Search code examples
securitycentosport-scanningnessusopenvas

OpenVAS: CLI Vulnerability Scanning [CentOS]

I have been trying to figure out how I can execute tasks from the command line with OpenVAS (without any interactions with their web gui)

I've tried running this command:

omp --port=9392 --host=<IP> --username=admin --password=admin --xml "<get_results/>"

And it just stalls there, appearing to do nothing. No output, nothing.

After looking around, apparently omp is deprecated and people have said to switch to gvm-cli found here.

After switching to gvm-cli, I ran the following command, and got this error..

gvm-cli socket --gmp-username admin --gmp-password admin --xml "<get_results/>"

Traceback (most recent call last):
  File "/home/phillip/py37/bin/gvm-cli", line 10, in <module>
    sys.exit(main())
  File "/home/phillip/py37/lib/python3.7/site-packages/gvmtools/cli.py", line 92, in main
    gvm.authenticate(args.gmp_username, args.gmp_password)
  File "/home/phillip/py37/lib/python3.7/site-packages/gvm/protocols/gmpv7.py", line 210, in authenticate
    self._send(cmd.to_string())
  File "/home/phillip/py37/lib/python3.7/site-packages/gvm/protocols/base.py", line 62, in _send
    self.connect()
  File "/home/phillip/py37/lib/python3.7/site-packages/gvm/protocols/base.py", line 98, in connect
    self._connection.connect()
  File "/home/phillip/py37/lib/python3.7/site-packages/gvm/connections.py", line 310, in connect
    self._socket.connect(self.path)
FileNotFoundError: [Errno 2] No such file or directory

I'm not sure what else to do. Could someone steer me in the right direction with this?

What I want to eventually end up doing is create an automated scanning system completely from the command line. I want to be able to:

  1. Create a new target
  2. Create a new task
  3. Run the scan

How can I accomplish this?

Extra Info:

When running openvas-check-setup --v9 my output is: It seems like your OpenVAS-9 installation is OK

OS: CentOS 7

The web gui runs fine, and I executed a task to make sure everything is working ok.

Solution

  • Figured it out, and took many hours of scouring the internet..

    All that is needed is this:

    gvm-cli socket --socketpath /var/run/openvasmd.sock ...

    Note: The deprecated way to do this is with --sockpath which is what I didn't realize nor does it tell you that.

    I hope this helps someone down the line!