On Sat, 20 Apr 2002, Troy Perkins wrote:
>
> I am wanting to write a nasl module that compares cgi-bin contents to an
> index of cgi files that should be there. If any other executables are there
> that are not in the index, I would like it to alert me of this.
>
> Is this at all possible?
>
> I know you can check for specific files in the cgi-bin, but can you compare
> the directory contents to an index?
Your problem is not nessus specific.
The problem is that only very poorly configured servers will show you a
directory listing of the directory holding the CGI scripts. I do not
believe any servers will have this as default these days.
So there is no other way but to try every single known CGI script on the
server.
Hugo.
--
All email send to me is bound to the rules described on my homepage.
[EMAIL PROTECTED] http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of sysadmins,
for they are subtle and quick to anger.
