Remember that your changes will be overwritten the next time Nessus updates its
plugins.
________________________________
From: nessus-bounces@list.nessus.org on behalf of Pavithra H
Sent: Thu 8/9/2007 7:10 AM
To: Serkan Özkan; nessus@list.nessus.org
Subject: Re: force slackware plugins
Code snippet from ssh_get_info.nasl which handles Slackware.
###################### Slackware ########################################
buf = info_send_cmd(cmd: 'cat /etc/slackware-version');
if ("Slackware" >< buf)
{
buf = ereg_replace(string: buf, pattern: "^Slackware +", replace: "");
report += '\nThe remote Slackware system is :\n' + buf;
if (buf !~ '^[0-9.]+[ \t\r\n]*$')
{
report += '\nThe Slackware version is unknown, therefore
local security checks have been disabled\n';
security_note(port:port, data:report);
exit(0);
}
set_kb_item(name:"Host/Slackware/release", value: chomp(buf));
buf = info_send_cmd(cmd: 'ls -1 /var/log/packages');
if (buf)
{
report += '\nLocal security checks have been enabled for this host.';
set_kb_item(name:"Host/Slackware/packages", value:buf);
set_kb_item(name:'Host/local_checks_enabled', value: TRUE);
security_note(port:port, data:report);
}
else
{
report +=
'For any reason, /var/log/packages/ could not be read,
therefore local security checks have been disabled';
set_kb_item(name:'HostLevelChecks/failure', value:"'/var/log/packages'
could not be read");
security_note(port:port, data:report);
}
misc_calls_and_exit();
}
report +=
'\nThe remote Linux distribution is not supported, therefore local security
checks have not been enabled';
security_note(port:port, data:report);
set_kb_item(name:'HostLevelChecks/failure', value:"Unsupported Linux
distribution");
misc_calls_and_exit();
}
########################################################################
From the code it is inferred that executing a command 'cat
/etc/slackware-version' confirms Slackware has been installed and then only
proceed further. So if you have the permission to edit this plugin as below.
But remember this will break the chain of detecting Slackware and enforcing
the local checks in Slackware. If you run this script any other system it sets
the kb item for Slackware since we dont any checks to say which Os is running.
#############################################
# hard code Slackware release version here
buf = 10.0; # whatever version that has been installed
set_kb_item(name:"Host/Slackware/release", value: chomp(buf));
buf = info_send_cmd(cmd: 'ls -1 /var/log/packages');
if (buf)
{
report += '\nLocal security checks have been enabled for this host.';
set_kb_item(name:"Host/Slackware/packages", value:buf);
set_kb_item(name:'Host/local_checks_enabled', value: TRUE);
security_note(port:port, data:report);
}
else
{
report +=
'For any reason, /var/log/packages/ could not be read,
therefore local security checks have been disabled';
set_kb_item(name:'HostLevelChecks/failure', value:"'/var/log/packages'
could not be read");
security_note(port:port, data:report);
}
misc_calls_and_exit();
}
report +=
'\nThe remote Linux distribution is not supported, therefore local security
checks have not been enabled';
security_note(port:port, data:report);
set_kb_item(name:'HostLevelChecks/failure', value:"Unsupported Linux
distribution");
misc_calls_and_exit();
#####################
PS: I have not tested the code. Pls try the code & do reply.
On 8/9/07, Serkan Özkan <serkanozkan@gmail.com > wrote:
Yes, i have it.
On 8/9/07, Pavithra H < pavithra.chihan@gmail.com
<mailto:pavithra.chihan@gmail.com> > wrote:
> hey do you have the permission to modify the plugin ssh_get_info.nasl?
>
--
Thanks,
Pavithra.H
Research Analyst, Thirdbrigade Labs
Bangalore
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
