Unable to access web interface externally

ioannisp · June 28, 2023, 12:21pm

Hi All,

I would like your help as I am trying to access GVM web interface through internet.
It is a fresh GVM installation on a fresh Kali running on AWS.
I already modified /lib/systemd/system/greenbone-security-assistant.service and set
ExecStart=/usr/sbin/gsad --foreground --listen 0.0.0.0 --port 9392 (screenshot 1) but web interface is not accessible (Screenshot 2).
When I am connected with RDP to the server, I am able to connect to web interface, that means that the service is running.
AWS security group is configured to allow all traffic so this should not be an issue too.
Do you have any idea why I cannot connect?

Lukas · June 28, 2023, 1:23pm

That is more a problem of your distribution and AWS configuration then GVM.
Please get back to your OS/AWS Administrator and ask him how to route a IP to your VPC instance.

ioannisp · June 28, 2023, 1:27pm

Thank you Lukas for the reply.

It does not seem as a network/routing issue as I am able to ping external IP and connect to it via RDP.

Lukas · June 28, 2023, 1:30pm

You are walking about RDP, do you run your Kali inside a Windows, or native inside a VPC ?

Then you have a Hypervisor on your Windows Hyper-V running, and this via NAT only accessableto the Windows host

On top you can´t scan with a Kali on WSL, important Kernel-Functions are not available as well.

ioannisp · June 28, 2023, 2:23pm

Kali is running on a linux EC2 natively in VPC. Not in a VM host.
I start RDP and ping from my home computer hitting Kali’s public IP.
I also tried connection from another EC2 in the same VPC hitting Kali’s private IP. RDP and ping are successful but web interface is not. Kali’s security group allows all traffic coming from VPC.

Lukas · June 28, 2023, 2:47pm

And you changed the default AWS firewall to allow that Kali non standard port inbound ?

You need to debug on your Linux machine the situation with tcpdump. There is nothing more anyone here can do with your network setup, that is definitive not a GVM issue.

ioannisp · June 28, 2023, 3:31pm

Tried tcpdump on port 9392 and connection is indeed reaching Kali.

Lukas · June 28, 2023, 5:04pm

And your binding is correct ? Did you checked it with “ss” ?

ioannisp · July 3, 2023, 10:32am

When I provide command “ss | grep 9392”, I get nothing.

Lukas · July 3, 2023, 5:04pm

Sorry but your command is not right, use:

ss -na | grep <port>

To get the listening socket. And please don´t post pictures here, it is complicated to quote

ioannisp · July 17, 2023, 2:32pm

Hi!
Sorry for late reply.
I ran the command and received:
$ ss -na | grep 9392
tcp LISTEN 0 4096 127.0.0.1:9392 0.0.0.0:*
tcp ESTAB 0 0 127.0.0.1:9392 127.0.0.1:59148
tcp ESTAB 0 0 127.0.0.1:59148 127.0.0.1:9392

Lukas · July 17, 2023, 6:54pm

Are you sure this is TLS encrypted ? Did you tried as well http:// without encryption ?

ioannisp · July 18, 2023, 9:26am

Yes, I tried both https and http

cfi · July 18, 2023, 9:59am

I might be wrong but this:

shows that the gsad is only listening on localhost / 127.0.0.1 and thus you won’t be able to access it externally.

I’m not familiar with the the systemd files on Kali but it looks to me that the --listen 0.0.0.0 isn’t applied at all by them.

https://forums.kali.org/ could provide some more help on Kali specific topics like this.

rippledj · July 24, 2023, 1:15am

No, I think you are correct. I am running GBCE on Kali and also mofidy the same service file but I also change to port 443. The output is like:

ss -na | grep 443

tcp LISTEN 0 4096 0.0.0.0:443 0.0.0.0:*

I did a quick test and was quickly and easily able to create a Kali VPS with remote access using Linode. I just did:

sudo apt update -y
sudo apt install gvm
sudo gvm-setup
sudo gvm-check-setup

Next, I changed the contents of /lib/systemd/system/greenbone-security-assistant.service listening IP to 0.0.0.0 and port to 443, and rebooted the VPS. On Kali, after a fresh install, I always have to reboot the machine after installation to get GBCE available on any IP/Port, even if I don’t reconfigure, and starting the services via sudo gvm-stop then sudo gvm-start doesn’t work.

After the reboot, just start GVM via:

sudo gvm-start

So, if you didn’t restart, maybe that works?

ioannisp · July 24, 2023, 8:55am

Hi rippledj,

Thank you for your answer. I have rebooted the system a lot of times and start the service afterwards but did not help.

I noticed a difference of my ss result and yours.
My ss:
tcp LISTEN 0 4096 127.0.0.1:9392 0.0.0.0:*
Your ss:
tcp LISTEN 0 4096 0.0.0.0:443 0.0.0.0:*
My result still have localhost IP while yours have 0.0.0.0. Did you make any other change?

rippledj · July 24, 2023, 2:40pm

No, I didn’t make any other changes. I literally just spun up a Kali Linux server on Linode, updated the repos, installed GVM, ran the setup, checked the setup, modified /lib/systemd/system/greenbone-security-assistant.service with –listen 0.0.0.0 --port 443, rebooted, and accessed the web-interface over https://.

It does look like you have a problem with the installation though since your service is not listening on all IP addresses. You mentioned that you installed RDP, did you make any other changes that could impact this? I suggest working backward to just start with only SSH access to a fresh installation of Kali on a VPS and get that working first.

Also, I see a couple of versions of Kali available on the AWS marketplace. Are you using the official one?

ioannisp · July 25, 2023, 12:15pm

I changed the port to 443.
ExecStart=/usr/sbin/gsad --foreground --listen 0.0.0.0 --port 443

Even when I am connected via RDP to Kali and hit localhost address in the browser, web panel still responds to port 9392.
I rebooted system and completely turned off and on again, the behaviour did not change. It still responds to 9392.

cfi · July 25, 2023, 12:49pm

Are you actually editing the correct and currently used systemd file?

ioannisp · July 25, 2023, 1:53pm

I am editing:
/lib/systemd/system/greenbone-security-assistant.service