hm, I see, so finally I've to use a regular expression to do that... I think that integrating the python interpreter (cpython) should very interesting, python is open and they are a lot of standard modules for security and network manipulation. what do you think ? === Christian Eric Edjenguele IT Security Software Developer & Researcher tel. +39 3408580513 View my linkedin profile: http://www.linkedin.com/in/edjenguele My blog: http://www.edjenguele.blogspot.com --- Management, Developers, Security Professionals – can only result in one thing…… better security. http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th 2008
----- Messaggio originale ----- Da: Thomas Reinke <[EMAIL PROTECTED]> Cc: openvas-devel <openvas-devel@wald.intevation.org> Inviato: Lunedì 1 settembre 2008, 23:05:26 Oggetto: Re: [Openvas-devel] Plugins development There is a wealth of information on how to do this by looking at the nasl scripts already in svn. An example (one of many), can be found by looking at apache_input_header_folding_dos.nasl. The only thing I don't like in this script is the egrep pattern to verify a version number. I have seen numerous times when regexs fail after a version number bumps from 9 to 10, causing false positive vulnerability reports. There are available libs that do that comparison more easily and accurately (e.g. see revcomp(a,b) in revisions-lib.inc). Thomas Christian Eric EDJENGUELE wrote: > Hi all, > so, i made a HTTP GET REQUEST, does openvas has a function to lookup for > specific string in the header ? > > for example if the response look like this: > > date: 12/30/2008 > server: apache 2.25 (Win32) > > can I get the header 'server' and lookup for the string Win32 ? or they are > not function that do that, and I've to use alternate method (regular > expressions)? > === > Christian Eric Edjenguele > IT Security Software Developer & Researcher > tel. +39 3408580513 > View my linkedin profile: http://www.linkedin.com/in/edjenguele > My blog: http://www.edjenguele.blogspot.com > --- > Management, Developers, Security Professionals – can only result in one > thing…… better security. > http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept > 22nd-25th 2008 > > __________________________________________________ > Do You Yahoo!? > Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto > spazio gratuito per i tuoi file e i messaggi > http://mail.yahoo.it > _______________________________________________ > Openvas-devel mailing list > Openvas-devel@wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel __________________________________________________ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
