Hi, I noticed that scanning a windows 7 host (with credentials and registry access) is "broken" by default. This is because: 1) W7 do not start the remote registry access service by default 2) UAC prevent the local administrator to gain full registry access needed by plugins (SMB/registry_full_access).
For point 1) the remote registry service needs to be started, and it's fine. Do you see an other way to do this ? For point 2) I have checked those solutions that make openvas able to connect: - disable UAC - explicitely grant access to the local admin user to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg (the Administrators group permission is *not* sufficient) Problem of all those things, is that it explicitely weaken the host security. Do you see any other mean ? Do you think it may be feasible to adapt to openvas something like this : http://www.secmaniac.com/blog/2011/01/01/bypass-windows-uac/ to get full registry access ? Any thoughts ? Thanks !! -- Guillaume Castagnino _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
