Library to interact with the Greenbone Vulnerability Manager using the gmp protocol (Greenbone Management Protocol, version 9.0
)
Here you willl find methods to create tasks, targets, scanners and retrieve results generated by the Openvas scanner.
- This library is compatible with the latest version of GVM: 11.0
https://docs.greenbone.net/API/GMP/gmp-9.0.html
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp/client
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections
import (
"github.com/filewalkwithme/go-gmp/pkg/9/gmp"
"github.com/filewalkwithme/go-gmp/pkg/9/gmp/client"
"github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections"
)
// Connect to GVMD
conn, err := connections.NewUnixConnection("/tmp/openvas-socks/gvmd.sock")
if err != nil {
panic(err)
}
defer conn.Close()
// Instantiate a new GMP Client
gmpClient := client.New(conn)
// Authenticate
auth := &gmp.AuthenticateCommand{}
auth.Credentials.Username = "openvas"
auth.Credentials.Password = "openvas"
_, err = gmpClient.Authenticate(auth)
if err != nil {
panic(err)
}
// Create a new task
newTask := &gmp.CreateTaskCommand{}
newTask.Name = "New Task"
newTask.Config = new(gmp.CreateTaskConfig)
newTask.Config.ID = "b9407b88-7b3c-47f3-a684-3605db80e5fd"
newTask.Target = new(gmp.CreateTaskTarget)
newTask.Target.ID = "a2a964f8-daa7-4e1c-ae3a-a72f06d49dbe"
newTask.Scanner = new(gmp.CreateTaskScanner)
newTask.Scanner.ID = "8abd321a-2eb1-4a7a-a368-fc118dc99a85"
newTaskResp, err := gmpClient.CreateTask(newTask)
if err != nil {
panic(err)
}
// Start the task
st := &gmp.StartTaskCommand{}
st.TaskID = newTaskResp.ID
_, err = gmpClient.StartTask(st)
if err != nil {
panic(err)
}
First, you will need to start an Greenbone Security Assistant instance. For this example we will use gvm-openvas-docker, a ready to use GSA Docker image. We are going to expose the GVMD Unix Socket under /tmp/openvas-socks/gvmd.sock
git clone https://github.com/filewalkwithme/openvas-in-the-box.git
sudo docker build openvas-in-the-box -t openvas
sudo docker run -d --rm -ti -p 80:80 -p 443:443 -v /tmp/openvas-socks:/var/run --name openvas openvas
Wait some seconds until /tmp/openvas-socks/gvmd.sock
gets created by the container.
sleep 60
ls /tmp/openvas-socks/gvmd.sock
Confirm that GSA is available at https://127.0.0.1
Next, we will execute the sample application avaible under the examples
folder:
cd examples
go build -o go-gmp
./go-gmp
The sample application will generate an output like this:
Connecting to GVMD...
-> ok
Instantiate a new GMP Client
-> ok
Authenticating...
-> ok
Getting the Default scanner...
-> ok (scanner id: 08b69003-5fc2-4037-a479-93b440211c73)
Getting the configuration named "Full and fast"...
-> ok (config id: daba56c8-73ec-11df-a475-002264764cea)
Creating a new target...
-> ok (target id: 34e34484-2dfa-4f01-b9fe-2b90e4a38fba)
Creating a new task...
-> ok (task id: d82a368f-acfa-422e-a78a-63727861f5a9)
Start the task
Monitoring task progress...
Monitoring task progress: 1%
Monitoring task progress: 2%
Monitoring task progress: 6%
Monitoring task progress: 8%
Monitoring task progress: 14%
Monitoring task progress: 52%
Monitoring task progress: 80%
Monitoring task progress: 90%
Monitoring task progress: 98%
Monitoring task progress: 100%
Result[0]: CGI Scanning Consolidation (score: 0.0)
...
Result[7]: HTTP Security Headers Detection (score: 0.0)
...
Result[15]: Services (score: 0.0)
...
Result[20]: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerability (score: 4.0)
Result[37]: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS (score: 5.0)
Result[38]: SSL/TLS: Report Weak Cipher Suites (score: 4.3)
Result[39]: Traceroute (score: 0.0)
Result[40]: Unknown OS and Service Banner Reporting (score: 0.0)
go test ./... -coverprofile=coverage.out
? github.com/filewalkwithme/go-gmp/examples [no test files]
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp 0.004s coverage: [no statements]
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/client 0.017s coverage: 100.0% of statements
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections 0.009s coverage: 100.0% of statements
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections/internal/implementation 0.003s coverage: 100.0% of statements
HTML Report:
go tool cover -html=coverage.out