Author: jan
Date: 2007-07-31 16:52:22 +0200 (Tue, 31 Jul 2007)
New Revision: 347
Added:
trunk/openvas-plugins/scripts/slad_fetch_results.nasl
trunk/openvas-plugins/scripts/slad_init.nasl
trunk/openvas-plugins/scripts/slad_run.nasl
trunk/openvas-plugins/scripts/slad_ssh.inc
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/VERSION
Log:
* scripts/slad_fetch_results.nasl, scripts/slad_init.nasl,
scripts/slad_run.nasl, scripts/slad_ssh.inc: New. Plugins for
managing SLAD (Security Local Auditing Daemon).
* VERSION: Changed to 0.9.1.SVN.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2007-07-31 13:44:45 UTC (rev 346)
+++ trunk/openvas-plugins/ChangeLog 2007-07-31 14:52:22 UTC (rev 347)
@@ -1,3 +1,11 @@
+2007-07-31 Jan-Oliver Wagner <[EMAIL PROTECTED]>
+
+ * scripts/slad_fetch_results.nasl, scripts/slad_init.nasl,
+ scripts/slad_run.nasl, scripts/slad_ssh.inc: New. Plugins for
+ managing SLAD (Security Local Auditing Daemon).
+
+ * VERSION: Changed to 0.9.1.SVN.
+
2007-07-28 Jan-Oliver Wagner <[EMAIL PROTECTED]>
* MANIFEST: updated.
Modified: trunk/openvas-plugins/VERSION
===================================================================
--- trunk/openvas-plugins/VERSION 2007-07-31 13:44:45 UTC (rev 346)
+++ trunk/openvas-plugins/VERSION 2007-07-31 14:52:22 UTC (rev 347)
@@ -1 +1 @@
-0.9.0
+0.9.1.SVN
Added: trunk/openvas-plugins/scripts/slad_fetch_results.nasl
===================================================================
--- trunk/openvas-plugins/scripts/slad_fetch_results.nasl 2007-07-31
13:44:45 UTC (rev 346)
+++ trunk/openvas-plugins/scripts/slad_fetch_results.nasl 2007-07-31
14:52:22 UTC (rev 347)
@@ -0,0 +1,79 @@
+#
+#
+# Copyright 2005 DN Systems GmbH
+#
+# License: GNU GPLv2 or any later version
+#
+
+debug = 0;
+
+include ("ssh_func.inc");
+include ("slad.inc");
+include ("slad_ssh.inc");
+
+if(description) {
+ script_id(90003);
+ script_version ("1.0");
+ name["english"] = "SLAD Fetch Results";
+
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+This script connects to SLAD on a remote host to fetch
+the result from scripts started earlier.
+To work properly, this script requires to be provided
+with a valid SSH login by means of an SSH key with pass-
+phrase if the SSH public key is passphrase-protected, or
+a password to log in.";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Connects to SLAD to fetch installed plugins";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"This script is Copyright 2005 DN Systems GmbH");
+ family["english"] = "SLAD";
+ script_family(english:family["english"]);
+
+ script_dependencies ("find_service.nes", "slad_init.nasl");
+ script_require_ports (22, "Services/ssh");
+ script_require_keys ("SLAD/login");
+
+ exit(0);
+}
+
+{
+ sock = slad_ssh_login ();
+
+ slad_exe = '/opt/slad/bin/sladd';
+ slad_cmd = slad_exe + ' -s jobs';
+
+ report = ssh_cmd (socket:sock, cmd:slad_cmd, timeout:60);
+ if (debug) display (report);
+
+ bhead = report;
+ while (bhead) {
+ eol = strstr (bhead, string ("\n"));
+ line = substr (bhead, 0, strlen (bhead) - strlen (eol) -1);
+ bhead = substr (bhead, strlen (line) + 1);
+ parts = split (line, sep: ':', keep: FALSE);
+ job = parts[1] + ":" + parts[2] + ":" + parts[3];
+ desc = get_slad_description (entry: job);
+
+ if (debug) display ("line:", line, "Part0: ", parts[0], " job: ", job, "
desc: ", desc, string ("\n"));
+
+ if (parts[0] == "R") {
+ running += string (desc + "\n");
+ } else if (parts[0] == "T") {
+ results += string (desc + "\n");
+ slad_cmd = slad_exe + ' -s ' + job;
+ results += ssh_cmd (socket:sock, cmd:slad_cmd, timeout:60);
+ results += string ("\n");
+ }
+ }
+ if (results) security_warning (data: results);
+ if (running) security_warning (data: string ("Still running processes: \n" +
running));
+ close (sock);
+}
Added: trunk/openvas-plugins/scripts/slad_init.nasl
===================================================================
--- trunk/openvas-plugins/scripts/slad_init.nasl 2007-07-31 13:44:45 UTC
(rev 346)
+++ trunk/openvas-plugins/scripts/slad_init.nasl 2007-07-31 14:52:22 UTC
(rev 347)
@@ -0,0 +1,72 @@
+#
+#
+# Copyright 2005 DN Systems GmbH
+#
+# License: GNU GPLv2 or any later version
+#
+
+debug = 0;
+slad_login_name = "slad";
+
+if(description) {
+ script_id(90001);
+ script_version ("1.0");
+ name["english"] = "SLAD Init";
+
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+This script provides the SLAD scripts with login
+information.";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Set SLAD login information";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_INIT);
+
+ script_copyright(english:"This script is Copyright 2005 DN Systems GmbH");
+ family["english"] = "SLAD";
+ script_family(english:family["english"]);
+
+ # The script preferences
+ script_add_preference (name: "slad SSH public key:", type: "file",
+ value: "");
+ script_add_preference (name: "slad SSH private key:", type: "file",
+ value: "");
+ script_add_preference (name: "slad SSH key passphrase:", type: "password",
+ value: "");
+ exit(0);
+}
+
+{
+ if (debug) {
+ display ("kb: n: <", get_kb_item ("SLAD/login"), ">\n");
+ display ("pub: ", get_kb_item ("SLAD/publickey"), "\n");
+ display ("priv: ", get_kb_item ("SLAD/privatekey"), "\n");
+ }
+
+ # Get the values from the script preferences
+ slad_public_key = script_get_preference_file_content ("slad SSH public
key:");
+ slad_private_key = script_get_preference_file_content ("slad SSH private
key:");
+ slad_key_passphrase = script_get_preference ("slad SSH key passphrase:");
+
+ if (debug) {
+ display ("d1: pp: <", slad_key_passphrase, ">\n");
+ display ("pub: ", slad_public_key, "\n");
+ display ("priv: ", slad_private_key, "\n");
+ }
+
+ # Store secret information for running/fetching results
+ if (slad_key_passphrase)
+ replace_kb_item (name: "Secret/SLAD/passphrase", value:
slad_key_passphrase);
+
+ replace_kb_item (name: "SLAD/login", value: slad_login_name);
+
+ if (slad_public_key)
+ replace_kb_item (name: "SLAD/publickey", value: slad_public_key);
+
+ if (slad_private_key)
+ replace_kb_item (name: "SLAD/privatekey", value: slad_private_key);
+}
Added: trunk/openvas-plugins/scripts/slad_run.nasl
===================================================================
--- trunk/openvas-plugins/scripts/slad_run.nasl 2007-07-31 13:44:45 UTC (rev
346)
+++ trunk/openvas-plugins/scripts/slad_run.nasl 2007-07-31 14:52:22 UTC (rev
347)
@@ -0,0 +1,57 @@
+#
+#
+# Copyright 2005 DN Systems GmbH
+#
+# License: GNU GPLv2 or any later version
+#
+
+debug = 0;
+
+include ("ssh_func.inc");
+include ("slad_ssh.inc");
+include ("slad.inc");
+
+if (description) {
+ script_id(90002);
+ script_version ("1.0");
+ name["english"] = "SLAD Run";
+
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+This script connects to SLAD on a remote host to run
+remote scanners.
+To work properly, this script requires to be provided
+with a valid SSH login by means of an SSH key with pass-
+phrase if the SSH public key is passphrase-protected, or
+a password to log in.";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Connects to SLAD to tun programs remotely";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"This script is Copyright 2005 DN Systems GmbH");
+ family["english"] = "SLAD";
+ script_family(english:family["english"]);
+
+ script_dependencies ("find_service.nes", "slad_init.nasl");
+ script_require_ports (22, "Services/ssh");
+
+ # Dynamic entries for running from slad.inc
+ init_add_preferences ();
+
+ exit(0);
+}
+
+{
+ if (debug)
+ dump_preferences ();
+
+ sock = slad_ssh_login ();
+ run_slad (sock: sock, slad_exe: "/opt/slad/bin/sladd");
+
+ close (sock);
+}
Added: trunk/openvas-plugins/scripts/slad_ssh.inc
===================================================================
--- trunk/openvas-plugins/scripts/slad_ssh.inc 2007-07-31 13:44:45 UTC (rev
346)
+++ trunk/openvas-plugins/scripts/slad_ssh.inc 2007-07-31 14:52:22 UTC (rev
347)
@@ -0,0 +1,47 @@
+#
+#
+# Copyright 2005 DN Systems GmbH
+#
+# License: GNU GPLv2 or any later version
+#
+function slad_ssh_login () {
+ slad_key_passphrase = get_kb_item ("Secret/SLAD/passphrase");
+ slad_login_name = get_kb_item ("SLAD/login");
+ slad_public_key = get_kb_item ("SLAD/publickey");
+ slad_private_key = get_kb_item ("SLAD/privatekey");
+
+ if (debug) {
+ display ("slad_run: n: <", slad_login_name,
+ "> pp: <", slad_key_passphrase, ">\n");
+ display ("pub: ", slad_public_key, "\n");
+ display ("priv: ", slad_private_key, "\n");
+ }
+
+ if (!slad_login_name) {
+ security_warning (port: 22, data: "no username given");
+ exit (0);
+ }
+ if (!slad_private_key) {
+ security_warning (port: 22, data: "no key given");
+ exit (0);
+ }
+
+ # Connect via SSH
+ port = kb_ssh_transport();
+ if (!port) port = 22;
+ else port = int (port);
+ sock = open_sock_tcp (port);
+ if (!sock || sock < 1) {
+ security_warning (port: port, data: "could not get socket");
+ exit (0);
+ }
+ if (ssh_login (socket:sock, login: slad_login_name, password: NULL,
+ pub: slad_public_key, priv: slad_private_key,
+ passphrase: slad_key_passphrase) != 0) {
+ security_warning (port: port, data: "could not log in");
+ close (sock);
+ exit (0);
+ }
+
+ return sock;
+}
_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
