On Fri, 7 Feb 2003, Norbert Kiesel wrote:
> Hi,
>
> yes this would work - kind of. Then I would get a list of all plugins
> which were enabled. What would be really cool would be to get something
> like:
> 1023:LAUNCHED
> 1024:DISABLED
> 1025:NOPORT
> 1026:UNSAFE
> 1027:NOPORT
> 1028:LAUNCHED
> ...
>
> i.e. about the same information we currently have in the log file (with
> preferences_log_whole_attack enabled), just in a better parseable format
> and in the result instead of the log.
>
> AFAICS, this result per plugin is currently not stored anywhere (i.e.
> attack.c just writes it into the log file).
>
> --nk
That involves a little more code to actually be transmitted to the
client. If the plugin does not generate any vulnerability report, then
it's status is not sent to the client. So you'd have to hack
nessusd/attack.c to send a message to the client, and add it to the
report client side.
Hopefully, I will get sometime to code this weekend and I can have
something similar posted by next week (hopefully).
>
>
> On Fri, 2003-02-07 at 12:52, William Heinbockel wrote:
> > On Fri, 7 Feb 2003, Norbert Kiesel wrote:
> >
> > > Hi,
> > >
> > > I would like to know which attacks (i.e. attack_ids) were run against a
> > > target (so that I know whether i did not find a vuln because it's not
> > > there or because i just disabled this plugin). Is there any place where
> > > I can access this kind of information? Currently I hacked
> > > nessusd/attack.c to include the attack_id in the (three) places where it
> > > writes "launching ... against" or "not launching ..." into the log
> > > file. One drawback is that this only writes it into the log, not the
> > > result file (i.e. i currently stop nessusd after each scan and copy the
> > > logfile).
> > >
> > > Any ideas?
> >
> > Right now, there is no way to output the tests run into a report.
> >
> > Putting this code into one of the report sections will
> > print all of the tests into the report.
> >
> > Format the output string as needed...
> >
> > <START CODE>
> > struct arglist * temp = arg_get_value( Prefs, "PLUGIN_SET" );
> > while( temp && temp->next ) {
> > if( temp->value == (void *) 1 )
> > fprintf( file, "Plugin %s was run.\n", temp->name );
> > }
> > <END CODE>
> >
> > I'm currently working on adding that and some other information
> > into the Nessus reports, but have temporarily been sidetracked
> > with adding a database-backend to the Nessus server.
> >
> > Hope that helps.
> >
> > >
> > > so long
> > > Norbert
> > >
> > > --
> > > Norbert Kiesel <[EMAIL PROTECTED]>
> > > TBD Networks
> > >
> > >
> >
> > ----------------------
> > William Heinbockel
> > Information Security Incident Response Assistant
> > Co-op Risk & Safety Management
> > Rochester Institute of Technology
> > E-mail: [EMAIL PROTECTED]
> --
> Norbert Kiesel <[EMAIL PROTECTED]>
> TBD Networks
>
>
----------------------
William Heinbockel
Information Security Incident Response Assistant
Co-op Risk & Safety Management
Rochester Institute of Technology
E-mail: [EMAIL PROTECTED]
