Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to select only Local Audits to Windows?

from [Danett song] Network Security [Permanent Link]
Subject: Re: How to select only Local Audits to Windows?
Date: Tue, 15 Aug 2006 22:47:18 -0300 (ART) 
Hi Nicolas,

Thank you, perfect exactilly what I needes. This list
is updated daily ?

Maybe a little off topic, bus if you can clarify me
this lines:

1) The line "if ( hotfix_check_sp(xp:3, win2k:5,
win2003:1) <= 0 ) exit(0);" check the OS Version, so
it  check the Operation system and SP installed? 

In the case Windows XP with SP3 or Windows 2000 with
SP5 or Windows 2003 with SP1 ? If I would like to
check a machine with Windows 2003 without service
pack, should I replace "win2003:1" by "win2003:0" ?

Well, it check this versions and if the version is
lower than this specified it call exit() with make me
thing it skip this check (and doesn't report it
vulnerable), I'm right? But if it's doesn't have the
basic SP requeriments shouldn't it be reported as
vulnerable?

2) This line " if ( hotfix_is_vulnerable (os:"5.2",
sp:0, file:"Authz.dll", version:"5.2.3790.274",
dir:"\system32") ||
hotfix_is_vulnerable (os:"5.1", sp:1,
file:"Authz.dll", version:"5.1.2600.1634",
dir:"\system32") ||
hotfix_is_vulnerable (os:"5.1", sp:2,
file:"Authz.dll", version:"5.1.2600.2622",
dir:"\system32") ||
hotfix_is_vulnerable (os:"5.0", file:"Authz.dll",
version:"5.0.2195.7028", dir:"\system32") )
security_hole (get_kb_item("SMB/transport"));"

The os: 5.0 mean Windows 2000? The os: 5.1 mean
Windows XP? The os: 5.2 mean Windows 2003? And
longhorn (os:5.3)?

What make this security_hole() function, report it as
vulnerable? what is the get_bk_item()

3) The line "if ( hotfix_missing(name:"890859") > 0 )"
check for a hotfix missing. Why not check only with
hotfix_is_vulnerable() or hotfix_missing()? Why test
with both? Only one should be enought to detect if the
system is vulnerable?

Thank you and sorry for amount of questions,

Cheers



--- Nicolas Pouvesle <npouvesle@tenablesecurity.com>
escreveu:


Danett song wrote:

Hi Nicolas,

I understood. But is there any online place where

I

can see all source codes of nasl plugins to

Windows

family Local Exploits?





http://www.nessus.org/plugins/index.php?view=all&family=Windows+%3A+Microsoft+Bulletins

?


Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





                
_______________________________________________________ 
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. 
Registre seu aparelho agora! 
http://br.mobile.yahoo.com/mailalertas/ 
 

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Plugin 19403?, Nicolas Pouvesle
Next by Date:  Nessus 3 Windows Client with Nessus 3 Solaris Scanner, how2 vuln
Previous by Thread:  Re: How to select only Local Audits to Windows?, Nicolas Pouvesle
Next by Thread:  Nessus 3 Windows Client with Nessus 3 Solaris Scanner, how2 vuln
Indexes:  [Date] [Thread] [Top] [All Lists]