Hi John,
On May 1, 2007, at 11:25 PM, John Scherff wrote:
Is it possible to have a plugin run just once for the entire scan
and set some kind of variable for use by all plugins on all hosts?
I'm trying to write a plugin that will download the three most
recent virus definition dates from Symantec (I know 21725 checks
whether signatures are current, but I'm trying to write a smallish
nessus-based audit tool for my system administrators that will run
inside vmware-player machine and will not depend on a plugin feed).
What you're requesting can not be done _cleanly_. What I'd suggest is
to have a cron job (eg: a perl script) creating a plugin with the
newest version number instead.
That being said, you could create temporary files as use them as
locks (the code below has not been tested but should put you on the
right track) :
#
# If another plugin is doing an update, wait for a bit
#
while ( file_stat("symantec-lockfile.txt") > 0 )
{
sleep(1);
}
#
# Check the timestamp
#
buf = fread("symantec-timestamp.txt");
# If there is no lockfile or if it is too old, then fetch the newest
sigs
if ( isnull(buf) || unixtime() - int(buf) > (3600*24) )
{
fwrite(file:"symantec-tmp.txt", data:"wait";);
argv[0] = "curl";
argv[1] = "http://definitions.symantec.com/defs/";;
results = pread(cmd: "curl", argv: argv, nice: 5);
foreach line ( split( results) ) {
match = eregmatch( string: line, pattern: '([0-9]{8})-[0-9]{3}-
i32.exe', icase: TRUE );
if( !isnull( match ) ) signature += match[1] + ' ';
}
fwrite(file:"symantec-datafile.txt", data:signature);
fwrite(file:"symantec-timestamp.txt", data:string(unixtime()));
unlink("symantec-lockfile.txt");
}
else
{
signature = fread("symantec-datafile.txt");
}
-- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
