kalilinux 2024.01 安装openvas(gvm)发现ospd-openvas服务启动问题解决记录
环境:
系统:kalilinux-2024.01
操作平台:vmware-workstation 17pro
软件:gvm 23.11.0
引用问题解决出处链接:
https://forum.greenbone.net/t/latest-version-on-kali-fails-to-start/17504/15
https://blog.csdn.net/lyace2010/article/details/131887536
安装简易过程:
1,更新kali:
sudo apt update && sudo apt upgrade -y
2,安装openvas:
sudo apt install gvm -y
3,初始化配置:
sudo gvm-setup #初始化过程会比较漫长
4,检查gvm安装检查:
sudo gvm-check-setup
问题:
└─$ journalctl -xeu ospd-openvas.service
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/bin/ospd-openvas", line 8, in <module>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: sys.exit(main())
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: ^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/ospd_openvas/daemon.py", line 1245, in main
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: daemon_main('OSPD - openvas', OSPDopenvas, NotusParser())
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/ospd/main.py", line 152, in main
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: daemon.init(server)
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/ospd_openvas/daemon.py", line 501, in init
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: client = MQTTClient(
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: ^^^^^^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/ospd_openvas/messaging/mqtt.py", line 39, in __init__
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: super().__init__(client_id=client_id, protocol=mqtt.MQTTv5)
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: TypeError: Client.__init__() missing 1 required positional argument: 'callback_api_version'
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Exception ignored in atexit callback: <function exit_cleanup at 0x7fd2cf330f40>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Traceback (most recent call last):
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/ospd/main.py", line 74, in exit_cleanup
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: sys.exit()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: SystemExit:
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Exception ignored in: <function Client.__del__ at 0x7fd2cd8ac5e0>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Traceback (most recent call last):
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 874, in __del__
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: self._reset_sockets()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 1133, in _reset_sockets
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: self._sock_close()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 1119, in _sock_close
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: if not self._sock:
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: ^^^^^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: AttributeError: 'MQTTClient' object has no attribute '_sock'
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Can't open PID file /run/ospd/ospd-openvas.pid (yet?) after start: No such file or directory
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Failed with result 'protocol'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit ospd-openvas.service has entered the 'failed' state with result 'protocol'.
Apr 26 10:00:11 serve-the-people systemd[1]: Failed to start ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas).
░░ Subject: A start job for unit ospd-openvas.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit ospd-openvas.service has finished with a failure.
░░
░░ The job identifier is 7625 and the job result is failed.
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Consumed 1.122s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit ospd-openvas.service completed and consumed the indicated resources.
lines 141-189/189 (END)
解决:
方法:在greenbone的GitHub下载mqtt.py覆盖kali /usr/lib/python3/dist-packages/库名/messaging 的两处,库分别是notus和ospd-openvas
链接:1,https://github.com/greenbone/notus-scanner/blob/main/notus/scanner/messaging/mqtt.py
2,https://github.com/greenbone/ospd-openvas/blob/main/ospd_openvas/messaging/mqtt.py
修改kalilinux路径:
1,/usr/lib/python3/dist-packages/notus/scanner/messaging
2,/usr/lib/python3/dist-packages/ospd_openvas/messaging
根据链接下载对应的mqtt.py对要修改路径进行覆盖即可;
然后再次允许 sudo gvm-check-setup
sudo greenbone-feed-sync --type all
修改openvas初始密码及允许从其他设备访问:
sudo runuser -u _gvm -- gvmd --user=admin --new-password=password #admin填入你想要更改的用户名,最后的password填你要设置的密码
sudo sed -i 's/127.0.0.1/0.0.0.0/g' /lib/systemd/system/gsad.service
sudo gvm-stop
sudo systemctl daemon-reload
sudo gvm-start
更新升级漏洞库
sudo gvm-feed-update
扫描出现问题:
解决:
获取扫描仪id:
sudo runuser -u _gvm -- gvmd --get-scanners #会出现两id, 只复制OpenVAS id即可
获取用户id:
sudo runuser -u _gvm -- gvmd --get-users --verbose
修改扫描仪:
sudo runuser -u _gvm -- gvmd --modify-scanner [scanner id] --value [user id]
出现Scanner modified 即修改成功
md --get-users --verbose
修改扫描仪:
sudo runuser -u _gvm – gvmd --modify-scanner [scanner id] --value [user id]
出现Scanner modified 即修改成功
``