Hi, On 21.05.2017 16:19, Fábio Fernandes wrote: > All scans need host discovery and port scan plugins. Only then the web > plugins will run.
exactly. See also my mailinglist post about this topic a few days ago: https://lists.wald.intevation.org/pipermail/openvas-discuss/2017-May/011001.html To also get the DNS name of the scanned host in your report you need to enable the NVT "Host Details OID: 1.3.6.1.4.1.25623.1.0.103997" from the "Service detection" Family to your scan config. Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > Em 20/05/2017 23:38, "Michael Helwig" <[email protected] > <mailto:[email protected]>> escreveu: > > Hi, > > I'm trying to do a web vulnerability only scan with OpenVas. > I'm creating my target, then a scan config where only the family "Web > application abuses" is selected. This is currently 4505 scripts that are > shown in my custom scan config correctly. > I'm cloning my custom scan config from the "empty" template, which seems > to be important. > > The scan starts but it ends after 1-2 Minutes without a result besides a > single "Log" showing that it resolved the hostname correctly but failed > at OS detection. > > When listing processes during the scan I can see the only thing OpenVas > does is: > > 427 ? Ss 0:11 openvassd: Serving /var/run/openvassd.sock > 428 ? S 0:00 openvasmd: OTP: Handling scan XXX > 435 ? R 1:33 openvassd: testing XXX.XXX.XXX.XXX > 452 ? S 0:10 openvassd: testing XXX.XXX.XXX.XXX > (/var/lib/openvas/plugins/os_fingerprint.nasl) > 453 ? S 0:00 openvassd: testing XXX.XXX.XXX.XXX > (/var/lib/openvas/plugins/ssh_authorization.nasl) > 454 ? S 0:00 openvassd: testing XXX.XXX.XXX.XXX > (/var/lib/openvas/plugins/netbios_name_get.nasl) > > It basically runs these scripts and then exits. No other scripts seem to > be executed during the scan, the list doesn't seem to change. > > The same happens on other scan templates in a little different manner. > When I try to conduct only an FTP-Family scan (cloned from the empty > template) OpenVas again only does a host OS check (unsuccessfull, also > running /var/lib/openvas/plugins/os_fingerprint.nasl) and nothing more. > > Other preconfigured scans like "Full and fast" run without problems. > > When I clone my custom scan template from the "Full and fast" config and > deselect every family besides the "Web application abuses" checkbox, > something seems to run. But there are still more tests then I asked for. > Since when I deselect a family from which "3477 from 3478" tests are > included the 3477 tests do not get deselected when deselecting the > family and I really don't want to deselect each of those manually. So > this doesn't help me either (and seems to be a problem of the GUI). > > What's going on here? How can I configure my scans correctly and, for > example, do a "web application abuses" only scan? > > I'm using OpenVas on Kali but I could reproduce the problem with a > docker image of the current OpenVas version in an Ubuntu environment. So > it doesn't seem related to my setup. > > I didn't find any help in the documentation, if I missed something, > please point me to it. > > Thanks! > > Michael > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > <mailto:[email protected]> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > <https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss> > > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
