0
votes

I am able to use xml API (of OpenVAS) using openssl like:

openssl s_client -connect localhost:9390 
...certificate info...
<get_version/>
<get_version_response status="200" status_text="OK"><version>7.0</version></get_version_response>
DONE

I am trying to achieve the same thing in java code with:

@Test
public void tryOpenVasGetVersion() throws InterruptedException,
        ExecutionException {

    WebSocketClient webSocketClient = new StandardWebSocketClient();
    WebSocketSession webSocketSession = webSocketClient.doHandshake(new TextWebSocketHandler() {
        @Override
        public void handleTextMessage(WebSocketSession session, TextMessage message) {
            System.out.println("received message - " + message.getPayload());
        }

        @Override
        public void afterConnectionEstablished(WebSocketSession session) throws InterruptedException {
            TimeUnit.SECONDS.sleep(1);
            System.out.println("established connection - " + session);
        }
    }, new WebSocketHttpHeaders(), URI.create("wss://127.0.0.1:9390")).get();

    Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(() -> {
        try {
            TextMessage message = new TextMessage("<get_version/>");
            webSocketSession.sendMessage(message);
            System.out.println("sent message - " + message.getPayload());
        } catch (Exception e) {
            System.out.println("Exception while sending a message "+ e);
        }
    }, 1, 10, TimeUnit.SECONDS);
}

but all I get is:

java.util.concurrent.ExecutionException: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed

at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:192) at pl.corpnet.mixer.plugins.codescan.fortify.apiclient.SocketTest.connect(SocketTest.java:51) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.junit.runner.JUnitCore.run(JUnitCore.java:137) at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68) at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47) at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242) at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70) Caused by: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:484) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:194) at org.springframework.web.socket.client.standard.StandardWebSocketClient.lambda$doHandshakeInternal$0(StandardWebSocketClient.java:150) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.lang.Thread.run(Thread.java:748) Caused by: java.util.concurrent.ExecutionException: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:512) at org.apache.tomcat.websocket.WsWebSocketContainer.processResponse(WsWebSocketContainer.java:783) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:347) ... 4 more Caused by: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$ReadTask.run(AsyncChannelWrapperSecure.java:314) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ... 1 more

can anyone give me a hint if I can achieve the same thing using WebSocketClient as using openssl s_cllient -connect?

1
This is not a "real" answer but just a hint: The XML API (GMP) of OpenVAS/GVM doesn't use the WebSocket technology so you can't use websocket based code to communicate with the API.cfischer

1 Answers

0
votes

you can try to connect with creation of SSLSocket.

SSLContext context = SSLContextBuilder.create().setProtocol("TLS1.2").setKeyStoreType("JKS").loadKeyMaterial(...).build();
SSLFactory factory = context.getSocketFactory();

SSLSocket socket = factory.createSocket(host, port);

it worked for me last year with openvas on kali linux.