Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Hydra and Amap with Nessus 2.2.2 for Linux

from [paramo] Network Security [Permanent Link]
Subject: Re: Re: Hydra and Amap with Nessus 2.2.2 for Linux
Date: Mon, 28 Feb 2005 10:31:47 +0100 (CET) 
Hi,

Thanks for answering. In fact my message has been cut and some information 
missed. Here is the whole message:

I installed Nessus 2.2.2 with Mandrake 10.1 (owning Nmap 3.55) few weeks ago, 
the tool ran sweet. Then I saw i could use Nessus with Amap scanner and Hydra 
login hacker, so I've decided to install these softs and tried to scan 
targets: first, using each tool separately and then, using them through Nessus 
(plugin Brute Force Attacks and /or Amap NASL wrapper). No probem occured when 
scanning with amap alone, idem with hydra (4.6). 

However, scanning through Nessus did not give me any expected results: 
concerning the plugin brute Force attacks, there is no reference to it in the 
report (whereas i put files with real logins and passwords), as far as amap is 
concerned, if i start nessus with only scanning through amap (plugins all 
disabled), I have this error message: "nessusd returned an empty report" .
First, I've checked whether the plugins were well installed in 
/usr/local/lib/nessus/plugins, and they were! 
 Second, I've verified the PATH available when starting nessusd so that the 
binaries for amap and hydra could be found. The PATH was also correct.
So, I've checked the nessus logs and found 2 interesting messages. Concerning 
the Brute force attacks plugin problem, i've analysed the nessud.messages file 
and it gave me (i've enabled Hydra SMB, FTP and NASL wrapper options):
[Fri Feb 25 16:12:19 2005][19592] user florian starts a new scan. Target(s) : 
127.0.0.1, with max_hosts = 20 and max_checks = 4
[Fri Feb 25 16:12:19 2005][19592] user florian : testing 127.0.0.1 (127.0.0.1) 
[20594]
[Fri Feb 25 16:12:19 2005][20594] user florian : launching ping_host.nasl 
against 127.0.0.1 [20595]
[Fri Feb 25 16:12:19 2005][20594] ping_host.nasl (process 20595) finished its 
job in 0.006 seconds
[Fri Feb 25 16:12:19 2005][20594] user florian : launching nmap.nasl against 
127.0.0.1 [20596]
[Fri Feb 25 16:12:19 2005][9239] connection from 127.0.0.1
[Fri Feb 25 16:12:22 2005][20594] nmap.nasl (process 20596) finished its job in 
3.513 seconds
[Fri Feb 25 16:12:22 2005][20594] user florian : launching hydra_options.nasl 
against 127.0.0.1 [20606]
[Fri Feb 25 16:12:22 2005][20594] user florian : launching find_service.nes 
against 127.0.0.1 [20607]
[Fri Feb 25 16:12:22 2005][20594] hydra_options.nasl (process 20606) finished 
its job in 0.014 seconds
[Fri Feb 25 16:12:27 2005][9239] connection from 127.0.0.1
[Fri Feb 25 16:12:27 2005][9239] connection from 127.0.0.1
[Fri Feb 25 16:12:44 2005][20594] find_service.nes (process 20607) finished its 
job in 22.073 seconds
[Fri Feb 25 16:12:44 2005][20594] user florian : launching 
apache_SSL_complain.nasl against 127.0.0.1 [20645]
[Fri Feb 25 16:12:44 2005][20594] user florian : launching 
find_service_3digits.nasl against 127.0.0.1 [20646]
[Fri Feb 25 16:12:44 2005][20594] apache_SSL_complain.nasl (process 20645) 
finished its job in 0.013 seconds
[Fri Feb 25 16:12:44 2005][20594] find_service_3digits.nasl (process 20646) 
finished its job in 0.014 seconds
[Fri Feb 25 16:12:44 2005][20594] user florian : launching 
doublecheck_std_services.nasl against 127.0.0.1 [20647]
[Fri Feb 25 16:12:44 2005][20594] doublecheck_std_services.nasl (process 20647) 
finished its job in 0.009 seconds
[Fri Feb 25 16:12:44 2005][20594] user florian : launching hydra_ftp.nasl 
against 127.0.0.1 [20648]
[Fri Feb 25 16:12:44 2005][20594] user florian : launching hydra_smb.nasl 
against 127.0.0.1 [20649]
[Fri Feb 25 16:12:44 2005][20594] hydra_ftp.nasl (process 20648) finished its 
job in 0.017 seconds
[Fri Feb 25 16:12:44 2005][20594] hydra_smb.nasl (process 20649) finished its 
job in 0.008 seconds
[Fri Feb 25 16:12:45 2005][20594] Finished testing 127.0.0.1. Time : 25.75 secs

I wonder if it is normal that the attacks finish so quickly, and what's weird 
is that the report gives no login/password combination detected.
Besides, i also checked the nessud.dump file and I found this message 
concerning amap:
amap.nasl is an "experimental script". Disabled
That's why amap does not run, so i've removed it and loaded it through 
nessus.org, but I still have this message.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Concerning your mail:

Did you set "experimental scripts" in the "global settings" pref?

No, when I ran Nessus, I did not enable experimental script in Prefs. So, i did 
it this morning and once again i had the error message: "empty report". I've 
checked the nessusd.dump file and still have "amap.nasl: experimental script: 
Disabled"! I don't understand what happens.


Did you update the plugins? The Hydra wrappers were buggy.

I update the plugins everyday, and so also today, but i still have the Hydra 
problem (see above)
------------------------------------------

Faites un voeu et puis Voila ! www.voila.fr 


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Problems Firewall, saverio . ferraro
Next by Date:  Local Security Checks on HP-UX, Senthil Prabu.S
Previous by Thread:  Re: Hydra and Amap with Nessus 2.2.2 for Linux, Michel Arboi
Next by Thread:  FC2: list sessions error when using: nessus -qSxp "still this error", nj . bruggenkamp
Indexes:  [Date] [Thread] [Top] [All Lists]