[Openvas-discuss] Can't use SMB credentials

Jean Mouric j.mouric at gmail.com
Thu Aug 26 10:54:20 CEST 2010


Oh, I just realized trimmed the slashes in my commands in my e-mail, they
actually look like :


omp -p 9391 -X "<create_target><name>my target</name><hosts>[my targets
here]</hosts></create_target>"

omp -p 9391 -X "<create_config><name>[my config name]</name><get_configs_
>
> response status=\"200\" status_text=\"OK\">
> <config id=\"baba56c8-73ec-11df-a475-002264764cea\"><name>[my config
> name]</name>
> [...]
> <preference><nvt
> oid=\"\"><name/></nvt><name>port_range</name><type/><value>[my ports
> here]</value></preference>
> [...]
> <preference><nvt oid=\"1.3.6.1.4.1.25623.1.0.90023\"><name>SMB
> Authorization</name></nvt><name>SMB domain
> (optional):</name><type>entry</type><value>[my domain
> here]<value/></preference>
> <preference><nvt oid=\"1.3.6.1.4.1.25623.1.0.90023\"><name>SMB
> Authorization</name></nvt><name>SMB
> login:</name><type>entry</type><value>[my login here]<value/></preference>
> <preference><nvt oid=\"1.3.6.1.4.1.25623.1.0.90023\"><name>SMB
> Authorization</name></nvt><name>SMB
> password:</name><type>entry</type><value>[my password
> here]<value/></preference>
> [...]
> <preference><nvt oid=\"1.3.6.1.4.1.25623.1.0.90022\"><name>SSH
> Authorization</name></nvt><name>SSH login
> name:</name><type>entry</type><value>[my login here]</value></preference>
> [...]
> <preference><nvt oid=\"1.3.6.1.4.1.25623.1.0.90022\"><name>SSH
> Authorization</name></nvt><name>SSH password
> (unsafe!):</name><type>password</type><value>[my password
> here]<value/></preference>
> [...]
> </config></get_configs_response></create_config>"
>
> omp -p 9391 -X "<create_task><name>my task</name><config id=\"[the config
> id here]\"></config><target id=\"[the target id
> here]\"></target></create_task>"
>
> omp -p 9391 -X "<start_task task_id=\"[the task id here]\"/>"
>
> omp -p 9391 -X "<get_reports report_id=\"[the report id here]\"
> format=\"xml\" levels=\"hmlgdf\"/>" --pretty-print > my_report.xml




2010/8/26 Jean Mouric <j.mouric at gmail.com>

> Oops, I meant omp as in openvas-cli, sorry about that, I did use the right
> thing.
>
> As for the exact OMP commands I use, I start the scanner and the manager as
> usual and then :
> (note : I do a | sed to get the ids generated by each command)
>
> omp -p 9391 -X "<create_target><name>my target</name><hosts>[my targets
> here]</hosts></create_target>"
>
> omp -p 9391 -X "<create_config><name>[my config
> name]</name><get_configs_response status=\"200\" status_text=\"OK\">
> <config id=\"baba56c8-73ec-11df-a475-002264764cea\"><name>[my config
> name]</name>
> [...]
> <preference><nvt
> oid=""><name/></nvt><name>port_range</name><type/><value>[my ports
> here]</value></preference>
> [...]
> <preference><nvt oid="1.3.6.1.4.1.25623.1.0.90023"><name>SMB
> Authorization</name></nvt><name>SMB domain
> (optional):</name><type>entry</type><value>[my domain
> here]<value/></preference>
> <preference><nvt oid="1.3.6.1.4.1.25623.1.0.90023"><name>SMB
> Authorization</name></nvt><name>SMB
> login:</name><type>entry</type><value>[my login here]<value/></preference>
> <preference><nvt oid="1.3.6.1.4.1.25623.1.0.90023"><name>SMB
> Authorization</name></nvt><name>SMB
> password:</name><type>entry</type><value>[my password
> here]<value/></preference>
> [...]
> <preference><nvt oid="1.3.6.1.4.1.25623.1.0.90022"><name>SSH
> Authorization</name></nvt><name>SSH login
> name:</name><type>entry</type><value>[my login here]</value></preference>
> [...]
> <preference><nvt oid="1.3.6.1.4.1.25623.1.0.90022"><name>SSH
> Authorization</name></nvt><name>SSH password
> (unsafe!):</name><type>password</type><value>[my password
> here]<value/></preference>
> [...]
> </config></get_configs_response></create_config>"
>
> The [...] parts are identical to the "Full and fast" default config. The
> [my X here] are all filled in clear text. Then I simply do :
>
> omp -p 9391 -X "<create_task><name>my task</name><config id="[the config id
> here]"></config><target id="[the target id here]"></target></create_task>"
>
> omp -p 9391 -X "<start_task task_id="[the task id here]"/>"
>
> omp -p 9391 -X "<get_reports report_id="[the report id here]" format="xml"
> levels="hmlgdf"/>" --pretty-print > my_report.xml
>
> Everything works just fine, except the SMB authentication. As I said
> earlier, the same thing happens when I use <create_lsc_credential>, SSH
> works and SMB fails. And the same operations carried out with GSA all work
> (SMB included).
>
> 2010/8/25 Jan-Oliver Wagner <Jan-Oliver.Wagner at greenbone.net>
>
> On Wednesday 25 August 2010 18:12:02 Jean Mouric wrote:
>> > I'm having somewhat of a weird problem. Here goes : I'm trying to
>> automate
>> > OpenVAS by having scripts run omp-cli. For the config, I have a template
>> > file that I modify and feed to omp-cli.
>>
>> just a side note: please as your time permits use the "omp" command line
>> tool of the
>> package "openvas-cli". That represents the most current state.
>> "omp-cli" has been moved out of the newest OpenVAS-Client.
>>
>> Best
>>
>>        Jan
>>
>> --
>> Dr. Jan-Oliver Wagner |  ++49-541-335084-0  |  http://www.greenbone.net/
>> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück,
>> HR B 202460
>> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
>> _______________________________________________
>> Openvas-discuss mailing list
>> Openvas-discuss at wald.intevation.org
>> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100826/8a592856/attachment.html>


More information about the Openvas-discuss mailing list