-
Notifications
You must be signed in to change notification settings - Fork 1.9k
GVM 21.x Integration
First, verify that GVM is running and configured properly by running gvm-start
. If no errors are displayed, ensure that you can login to the web UI at https://127.0.0.1:9390. If there are any errors displayed, Sn1per may not be able to communicate with GVM properly. Run gvm-check-setup
to check your setup again.
Run the following command to update the permissions:
sudo chmod 777 /var/run/gvm/gvmd.sock
NOTE: This integration requires GVM 21.x and a valid Sn1per Professional v10.0 or higher to work properly.
To integrate GVM 21.x vulnerability scans into Sn1per Professional v10.0 or higher, create a copy of the default Sn1per configuration template (cp -vf /sniper/conf/default /sniper/conf/gvm_vulnerability_scan.conf
) and enter the appropriate values for the following:
# OPENVAS CONFIG
OPENVAS="1"
OPENVAS_USERNAME="admin"
OPENVAS_PASSWORD='mypasswordhere!'
OPENVAS_HOST="127.0.0.1"
OPENVAS_PORT="9390"
OPENVAS_RUNAS_USER="kali"
NOTE: You will need to specify a local (non-root) Linux account to initiate GVM 21.x scans using Sn1per by updating the "OPENVAS_RUNAS_USER" setting in your Sn1per configuration file.
To test your setup, run the following commands:
su - $OPENVAS_RUNAS_USER # Where $OPENVAS_RUNAS_USER is the non-root Linux account you setup
gvm-cli socket --xml "<get_version/>"
This will prompt for your OpenVAS username and password. Once entered, it should display the following:
Enter username: admin
Enter password for admin:
<get_version_response status="200" status_text="OK"><version>21.4</version></get_version_response>
After the settings have been updated to match your environment, you can initiate an OpenVAS scan automatically by running a "normal" or "vulnscan" mode in Sn1per Professional and specifying the new configuration template you just created (ie. /sniper/conf/gvm_vulnerability_scan.conf). This can also be done from the command line by running the following:
Example Usage:
sniper -t 127.0.0.1 -c /sniper/conf/gvm_vulnerability_scan.conf -m vulnscan -w 127.0.0.1