Hello Christian, Impacket is a nice idea, we should at least consider using it for SMB packet crafting purposes. But, OpenVAS has to be extended to use this Python library. We could discuss this in DevCon #2.
I am not sure about Python replacement, probably a better option than NASL. We need a separate CR for that :) Thanks, Chandra. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Christian Eric EDJENGUELE Sent: Friday, May 22, 2009 4:37 PM To: [email protected] Subject: Re: [Openvas-discuss] Introducing support for WMI Hello all, I've successfully used impacket from core security, it is an open source project but released under a apache-like license. The following protocols are featured in Impacket * Ethernet, Linux "Cooked" capture. * IP, TCP, UDP, ICMP, IGMP, ARP. * NMB and SMB (high-level implementations). * DCE/RPC versions 4 and 5, over different transports: UDP (version 4 exclusively), TCP, SMB/TCP, SMB/NetBIOS and HTTP. * Multiple ways of doing SMB tree_connect, file open, read, write. * SMB "fragmentation", SMB AndX command chaining. * Plain, NT and LM v1 authentications, using password and hashes only. * Portions of the following DCE/RPC interfaces: Conv, DCOM, EPM, SAMR, SvcCtl, WinReg. * DCERPC Alternate contexts, Multi-bind requests, Endianness selection * DCERPC NT and LM v1 authentication, integrity checking and encryption. * DCERPC v4 and v5 fragmentation, DCERPC v4 idempotent requests.this can also be replacement of smb_nt.inc function (and can resolve the bug 779). But does it make sense integrate python in OpenVAS ? I think it's time to build OpenVAS upon a powerful and flexible object-oriented language, python is good candidate.he _winreg module ( renamed to winreg in Python 3.0. ) provide windows registry access. For your information, I already have all smb related function implemented in python. You can refer to the official web site for more details: http://www.coresecurity.com/content/open-source-projects#Impacket Best. --- Christian Eric Edjenguele IT Security Software Developer & Researcher / Business Developer / Enterprise Software Architect mobile (IT): +39 3408580513 ----- Messaggio originale ----- > Da: "[email protected]" <[email protected]> > A: [email protected] > Inviato: Venerdì 22 maggio 2009, 12:00:02 > Oggetto: Openvas-discuss Digest, Vol 28, Issue 20 > > Send Openvas-discuss mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Openvas-discuss digest..." > > > Today's Topics: > > 1. Re: Updated CR #25 - WMI Implementation (Jan-Oliver Wagner) > 2. Voting: CR #27 - IPv6 support (Chandrashekhar B) > 3. Re: Voting: CR #27 - IPv6 support (Michael Wiegand) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 22 May 2009 09:21:18 +0200 > From: "Jan-Oliver Wagner" > Subject: Re: [Openvas-discuss] Updated CR #25 - WMI Implementation > To: [email protected] > Message-ID: <[email protected]> > Content-Type: Text/Plain; charset="iso-8859-1" > > On Mittwoch, 20. Mai 2009, Chandrashekhar B wrote: > > I have updated CR #25 - OpenVAS-libnasl: Introducing support for WMI > > http://www.openvas.org/openvas-cr-25.html > > > > Please review and let me know if you have any questions, feedback. I would > > like to put this for voting if there are no comments or concerns. > > In principle, this is a very good approach. > Unfortuntely the wmi stuff has been removed from Debian: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523638, > > The licensing stuff could cause some trouble to OpenVAS. > Relying on wmi-client should only be done if its genereally available. > > Think we should investigate this aspect further. > > Best > > Jan > > -- > Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > > > ------------------------------ > > Message: 2 > Date: Fri, 22 May 2009 13:48:28 +0530 > From: "Chandrashekhar B" > Subject: [Openvas-discuss] Voting: CR #27 - IPv6 support > To: > Message-ID: > Content-Type: text/plain; charset="us-ascii" > > > Hello, > > The CR #27 is finalized and we would like to now take this for > implementation. Please vote +1 if we could go for the changes suggested in > the CR. > > Thanks, > Chandra. > > > > > ------------------------------ > > Message: 3 > Date: Fri, 22 May 2009 10:19:39 +0200 > From: Michael Wiegand > Subject: Re: [Openvas-discuss] Voting: CR #27 - IPv6 support > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-15" > > * Chandrashekhar B [22. May 2009]: > > > > Hello, > > > > The CR #27 is finalized and we would like to now take this for > > implementation. Please vote +1 if we could go for the changes suggested in > > the CR. > > +1. > > Regards, > > Michael > > -- > Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de > Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: application/pgp-signature > Size: 198 bytes > Desc: not available > Url : > http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090 522/f790603e/attachment-0001.pgp > > ------------------------------ > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > > End of Openvas-discuss Digest, Vol 28, Issue 20 > *********************************************** _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
