def test_snmp_unknown_auth_alg_credentials(self, mock_kb):
dummy = DummyDaemon()
creds = {
'snmp': {
'type': 'snmp',
'username': '******',
'password': '******',
'community': 'some comunity',
'auth_algorithm': 'sha2',
},
}
dummy.scan_collection.get_credentials = MagicMock(return_value=creds)
p_handler = PreferenceHandler(
'1234-1234', mock_kb, dummy.scan_collection, None
)
p_handler.scan_id = '456-789'
p_handler.kbdb.add_scan_preferences = MagicMock()
ret = p_handler.prepare_credentials_for_openvas()
errors = p_handler.get_error_messages()
self.assertFalse(ret)
self.assertIn(
"Unknown authentication algorithm: "
+ "sha2"
+ ". Use 'md5' or 'sha1'.",
errors,
)
def test_snmp_no_priv_alg_but_pw_credentials(self, mock_kb):
dummy = DummyDaemon()
creds = {
'snmp': {
'type': 'snmp',
'username': '******',
'password': '******',
'community': 'some comunity',
'auth_algorithm': 'sha1',
'privacy_password': '******',
},
}
dummy.scan_collection.get_credentials = MagicMock(return_value=creds)
p_handler = PreferenceHandler(
'1234-1234', mock_kb, dummy.scan_collection, None
)
p_handler.scan_id = '456-789'
p_handler.kbdb.add_scan_preferences = MagicMock()
ret = p_handler.prepare_credentials_for_openvas()
errors = p_handler.get_error_messages()
self.assertFalse(ret)
self.assertIn(
"When no privacy algorithm is used, the privacy"
+ " password also has to be empty.",
errors,
)
def test_missing_type_for_ssh_credentials(self, mock_kb):
dummy = DummyDaemon()
creds = {
'ssh': {
'port': '22',
'username': '******',
'password': '******',
},
}
dummy.scan_collection.get_credentials = MagicMock(return_value=creds)
p_handler = PreferenceHandler(
'1234-1234', mock_kb, dummy.scan_collection, None
)
p_handler.scan_id = '456-789'
p_handler.kbdb.add_scan_preferences = MagicMock()
ret = p_handler.prepare_credentials_for_openvas()
errors = p_handler.get_error_messages()
self.assertFalse(ret)
self.assertIn(
"Missing Credential Type for SSH."
+ " Use 'up' for Username + Password"
+ " or 'usk' for Username + SSH Key.",
errors,
)
def test_set_bad_service_credentials(self, mock_kb):
dummy = DummyDaemon()
# bad cred type shh instead of ssh
creds = {
'shh': {
'type': 'up',
'port': '22',
'username': '******',
'password': '******',
},
}
dummy.scan_collection.get_credentials = MagicMock(return_value=creds)
p_handler = PreferenceHandler(
'1234-1234', mock_kb, dummy.scan_collection, None
)
p_handler.scan_id = '456-789'
p_handler.kbdb.add_scan_preferences = MagicMock()
ret = p_handler.prepare_credentials_for_openvas()
errors = p_handler.get_error_messages()
self.assertFalse(ret)
self.assertIn("Unknown service type for credential: shh", errors)
def test_ssh_port_out_of_range_credentials(self, mock_kb):
dummy = DummyDaemon()
creds = {
'ssh': {
'type': 'up',
'port': '65536',
'username': '******',
'password': '******',
},
}
dummy.scan_collection.get_credentials = MagicMock(return_value=creds)
p_handler = PreferenceHandler(
'1234-1234', mock_kb, dummy.scan_collection, None
)
p_handler.scan_id = '456-789'
p_handler.kbdb.add_scan_preferences = MagicMock()
ret = p_handler.prepare_credentials_for_openvas()
errors = p_handler.get_error_messages()
self.assertFalse(ret)
self.assertIn("Port for SSH is out of range (1-65535): 65536", errors)
def exec_scan(self, scan_id: str):
"""Starts the OpenVAS scanner for scan_id scan."""
params = self.scan_collection.get_options(scan_id)
if params.get("dry_run"):
dryrun = DryRun(self)
dryrun.exec_dry_run_scan(scan_id, self.nvti, OSPD_PARAMS)
return
do_not_launch = False
kbdb = self.main_db.get_new_kb_database()
scan_prefs = PreferenceHandler(scan_id, kbdb, self.scan_collection,
self.nvti)
kbdb.add_scan_id(scan_id)
scan_prefs.prepare_target_for_openvas()
if not scan_prefs.prepare_ports_for_openvas():
self.add_scan_error(scan_id,
name='',
host='',
value='Invalid port list.')
do_not_launch = True
# Set credentials
if not scan_prefs.prepare_credentials_for_openvas():
error = ('All authentifications contain errors.' +
'Starting unauthenticated scan instead.')
self.add_scan_error(
scan_id,
name='',
host='',
value=error,
)
logger.error(error)
errors = scan_prefs.get_error_messages()
for e in errors:
error = 'Malformed credential. ' + e
self.add_scan_error(
scan_id,
name='',
host='',
value=error,
)
logger.error(error)
if not scan_prefs.prepare_plugins_for_openvas():
self.add_scan_error(scan_id,
name='',
host='',
value='No VTS to run.')
do_not_launch = True
scan_prefs.prepare_main_kbindex_for_openvas()
scan_prefs.prepare_host_options_for_openvas()
scan_prefs.prepare_scan_params_for_openvas(OSPD_PARAMS)
scan_prefs.prepare_reverse_lookup_opt_for_openvas()
scan_prefs.prepare_alive_test_option_for_openvas()
# VT preferences are stored after all preferences have been processed,
# since alive tests preferences have to be able to overwrite default
# preferences of ping_host.nasl for the classic method.
scan_prefs.prepare_nvt_preferences()
scan_prefs.prepare_boreas_alive_test()
# Release memory used for scan preferences.
del scan_prefs
scan_stopped = self.get_scan_status(scan_id) == ScanStatus.STOPPED
if do_not_launch or kbdb.scan_is_stopped(scan_id) or scan_stopped:
self.main_db.release_database(kbdb)
return
openvas_process = Openvas.start_scan(
scan_id,
not self.is_running_as_root and self.sudo_available,
self._niceness,
)
if openvas_process is None:
self.main_db.release_database(kbdb)
return
kbdb.add_scan_process_id(openvas_process.pid)
logger.debug('pid = %s', openvas_process.pid)
# Wait until the scanner starts and loads all the preferences.
while kbdb.get_status(scan_id) == 'new':
res = openvas_process.poll()
if res and res < 0:
self.stop_scan_cleanup(kbdb, scan_id, openvas_process)
logger.error(
'It was not possible run the task %s, since openvas ended '
'unexpectedly with errors during launching.',
scan_id,
)
return
time.sleep(1)
got_results = False
while True:
openvas_process_is_alive = self.is_openvas_process_alive(
openvas_process)
target_is_finished = kbdb.target_is_finished(scan_id)
scan_stopped = self.get_scan_status(scan_id) == ScanStatus.STOPPED
# Report new Results and update status
got_results = self.report_openvas_results(kbdb, scan_id)
self.report_openvas_scan_status(kbdb, scan_id)
# Check if the client stopped the whole scan
if scan_stopped:
logger.debug('%s: Scan stopped by the client', scan_id)
self.stop_scan_cleanup(kbdb, scan_id, openvas_process)
# clean main_db, but wait for scanner to finish.
while not kbdb.target_is_finished(scan_id):
if not self.is_openvas_process_alive(openvas_process):
break
logger.debug('%s: Waiting for openvas to finish', scan_id)
time.sleep(1)
self.main_db.release_database(kbdb)
return
# Scan end. No kb in use for this scan id
if target_is_finished:
logger.debug('%s: Target is finished', scan_id)
break
if not openvas_process_is_alive:
logger.error(
'Task %s was unexpectedly stopped or killed.',
scan_id,
)
self.add_scan_error(
scan_id,
name='',
host='',
value='Task was unexpectedly stopped or killed.',
)
# check for scanner error messages before leaving.
self.report_openvas_results(kbdb, scan_id)
kbdb.stop_scan(scan_id)
for scan_db in kbdb.get_scan_databases():
self.main_db.release_database(scan_db)
self.main_db.release_database(kbdb)
return
# Wait a second before trying to get result from redis if there
# was no results before.
# Otherwise, wait 50 msec to give access other process to redis.
if not got_results:
time.sleep(1)
else:
time.sleep(0.05)
got_results = False
# Sleep a second to be sure to get all notus results
time.sleep(1)
# Delete keys from KB related to this scan task.
logger.debug('%s: End Target. Release main database', scan_id)
self.main_db.release_database(kbdb)
