oh, and make sure to do this on a copy named something else :)
On 8/9/07, Doug Nordwall <[EMAIL PROTECTED]> wrote:
>
> you should be able to modify that nasl script and stick it into the 60k
> range on the ID. since it just sets kb_items, making yoru mods and setting
> the kb items you want should work just fine.
>
> On 8/9/07, Serkan Özkan <[EMAIL PROTECTED]> wrote:
> >
> > I will try it and let you know .
> > Thanks.
> >
> > Regards
> >
> >
> > On 8/9/07, Pavithra H <[EMAIL PROTECTED]> wrote:
> > > Code snippet from ssh_get_info.nasl which handles Slackware.
> > >
> > > ###################### Slackware
> > > ########################################
> > >
> > > buf = info_send_cmd(cmd: 'cat /etc/slackware-version');
> > >
> > > if ("Slackware" >< buf)
> > > {
> > > buf = ereg_replace(string: buf, pattern: "^Slackware +", replace:
> > "");
> > > report += '\nThe remote Slackware system is :\n' + buf;
> > > if (buf !~ '^[0-9.]+[ \t\r\n]*$')
> > > {
> > > report += '\nThe Slackware version is unknown, therefore
> > > local security checks have been disabled\n';
> > > security_note(port:port, data:report);
> > > exit(0);
> > > }
> > > set_kb_item(name:"Host/Slackware/release", value:
> > > chomp(buf));
> > >
> > > buf = info_send_cmd(cmd: 'ls -1 /var/log/packages');
> > >
> > > if (buf)
> > > {
> > > report += '\nLocal security checks have been enabled for this
> > host.';
> > > set_kb_item(name:"Host/Slackware/packages",
> > > value:buf);
> > > set_kb_item(name:'Host/local_checks_enabled', value:
> > > TRUE);
> > > security_note(port:port, data:report);
> > > }
> > > else
> > > {
> > > report +=
> > > 'For any reason, /var/log/packages/ could not be read,
> > > therefore local security checks have been disabled';
> > > set_kb_item(name:'HostLevelChecks/failure',
> > > value:"'/var/log/packages' could not be read");
> > > security_note(port:port, data:report);
> > > }
> > > misc_calls_and_exit();
> > > }
> > >
> > > report +=
> > > '\nThe remote Linux distribution is not supported, therefore local
> > security
> > > checks have not been enabled';
> > > security_note(port:port, data:report);
> > > set_kb_item(name:'HostLevelChecks/failure',
> > > value:"Unsupported Linux distribution");
> > > misc_calls_and_exit();
> > > }
> > >
> > >
> > ########################################################################
> > >
> > > From the code it is inferred that executing a command 'cat
> > > /etc/slackware-version' confirms Slackware has been installed and then
> > only
> > > proceed further. So if you have the permission to edit this plugin as
> > below.
> > > But remember this will break the chain of detecting Slackware and
> > enforcing
> > > the local checks in Slackware. If you run this script any other system
> > it
> > > sets the kb item for Slackware since we dont any checks to say which
> > Os is
> > > running.
> > >
> > > #############################################
> > > # hard code Slackware release version here
> > > buf = 10.0; # whatever version that has been installed
> > > set_kb_item(name:"Host/Slackware/release", value:
> > > chomp(buf));
> > >
> > > buf = info_send_cmd(cmd: 'ls -1 /var/log/packages');
> > >
> > > if (buf)
> > > {
> > > report += '\nLocal security checks have been enabled for this
> > host.';
> > > set_kb_item(name:"Host/Slackware/packages",
> > > value:buf);
> > > set_kb_item(name:'Host/local_checks_enabled', value:
> > > TRUE);
> > > security_note(port:port, data:report);
> > > }
> > > else
> > > {
> > > report +=
> > > 'For any reason, /var/log/packages/ could not be read,
> > > therefore local security checks have been disabled';
> > > set_kb_item(name:'HostLevelChecks/failure',
> > > value:"'/var/log/packages' could not be read");
> > > security_note(port:port, data:report);
> > > }
> > > misc_calls_and_exit();
> > > }
> > >
> > > report +=
> > > '\nThe remote Linux distribution is not supported, therefore local
> > security
> > > checks have not been enabled';
> > > security_note(port:port, data:report);
> > > set_kb_item(name:'HostLevelChecks/failure',
> > > value:"Unsupported Linux distribution");
> > > misc_calls_and_exit();
> > > #####################
> > >
> > > PS: I have not tested the code. Pls try the code & do reply.
> > >
> > > On 8/9/07, Serkan Özkan <[EMAIL PROTECTED] > wrote:
> > > > Yes, i have it.
> > > >
> > > > On 8/9/07, Pavithra H < [EMAIL PROTECTED]> wrote:
> > > > > hey do you have the permission to modify the plugin
> > ssh_get_info.nasl?
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Thanks,
> > > Pavithra.H
> > > Research Analyst, Thirdbrigade Labs
> > > Bangalore
> > _______________________________________________
> > Nessus mailing list
> > [email protected]
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
>
>
>
> --
> Doug Nordwall
> Unix, Network, and Security Administrator
> You mean the vision is subject to low subscription rates?!!? - Scott
> Stone, on MMORPGs
--
Doug Nordwall
Unix, Network, and Security Administrator
You mean the vision is subject to low subscription rates?!!? - Scott Stone,
on MMORPGs
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
