Hello Christian, I have added socket functions inside if(soc) which resolves the dump errors. Before calling the functions such as send(), close(), there should always be a check soc either,
If(soc) or if(!soc) exit(0) Also there are few more problems in the plugin, In ln 114, you are constructing a complete HTTP GET request and then calling http_get() function, http_get itself will do all these, just need to pass the URL. In this case http_get() is returning a wrong HTTP request. Thanks, Chandra. -----Original Message----- From: openvas-devel-boun...@wald.intevation.org [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Christian Eric Edjenguele Sent: Tuesday, September 01, 2009 9:52 PM To: openvas-devel@wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits] r4805 -trunk/openvas-plugins/scripts -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Chandra, I'm not certain about changes in this code, Jan told me about some errors, but does identation solves the problem ? thanks. scm-com...@wald.intevation.org wrote: > Author: chandra > Date: 2009-09-01 12:58:12 +0200 (Tue, 01 Sep 2009) > New Revision: 4805 > > Modified: > trunk/openvas-plugins/scripts/remote-MS04-017.nasl > Log: > Updated to resolve the issue in dump messages > > Modified: trunk/openvas-plugins/scripts/remote-MS04-017.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01 09:22:54 UTC (rev 4804) > +++ trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01 10:58:12 UTC (rev 4805) > @@ -108,19 +108,22 @@ > foreach page (pages) > { > soc = open_sock_tcp(port); > - # build the malicious request > - request = page + '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini' ; > + if(soc) > + { > + # build the malicious request > + request = page + '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini' ; > > - qry = string('GET ' + request + ' HTTP/1.0\r\n', > - 'Host: ' + h_ip + ':' + port + '\r\n\r\n'); > + qry = string('GET ' + request + ' HTTP/1.0\r\n', > + 'Host: ' + h_ip + ':' + port + '\r\n\r\n'); > > - req = http_get(item:qry, port:port); > - send(socket:soc, data: req); > + req = http_get(item:qry, port:port); > + send(socket:soc, data: req); > > - # Get back the response > - reply = recv(socket:soc, length:4096); > + # Get back the response > + reply = recv(socket:soc, length:4096); > > - close(soc); > + close(soc); > + } > > if(reply) > { > > _______________________________________________ > Openvas-commits mailing list > openvas-comm...@wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-commits - -- Christian Eric Edjenguele IT Security Engineer PGP KeyID: 0xB1654498 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJKnUoMAAoJENETScWxZUSYfFgH/jgW7VwvG8fPAcfbI1P8IXwB XwgrzX2rha7Qqqrceswpkyh+qVwt9X4RTeKQRVlLnKCZBT7pqEXWdAvlYsNdQcEP wkMYLl/D5BLWyDNAJ/FaEfyq9PXgz/jjg7l0Y8MSy5hF9J5zoL5IQSwIO2RTDqYx rjVgYHX3h+Vkr08Y6V7hbpVrVQfnvJmaMWx+kis6SUyAdJti6C6Nz4SCRcwn1j7l yQFQZCU4GfMCYGVwwbuPZZh2n4GVgLEQ4p4kkFCe+K364t+wVSNem5WrFsD68MCS WEcYt0eq78pCN9TqYNyDU+X4I1lggJQbVRHmE6U+Dh/L0wEu1dUoM3D701C56h4= =xhPQ -----END PGP SIGNATURE----- _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
