Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

PREFERENCES_ERRORS

from [Stuart Kendrick] Network Security [Permanent Link]
Subject: PREFERENCES_ERRORS
Date: Mon, 13 Dec 2004 16:57:44 -0800 (PST) 
hi,

is PREFERENCES_ERRORS actually implemented yet?


i'm sending a nessus server a "CLIENT <|> PREFERENCES" message ...  with
invalid preferences ... and a "SERVER <|> PREFERENCES_ERROR" message comes 
back ... but it is empty.

here is a portion of the CLIENT <|> PREFERENCES message:

[the relevant portion looks like this:  optimize_test <|> foo]

0000   00 0c 6e 12 68 1a 00 07 84 7a b0 0a 08 00 45 00  ..n.h....z....E.
0010   03 79 90 e7 40 00 3d 06 12 36 8c 6b 34 10 8c 6b  .y..@.=..6.k4..k
0020   4a 7b ed 95 04 d9 9b af 2a 75 dc 58 ea 79 80 18  J{......*u.X.y..
0030   16 d0 f7 3f 00 00 01 01 08 0a f8 82 4c 7b 01 2c  ...?........L{.,
0040   6d b8 66 69 6c 65 5d 3a 53 53 4c 20 70 72 69 76  m.file]:SSL priv
0050   61 74 65 20 6b 65 79 20 3c 7c 3e 20 0a 53 65 72  ate key <|> .Ser
0060   76 69 63 65 73 5b 70 61 73 73 77 6f 72 64 5d 3a  vices[password]:
0070   50 45 4d 20 70 61 73 73 77 6f 72 64 20 3c 7c 3e  PEM password <|>
0080   20 20 0a 53 65 72 76 69 63 65 73 5b 72 61 64 69    .Services[radi
0090   6f 5d 3a 54 65 73 74 20 53 53 4c 20 62 61 73 65  o]:Test SSL base
00a0   64 20 73 65 72 76 69 63 65 73 20 3c 7c 3e 20 41  d services <|> A
00b0   6c 6c 0a 55 6e 6b 6e 6f 77 6e 20 43 47 49 73 20  ll.Unknown CGIs 
00c0   61 72 67 75 6d 65 6e 74 73 20 74 6f 72 74 75 72  arguments tortur
00d0   65 5b 63 68 65 63 6b 62 6f 78 5d 3a 53 65 6e 64  e[checkbox]:Send
00e0   20 50 4f 53 54 20 72 65 71 75 65 73 74 73 20 3c   POST requests <
00f0   7c 3e 20 6e 6f 0a 57 65 62 20 6d 69 72 72 6f 72  |> no.Web mirror
0100   69 6e 67 5b 65 6e 74 72 79 5d 3a 4e 75 6d 62 65  ing[entry]:Numbe
0110   72 20 6f 66 20 70 61 67 65 73 20 74 6f 20 6d 69  r of pages to mi
0120   72 72 6f 72 20 3c 7c 3e 20 32 30 30 0a 57 65 62  rror <|> 200.Web
0130   20 6d 69 72 72 6f 72 69 6e 67 5b 65 6e 74 72 79   mirroring[entry
0140   5d 3a 53 74 61 72 74 20 70 61 67 65 20 3c 7c 3e  ]:Start page <|>
0150   20 2f 0a 61 75 74 6f 5f 65 6e 61 62 6c 65 5f 64   /.auto_enable_d
0160   65 70 65 6e 64 65 6e 63 69 65 73 20 3c 7c 3e 20  ependencies <|> 
0170   79 65 73 0a 66 74 70 20 77 72 69 74 65 61 62 6c  yes.ftp writeabl
0180   65 20 64 69 72 65 63 74 6f 72 69 65 73 5b 72 61  e directories[ra
0190   64 69 6f 5d 3a 48 6f 77 20 74 6f 20 63 68 65 63  dio]:How to chec
01a0   6b 20 69 66 20 64 69 72 65 63 74 6f 72 69 65 73  k if directories
01b0   20 61 72 65 20 77 72 69 74 65 61 62 6c 65 20 3c   are writeable <
01c0   7c 3e 20 41 74 74 65 6d 70 74 20 74 6f 20 73 74  |> Attempt to st
01d0   6f 72 65 20 61 20 66 69 6c 65 0a 6f 70 74 69 6d  ore a file.optim
01e0   69 7a 65 5f 74 65 73 74 20 3c 7c 3e 20 66 6f 6f  ize_test <|> foo
01f0   0a 70 69 6e 67 5f 68 6f 73 74 73 20 3c 7c 3e 20  .ping_hosts <|> 
0200   79 65 73 0a 70 6c 75 67 69 6e 5f 73 65 74 20 3c  yes.plugin_set <
0210   7c 3e 20 31 30 32 36 35 3b 31 34 32 35 39 0a 70  |> 10265;14259.p
0220   6f 72 74 5f 72 61 6e 67 65 20 3c 7c 3e 20 31 36  ort_range <|> 16
0230   31 2d 31 36 32 0a 73 61 66 65 5f 63 68 65 63 6b  1-162.safe_check
0240   73 20 3c 7c 3e 20 79 65 73 0a 73 6e 6d 70 77 61  s <|> yes.snmpwa
0250   6c 6b 20 27 73 63 61 6e 6e 65 72 27 5b 65 6e 74  lk 'scanner'[ent
0260   72 79 5d 3a 43 6f 6d 6d 75 6e 69 74 79 20 6e 61  ry]:Community na
0270   6d 65 20 3c 7c 3e 20 6d 6f 6e 69 74 6f 72 0a 73  me <|> publicZ.s
0280   6e 6d 70 77 61 6c 6b 20 27 73 63 61 6e 6e 65 72  nmpwalk 'scanner
0290   27 5b 65 6e 74 72 79 5d 3a 4e 75 6d 62 65 72 20  '[entry]:Number 
02a0   6f 66 20 72 65 74 72 69 65 73 20 3c 7c 3e 20 31  of retries <|> 1
02b0   0a 73 6e 6d 70 77 61 6c 6b 20 27 73 63 61 6e 6e  .snmpwalk 'scann
02c0   65 72 27 5b 65 6e 74 72 79 5d 3a 54 43 50 2f 55  er'[entry]:TCP/U
02d0   44 50 20 70 6f 72 74 20 3c 7c 3e 20 0a 73 6e 6d  DP port <|> .snm
02e0   70 77 61 6c 6b 20 27 73 63 61 6e 6e 65 72 27 5b  pwalk 'scanner'[
02f0   65 6e 74 72 79 5d 3a 54 69 6d 65 6f 75 74 20 62  entry]:Timeout b
0300   65 74 77 65 65 6e 20 72 65 74 72 69 65 73 20 3c  etween retries <
0310   7c 3e 20 31 30 0a 73 6e 6d 70 77 61 6c 6b 20 27  |> 10.snmpwalk '
0320   73 63 61 6e 6e 65 72 27 5b 72 61 64 69 6f 5d 3a  scanner'[radio]:
0330   53 4e 4d 50 20 70 72 6f 74 6f 63 6f 6c 20 3c 7c  SNMP protocol <|
0340   3e 20 31 0a 73 6e 6d 70 77 61 6c 6b 20 27 73 63  > 1.snmpwalk 'sc
0350   61 6e 6e 65 72 27 5b 72 61 64 69 6f 5d 3a 53 4e  anner'[radio]:SN
0360   4d 50 20 74 72 61 6e 73 70 6f 72 74 20 6c 61 79  MP transport lay
0370   65 72 20 3c 7c 3e 20 75 64 70 0a 20 3c 7c 3e 20  er <|> udp. <|> 
0380   43 4c 49 45 4e 54 0a                             CLIENT.





and here is the response:


0000   00 00 0c 07 ac 4a 00 0c 6e 12 68 1a 08 00 45 00  .....J..n.h...E.
0010   00 56 87 ae 40 00 40 06 1b 92 8c 6b 4a 7b 8c 6b  .V..@.@....kJ{.k
0020   34 10 04 d9 ed 95 dc 58 ea 79 9b af 2d ba 80 18  4......X.y..-...
0030   5a 80 97 aa 00 00 01 01 08 0a 01 2c 6d cd f8 82  Z..........,m...
0040   4c 7b 53 45 52 56 45 52 20 3c 7c 3e 20 50 52 45  L{SERVER <|> PRE
0050   46 45 52 45 4e 43 45 53 5f 45 52 52 4f 52 53 20  FERENCES_ERRORS 
0060   3c 7c 3e 0a                                      <|>.


i would have expected the PREFERENCES_ERRORS message to have included the 
"optimize_test <|> foo" string ... or ... reading ntp_white_paper_11.txt 
... i guess i would have expected "optimize_test <|> yes", because my 
nessusd.conf contains "yes" as a default for this preference.

i'm running nessus-2.2.2a on the server side and using a Perl script 
employing Net::Nessus::ScanLite on the client side.  i'm specifying ntp 
v1.2 in my login object ("ntp_proto           => "1.2")


has anyone succeeded in acquiring substantive PREFERENCES_ERRORS messages?

--sk

stuart kendrick
fhcrc
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  2.2 on OSX 10.3, List Subscriber
Next by Date:  Query about some SMB tests, Jason Haar
Previous by Thread:  2.2 on OSX 10.3, List Subscriber
Next by Thread:  Re: PREFERENCES_ERRORS, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]