Hello everyone,
I’ve developed a custom OSPD implementation for Masscan. It’s functioning as expected, and the scan results are correctly displayed in the report within the Greenbone Security Assistant (GSA). However, I’m facing an issue where the discovered hosts are not being saved as assets, even though the “Add results to Asset” option is set to “Yes.” With the OpenVAS Scanner and a remote OpenVAS Scanner Hosts are added to Assets as expected.
Here are some details of my setup:
$ docker compose exec -u gvmd gvmd gvmd --get-scanners
08b69003-5fc2-4037-a479-93b440211c73 OpenVAS /run/ospd/ospd-openvas.sock 0 OpenVAS Default
6acd0832-df90-11e4-b9d5-28d24461215b CVE 0 CVE
eb60a9a8-723f-48ff-be26-1d3b90276879 OSP-Sensor remote-ospd-openvas 9399 remote-ospd-openvas
9221d667-d000-4a6d-929d-49df89f7f37f OSP-Sensor ospd-masscan 9389 Masscan Remote
$ docker compose exec -u gvmd gvmd gvmd --verify-scanner 9221d667-d000-4a6d-929d-49df89f7f37f
Scanner version: 1.3.9.
OSPD version: 21.4.4
Greenbone Security Assistant (GSAD) version: 22.11.0
Greenbone Vulnerability Manager (GVM) version: 23.8.0
Reference Implementation
I’ve closely followed the example provided in the official Greenbone repository: ospd-example-scanner
Here is a section of my code that handles adding results to the ResultList, which is largely based on the example from the repository:
Add the result to the ResultList
result_list = ResultList()
result_list.add_scan_log_to_list(
host=ip_address,
hostname="",
name="Open port",
value=f"Masscan detected open port {port}",
port=f"{port}/tcp",
test_id="",
qod="100",
uri=""
)
if len(result_list):
self.scan_collection.add_result_list(scan_id, result_list)
host_progress = dict()
host_progress[ip_address] = ScanProgress.FINISHED
self.set_scan_progress_batch(scan_id, host_progress=host_progress)
finished_host = list()
finished_host.append(ip_address)
self.sort_host_finished(scan_id, finished_host)
OSPD Logging Output
Here’s a sample from the OSPD logs during a scan:
INFO: (ospd_masscan.wrapper) [5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05] Discovered open port 443/tcp on 192.168.1.1
DEBUG: (ospd.ospd) Calculating scan progress with the following data:
DEBUG: (ospd.ospd) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Current scan progress: 9,
DEBUG: (root) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Current progress:
{'count_alive': 23,
'count_dead': 0,
'count_excluded': 0,
'count_total': 254,
'current_hosts': {'192.168.1.1': <ScanProgress.FINISHED: 100>},
'overall': 9}
DEBUG: (ospd.scan) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Setting the following hosts as dead: []
DEBUG: (ospd.scan) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Setting the following hosts as finished: ['192.168.1.1']
DEBUG: (ospd.scan) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Remove the following hosts from the target list, as they are already finished or are dead: ['192.168.1.1']
DEBUG: (ospd.ospd) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Current scan status: RUNNING,
DEBUG: (root) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Current progress:
{'count_alive': 26,
'count_dead': 228,
'count_excluded': 0,
'count_total': 254,
'current_hosts': {},
'overall': 100}
DEBUG: (ospd.ospd) 5a64e257-9dd3-49ef-8d7e-ff5c4fe7ac05: Check scan process:
Progress 100
Status: FINISHED
Problem Description
Despite the scan results being correctly displayed in the GSA report, the discovered hosts are not being stored as assets. I’ve ensured that the “Add results to Asset” setting is enabled.
Does anyone have suggestions on what might be causing this issue or how to troubleshoot it further?
Thank you in advance for your help!
