First, verify that GVM is running and configured properly by running gvm-start
. If no errors are displayed, ensure that you can login to the web UI at https://127.0.0.1:9390. If there are any errors displayed, Sn1per may not be able to communicate with GVM properly. Run gvm-check-setup
to check your setup again.
Run the following command to update the permissions: sudo chmod 777 /var/run/gvm/gvmd.sock
NOTE: This integration requires GVM 21.x and a valid Sn1per Professional v10.0 or higher to work properly.
To integrate GVM 21.x vulnerability scans into Sn1per, update the following settings in your Sn1per configuration template under the /sniper/conf/
directory:
# OPENVAS CONFIG
OPENVAS="1"
OPENVAS_USERNAME="admin"
OPENVAS_PASSWORD='mypasswordhere!'
OPENVAS_HOST="127.0.0.1"
OPENVAS_PORT="9390"
OPENVAS_RUNAS_USER="kali"
NOTE: You will need to specify a local (non-root) Linux account to initiate GVM 21.x scans using Sn1per by updating the “OPENVAS_RUNAS_USER” setting in your Sn1per configuration file.
To test your setup, run the following commands:
su - $OPENVAS_RUNAS_USER # Where $OPENVAS_RUNAS_USER is the non-root Linux account you setup
gvm-cli socket --xml "<get_version/>"
This will prompt for your OpenVAS username and password. Once entered, it should display the following:
Enter username: admin
Enter password for admin:
<get_version_response status="200" status_text="OK"><version>21.4</version></get_version_response>
You can then run a scan by selecting the configuration template you edited in the previous step to integrate OpenVAS/GVM vulnerability scans with Sn1per.