Hello Veerendra, Thank you very much for your reply. I tried the script you attached. Below is the output: ============ User Name : test Passwd : test Host : 192.168.2.2
Connected to host with handle 16241040 nasl_wmi_reg_enum_value: WMI query failed Registry Enum Entries : nasl_wmi_reg_get_sz: WMI Registry get failed Registry Get SZ Value : =================== I also tried using a VB script, which was working fine. I guess the problem probably is the wmi library on my machine doesn't work properly. I'm using wmi-1.3.14(http://www.openvas.org/download/wmi/), openvas-libraries-6.0.0, and Ubuntu 12.10 (x86_64 GNU/Linux). Could you please let me know which environment you were running the script on? Thank you very much. *--* *Yanjin Ding* *Software Engineer* *NOPSEC INC.* *Email: yd...@nopsec.com* *NopSec helps businesses holistically manage IT security vulnerabilities. www.nopsec.com* On Thu, May 16, 2013 at 3:16 AM, Veerendra Ganiger <veerendr...@secpod.com>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello Mr. Yanjin, > > Attaching new small NVT using wmi_connect_reg() function. > > Let us know, if you need any thing. > > > NASL out put : > ============== > openvas-nasl -X wmi_reg_test.nasl -t 192.168.1.230 > > User Name : test > Passwd : test > Host : 192.168.1.230 > > Connected to host with handle 161723352 > > Registry Enum Entries : > > DevicePath|MediaPathUnexpanded|SM_GamesName|SM_ConfigureProgramsName|ProgramFilesDir|ProductId|WallPaperDir|MediaPath|ProgramFilesPath|SM_AccessoriesName|PF_AccessoriesName|SM_ConfigureProgramsExisted|CommonFilesDir > > Registry Get SZ Value : C:\Program Files > > > Thanks! > Veerendra > > On Wednesday 15 May 2013 01:04 AM, Yanjin Ding wrote: > > Hello Mr. Ganiger, > > > > I tried your example script, it works. But I'm still having a problem > with > > query registry using "wmi_connect_reg" and "wmi_reg_enum_value". The > error > > is "WMI query failed" for "wmi_reg_enum_value". The example script is > > attached. Could you please take a look and see if there's any problem? > > Thank you. > > > > *--* > > *Yanjin Ding* > > > > > > > > > > On Tue, May 14, 2013 at 6:59 AM, Veerendra Ganiger > > <veerendr...@secpod.com>wrote: > > > > Hello Yanjin, > > > > Tested wmi connect on Windows XP SP3 and is working fine. > > Attaching a small NASL script, please check is it working or not. > > > > We will try to reproduce the issue, please provide which platform you > > are using. > > > > > > openvas-nasl -X wmi_connect_test.nasl -t 192.168.1.230 > > > > NASL script out put : > > ===================== > > User Name : test > > Passwd : test > > Host : 192.168.1.230 > > > > Connected to host with handle 152144128 > > > > Executing wmi query : SELECT IPAddress, MacAddress, Description FROM > > Win32_NetworkAdapterConfiguration Where IPEnabled = True > > > > Query Result : Description|Index|IPAddress|MACAddress > > VMware Accelerated AMD PCNet Adapter - Packet Scheduler > > Miniport|1|192.168.1.230|00:0a:11:64:01:7A > > VMware Accelerated AMD PCNet Adapter - Packet Scheduler > > Miniport|10|192.168.1.230|00:0a:11:64:01:7A > > > > > > Thanks! > > Veerendra > > > > On Tuesday 14 May 2013 01:45 AM, Yanjin Ding wrote: > >>>> Dear all, > >>>> > >>>> I'm having problem with connecting and querying through wmi. The log > > says: > >>>> WMI Connect Failed. > >>>> > >>>> I used "wmic" from command line, it's able to get RSOP results back. I > > also > >>>> used "gpresult" which is a microsoft tool to query RSOP data, and > it's > >>>> working. I believe the host configuration with WMI is correct. > >>>> > >>>> But openvas still can't connect through WMI. I installed wmi following > >>>> instructions here: > >>>> > > > http://code.ohloh.net/file?fid=FUi4Z0R3xgX0oCjcpy4vdQq7eec&cid=MQKpc2gZPvw&s=&browser=Default#L0 > >>>> . > >>>> > >>>> Also I wrote a test nasl script, first set host, username and password > >>>> properly, then call the function: > >>>> wmi_connect(host:host, username:usrname, password:passwd); > >>>> and run the script using openvas-nasl. It printed our error message: > >>>> > >>>> > [librpc/rpc/dcerpc_connect.c:329:dcerpc_pipe_connect_ncacn_ip_tcp_recv()] > >>>> failed NT status (c0000236) in dcerpc_pipe_connect_ncacn_ip_tcp_recv > >>>> [librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed > NT > >>>> status (c0000236) in dcerpc_pipe_connect_b_recv > >>>> nasl_wmi_connect: WMI Connect failed > >>>> > >>>> I'm using openvas 6 libraries and wmi 1.3.14. > >>>> > >>>> Can anyone help me out? Thank you in advance. > >>>> *--* > >>>> *Yanjin Ding* > >>>> > >>>> > >>>> > >>>> _______________________________________________ > >>>> Openvas-devel mailing list > >>>> Openvas-devel@wald.intevation.org > >>>> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-devel > >>>> > >> > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJRlIfHAAoJEFdbOg70fJia8BoIAIY2N/Ff57bBDHmPGagEinkX > 5vFRoM/bYnsjwXZbY7tgDzJnf4uvYZqZUjtzg/nzgzsKP1+W9nZ81OM9RGCEr1dO > xYSOlvHbttEVGw9qFb2nTv/Tv397VhnnVBGpBJ/d2ZcqJQBXlr5Sm0Ntah87aELf > +ypjQJS185jrdmmaJbkH9kRXCVdccu97HWjlRb8rdSB2yr781BWFNaXV3yMCqB69 > q2VhDWOcMTZKvOsTUFkt65Z98OoFaPr7ep/jcAGH3d4M0POZ+GGvpQSgq5bco9Be > hFnv7sBHE2fH3qHCuNg+4CsCQHhXCCOyL0A9dnSelVQ6/9quI+g0LYlLq943/TA= > =sGEp > -----END PGP SIGNATURE----- >
_______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-devel
