd
echo "Testing gvm status..."
sleep 2
X="$(ps aufx | grep openvassd | grep -v 'grep')"
while [ "${#X}" == 0 ]; do
echo "openvassd not yet ready..."
openvassd
sleep 2
X="$(ps aufx | grep openvassd | grep -v 'grep')"
done
echo "openvassd ready."
## ------- ##
## manager ##
## ------- ##
echo "Start postgresql."
/etc/init.d/postgresql start
## init postgresql user
if [[ $DONT_INIT_PSQL_USER_ != "y" ]]; then
echo "Creating postgres user."
sudo -u postgres createuser -DRS root
sudo -u postgres createdb -O root gvmd
sudo -u postgres psql gvmd -c "create role dba with superuser noinherit;"
sudo -u postgres psql gvmd -c "grant dba to root;"
sudo -u postgres psql gvmd -c 'create extension "uuid-ossp";'
fi
echo "Start gvmd."
gvmd -a 0.0.0.0 -d gvmd
echo "Testing gvm status..."
sleep 1
X="$(ps | grep gvmd)"
while [ "${#X}" == 0 ]; do
echo "gvmd not yet ready..."
gvmd -a 0.0.0.0 -d gvmd
sleep 1
X="$(ps | grep gvmd)"
done
echo "gvmd ready."
## init openvas user
if [[ $DONT_INIT_OPENVAS_USER_ != "y" ]]; then
echo "Creating OpenVAS user."
X="$(gvmd --create-user=admin)"
while [ "${#X}" == 0 ]; do
echo "user not created yet..."
sleep 1
X="$(gvmd --create-user=admin)"
done
gvmd --user=admin --new-password=${PASSWD}
echo "OpenVAS user created."
fi
## --- ##
## gsa ##
## --- ##
echo "Start gsad."
gsad --mlisten 127.0.0.1 -m 9390 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0
...
Logfiles
root@c80371f6d3c0:/openvas# cat /usr/local/var/log/gvm/openvassd.log
sd main:MESSAGE:2019-08-27 14h48.20 utc:1453: openvassd 6.0.1 started
sd main:MESSAGE:2019-08-27 15h04.37 utc:10267: Starts a new scan. Target(s) : <ipv6_addr>, <ipv4_addr>, with max_hosts = 20 and max_checks = 4
sd main:MESSAGE:2019-08-27 15h04.37 utc:10466: Testing <ipv6_addr> (Vhosts: <host2>) [10466]
lib misc:MESSAGE:2019-08-27 15h04.37 utc:10471: Failed to find interface lo mentioned in /proc/net/route
lib misc:MESSAGE:2019-08-27 15h04.37 utc:10471: Failed to find interface lo mentioned in /proc/net/route
sd main:MESSAGE:2019-08-27 15h04.38 utc:10573: Testing <ipv4_addr> (Vhosts: <host2>) [10573]
lib misc:MESSAGE:2019-08-27 15h04.49 utc:13609: Failed to find interface lo mentioned in /proc/net/route
lib misc:MESSAGE:2019-08-27 15h04.49 utc:13609: Failed to find interface lo mentioned in /proc/net/route
lib misc:MESSAGE:2019-08-27 15h05.07 utc:15861: Failed to find interface lo mentioned in /proc/net/route
lib misc:MESSAGE:2019-08-27 15h05.07 utc:15861: Failed to find interface lo mentioned in /proc/net/route
sd main:MESSAGE:2019-08-27 15h05.08 utc:10466: Finished testing <ipv6_addr>. Time : 30.50 secs
sd main:MESSAGE:2019-08-27 15h05.50 utc:10573: Finished testing <ipv4_addr>. Time : 72.00 secs
sd main:MESSAGE:2019-08-27 15h05.50 utc:10267: Test complete
sd main:MESSAGE:2019-08-27 15h05.50 utc:10267: Total time to scan all hosts : 75 seconds
GVM versions
- gsa: 8.0.1
- gvm: 8.0.1
- openvas-scanner: 6.0.1
- gvm-libs: 10.0.1