I had a new issue with the host verification. I can't scan a domain name that contains a numeric bloc like www.123.com.
On Wed, Jul 18, 2012 at 10:58 AM, rm4dillo D <[email protected]> wrote: > Glad to know that it helped you. > I don't think that you need to modify the nikto nasl script to use > host's name instead of ip address. > > > On Mon, Jul 16, 2012 at 9:28 PM, Juan José Pavlik Salles > <[email protected]> wrote: > > rm4dillo, you have no idea how much work you saved me with this patch!!! > Now > > i can scan vhosts by creating one target per vhost i have. Thanks!!!! > Now i > > need that the nikto nasl uses that hostname instead of the ip addr. > > > > 2012/6/21 rm4dillo D <[email protected]> > >> > >> Well, after fixing this bug, I encountered a second issue ; the > >> scanner overwrites my target's hostname by performing a reverse lookup > >> on it's IP address ( "www.target.com" == lookup ==> "123.123.123.123" > >> == reverse lookup ==> "virtual.hosting.com"). > >> > >> I was able to fix this by applying the following patch : > >> > >> --- hosts_gatherer.c (revision 13635) > >> +++ hosts_gatherer.c (working copy) > >> @@ -192,7 +192,7 @@ > >> } > >> else > >> { > >> - if (host->hostname && (!hg_valid_ip_addr (host->hostname))) > >> + if (host->hostname) > >> { > >> strncpy (hostname, host->hostname, sz - 1); > >> } > >> > >> as I don't thing that "hostname" has to be a valid IP address. > >> > >> The only comment I could found about this code was the following > >> commit message "First set of changes to openvas-libraries towards IPv6 > >> support." > >> > >> Rm4dillo > >> > >> On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D <[email protected]> > wrote: > >> > Great ! Thank you ! > >> > > >> > On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell > >> > <[email protected]> wrote: > >> >>> I've been trying to create a target using the following hostname > >> >>> "a.b.c.example.com" (4 dots) but it didn't work while > >> >>> "b.c.example.com" (3 dots) works. This seems to be due to the > >> >>> following check which is mistakenly applied even if the host is > >> >>> alphanumeric. I think it should be moved somewhere deeper in > >> >>> "validate_host". > >> >>> > >> >>> openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host): > >> >>> > >> >>> 21448 : if (g_strv_length (split) > 4) > >> >>> 21449 : return 1; > >> >> > >> >> Thanks. That was solved in trunk r13492 on 2012-05-24. I've now > >> >> backported to the openvas-manager-3.0 branch (r13621) so it should > >> >> appear > >> >> in the next stable release. > >> >> > >> >> -- > >> >> Greenbone Networks GmbH > >> >> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B > 202460 > >> >> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner > >> _______________________________________________ > >> Openvas-discuss mailing list > >> [email protected] > >> > http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > > > > > > > -- > > Pavlik Juan José >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
