Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Coverage for Backup Product Vulnerabilities

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: Coverage for Backup Product Vulnerabilities
Date: Wed, 10 Aug 2005 07:43:02 -0400 

On Aug 10, 2005, at 1:43 AM, H D Moore wrote:

On Tuesday 26 July 2005 08:48, Jersey, Steve wrote:

Our group has used Nessus for a couple years to scan critical servers
in relation to auditing at various locations.  We have become
proficient with use of the tool, but we do not at this time have the
technical capability to write our scripts.


One of the recent updates to the Metasploit Framework included a module
for the Backup Exec remote registry access flaw. Unfortunately I do not
have the time to port it to NASL, but someone else on this list might.
Pedram Amini should be credit for the discovery of the bug and the
reverse engineering of the RPC stubs.

http://metasploit.com/projects/Framework/ exploits.html#backupexec_registry


Nessus plugin : veritas_registry.nasl / ID 19397

I gave credits to Metasploit for the RPC structure that save me hour (s) of reverse. I will adjust the plugin to credit Pedram Amini too.



Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Nessus 2.2.5 Debian packages available (was Re: Nessus 2.2.5 released), Javier Fernandez-Sanguino
Next by Date:  Re: Error in plugin_unlink - args == NULL, George A. Theall
Previous by Thread:  Re: Coverage for Backup Product Vulnerabilities, H D Moore
Next by Thread:  Nessus 2.2.5 Debian packages available (was Re: Nessus 2.2.5 released), Javier Fernandez-Sanguino
Indexes:  [Date] [Thread] [Top] [All Lists]