我正在针对项目需求探索OpenVas工具,openVas目前由Greenbone管理。尝试通过python API使用远程扫描程序时出现错误。
我进行了所有初始配置,设置了所需的gui帐户等,并且能够手动扫描所需的系统,但是当我尝试使用Python Api进行相同操作时,它无法正常工作。互联网上也没有任何示例,也没有手册来验证我的代码。 我已经使用了[https://pypi.org/project/python-gvm/] api。
我写了简单的代码,但是没用。
from gvm.connections import SSHConnection
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print
connection = SSHConnection(hostname='192.168.1.84',username='alex',password='alex@123')
gmp = Gmp(connection)
gmp.authenticate('admin', 'admin')
# Retrieve current GMP version
version = gmp.get_version()
# Prints the XML in beautiful form
pretty_print(version)
我遇到错误-
/usr/bin/python3.7 /home/punshi/PycharmProjects/nessus_api/openvas-greenbone.py
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:39: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
m.add_string(self.Q_C.public_numbers().encode_point())
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:96: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
self.curve, Q_S_bytes
/usr/local/lib/python3.7/dist-packages/paramiko/kex_ecdh_nist.py:111: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
hm.add_string(self.Q_C.public_numbers().encode_point())
Traceback (most recent call last):
File "/home/punshi/PycharmProjects/nessus_api/openvas-greenbone.py", line 8, in <module>
gmp.authenticate('admin', 'admin')
File "/usr/local/lib/python3.7/dist-packages/gvm/protocols/gmpv7.py", line 211, in authenticate
response = self._read()
File "/usr/local/lib/python3.7/dist-packages/gvm/protocols/base.py", line 54, in _read
return self._connection.read()
File "/usr/local/lib/python3.7/dist-packages/gvm/connections.py", line 126, in read
raise GvmError('Remote closed the connection')
gvm.errors.GvmError: Remote closed the connection
Process finished with exit code 1
我已经手动测试了SSH连接,所以问题出在我的代码或其他问题上。
其他详细信息-
Ubuntu 16,
Greenbone Security Assistant 7.0.3 (gui)
Open Vas - 9.0.3
答案 0 :(得分:3)
我遇到的问题与我用TLSConnection而不是SSHConnection解决的完全一样。这是您的代码:
import gvm
from gvm.protocols.latest import Gmp
from gvm.transforms import EtreeTransform
from gvm.xml import pretty_print
connection =gvm.connections.TLSConnection(hostname='192.168.1.84')
gmp = Gmp(connection)
gmp.authenticate('admin', 'admin')
# Retrieve current GMP version
version = gmp.get_version()
# Prints the XML in beautiful form
pretty_print(version)
答案 1 :(得分:0)
我正在根据项目需求开发OpenVas工具,openVas目前由Greenbone管理。
请注意。 OpenVAS由Greenbone开发多年,至今。因此,我们确实使用版本10将项目重命名为 Greenbone漏洞管理(GVM)。只有实际的扫描程序组件仍将以OpenVAS命名。有关更多详细信息,请参见https://community.greenbone.net/t/is-openvas-manager-and-gvmd-the-same/1777/3。
使用SSHConnection需要在远程服务器上进行一些附加设置。使用TLSConnection可能会更容易,但由于默认情况下它仅在unix套接字上侦听,因此还需要更改gvmd / openvasmd的设置。