Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: NASL 3.0 Documentation

from [Dave King] Network Security [Permanent Link]
Subject: Re: NASL 3.0 Documentation
Date: Thu, 15 Dec 2005 10:07:42 -0700 
Thanks Renaud, this is basically what I was looking for.  Also are there
any changes in the Nessus Transfer Protocol?  I sometimes use the perl
module Net::Nessus to automate scans, so if there are any changes or new
features those would be nice to know about. 

Since I'm on the subject, does anyone know what's going on with the
development of Net::Nessus.  I remember reading a post from George
Theall over a year ago saying that he had sent a patch to Tiago to add
SSL support.  I know there's ScanLite which supports SSL, but it would
be nice to have it in the Net::Nessus package as well.  If Geroge still
had the patch it would be nice to have, otherwise I guess I'll start
hacking it myself.

Thanks,
Dave King


Renaud Deraison wrote:



On Dec 15, 2005, at 9:46, Isac Balder wrote:



In short I don't beleive Dave King was asking for
specifics of the code or the algorithims Tenable is
using to increase perfomance.  Let's face it the 6
bullets on the release announcement would hardly
classify as change documentation.



You're correct. George is not involved in the developement process 
either -- he replied with his point of view of a plugin writer and 
does not necessarily knows of all the NASL3-specific changes, since 
we all want to write as many NASL2 compatible plugins as possible.

Here's a slightly more detailed list. Still very high level, though :

NASL :

- The NASL syntax and behavior is roughly the same as for Nessus 2.x, 
except for the following:

  + It is now legal to have 'arrays of arrays'. Ie: foo[1] = 
make_list(1,2,3); works
  + It is now legal to write to strings (foo = "str"; foo[1] = "X"; 
display(foo); )
  + Some functions to extend the language have been added but are  not
documented yet (on the top of my head) :
    - socket_ready() returns TRUE if a socket can be written to
    - socket_pending() returns TRUE if data is pending on the socket
    - prompt() has been re-introduced (this allows you to write 
interactive nasl scripts)
    - fill_list(length:N, value:X) creates an array of N elements all 
set to value X.
  + A new packet forgery API (specific to Nessus3) will be released 
as .inc files soon
  + Support for multiple public keys for signed scripts (so users  can
sign their own scripts). Just add your RSA public keys (.pem  files)
in /opt/nessus/var/nessus/

- 'nasl -k <kb>' loads a KB in memory before executing a script
- 'nasl -W' executes a script but displays compilation warnings 
(think 'gcc -Wall')
- 'nasl -V' shows a script ID, name, version,etc... in an easily 
parseable way
- 'nasl -VV' does the same as above but also shows the script 
description

- 'nasl -T' has been removed due to the change of interpreter. There 
will be a real debugger in a future revision of Nessus (at worse 
Nessus 3.2.0, but maybe in a 3.0.x release) -- it's just not ready 
for prime time yet.




nessusd :

- shared sockets are more robust and more efficient
- internal process communication is more robust and more efficient
- new architecture to execute plugins - instead of running one plugin 
per process, only one process is spawned per host
- Plugins are pre-processed and stored in a libdb for a faster 
startup of nessusd
- nessusd reduces max_hosts if the CPU is too loaded (throttle_scan = 
no in nessusd.conf if you want to disable this behavior)
- nessusd fetches new plugins by itself every 24 hours if it is 
registered (auto-update = no in nessusd.conf to disable this behavior).
- nessusd can load '.nasl' files, but also '.nasl3' (nasl3 specific 
scripts) and '.nbin' (nasl3 binaries) '.inc3' are also valid

- 'nessusd -R' forces the re-processing of all the plugins (generates 
a new database)
- killall -HUP2 nessusd dumps the state of the various NASL plugins 
on disk (in var/log/nessus/)



I'd also like to point out that there is a Nessus 3.0 manual in 
http://www.nessus.org/documentation/ which may cover items I've missed.


                    -- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Remote host is not using the good version, Linuxnizer The Mesmorizer
Next by Date:  Re: NASL 3.0 Documentation, Renaud Deraison
Previous by Thread:  Re: NASL 3.0 Documentation, Renaud Deraison
Next by Thread:  Re: NASL 3.0 Documentation, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]