Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PHP NASL scripts

from [Mike Gilligan] Network Security [Permanent Link]
Subject: RE: PHP NASL scripts
Date: Wed, 27 Jun 2007 14:58:27 +0800
Thanks Reg. The reason for the NASL is that we want to encorporate the PHP discovery scan into our weekly Nessus scans of our external ranges. We'd rather centralise all scanning than build different shell scripts for different tasks. Your approach would work very well of course.

Mike.


From: "Reg Quinton" <reggers@ist.uwaterloo.ca>
To: "'Mike Gilligan'" <mikewgilligan@hotmail.com>, <nessus@list.nessus.org>
Subject: RE: PHP NASL scripts  Date: Tue, 26 Jun 2007 15:28:06 -0400

Why nessus and NASL? You can probe a web server for it's version like this:

[3:22pm dominic] lwp-request -e http://<name-or-number> | grep '^Server:'
Server: Apache/1.3.34 Ben-SSL/1.55 (Unix) PHP/4.4.1 mod_perl/1.21

"lynx -head" would do the same.

> -----Original Message-----
> From: nessus-bounces@list.nessus.org [mailto:nessus-
> bounces@list.nessus.org] On Behalf Of Mike Gilligan
> Sent: June 26, 2007 12:08 AM
> To: nessus@list.nessus.org
> Subject: PHP NASL scripts
>
> Hi
>
> I'm looking for a NASL script that simply does a banner grab on a host
> running PHP for either the X-Powered-By or PHP version information with
> the
> end goal of compiling a list of external hosts running PHP. Does
> something
> like this already exist in the current 'free' plugin feed or would I
> need to
> go about writing my own?
>
> Thanks,
>
> Mike.
>
> _________________________________________________________________
> Get the new Windows Live Messenger!
> http://get.live.com/messenger/overview
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus


_________________________________________________________________
Find singles online in your area with MSN Dating and Match.com! http://cp.intl.match.com/eng/msn/msnsg/wbc/wbc.html

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Control Nessus for Windows from NessusWX, Ron Gula
Next by Date:  RE: Control Nessus for Windows from NessusWX, Mercer, Jeff C - Raleigh, NC
Previous by Thread:  RE: PHP NASL scripts, Reg Quinton
Next by Thread:  Nessus 3.0.6 and 2.2.10 released, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]