HI, I installed the wmi support for openvas. I followed the link : http://code.ohloh.net/file?fid=FUi4Z0R3xgX0oCjcpy4vdQq7eec&cid=MQKpc2gZPvw&fp=371826&mp&projSelected=true#L0
Enable wmi request on target http://knowledgebase.solarwinds.com/kb/questions/4287/How+to+enable+WMI+connections+to+Windows+XP+clients+installed+in+a+Workgroup Disable restrict guest access http://www.pctools.com/guides/registry/detail/351/ Tried the wmic registry access [root@localhost openvas]# wmic -U jaggu //192.168.111.223 "select * from Win32_ComputerSystem" Password for [WORKGROUP\jaggu]: CLASS: Win32_ComputerSystem AdminPasswordStatus| AutomaticResetBootOption|AutomaticResetCapability|BootOptionOnLimit|BootOptionOnWatchDog|BootROMSupported|BootupState|Caption|ChassisBootupState|CreationClassName|CurrentTimeZone|DaylightInEffect|Description|Domain|DomainRole|EnableDaylightSavingsTime|FrontPanelResetStatus|InfraredSupported|InitialLoadInfo|InstallDate|KeyboardPasswordStatus|LastLoadInfo|Manufacturer|Model|Name|NameFormat|NetworkServerModeEnabled|NumberOfProcessors|OEMLogoBitmap|OEMStringArray|PartOfDomain|PauseAfterReset|PowerManagementCapabilities|PowerManagementSupported|PowerOnPasswordStatus|PowerState|PowerSupplyState|PrimaryOwnerContact|PrimaryOwnerName|ResetCapability|ResetCount|ResetLimit|Roles|Status|SupportContactDescription|SystemStartupDelay|SystemStartupOptions|SystemStartupSetting|SystemType|ThermalState|TotalPhysicalMemory|UserName|WakeUpType|Workgroup 3|True|True|0|0|True|Normal boot|KA-25JXDOMBWQZX|3|Win32_ComputerSystem|-480|False|AT/AT COMPATIBLE|WORKGROUP|0|True|3|False|NULL|(null)|3|(null)|Red Hat|KVM|KA-25JXDOMBWQZX|(null)|True|2|NULL|NULL|False|-1|NULL|False|3|0|3|(null)|FL|1|-1|-1|(LM_Workstation,LM_Server,NT,Potential_Browser)|OK|NULL|30|("Microsoft Windows XP Professional" /fastdetect)|0|X86-based PC|3|628654080|KA-25JXDOMBWQZX\jaggu|6|(null) Now the nasl script for wmi registry test first the nasl script was (attached file 1) In which it is given MaxSize = wmi_reg_get_dword_val(wmi_ handle:handle,key:"Software\Policies\Microsoft\Windows\EventLog\Application", key_name:"MaxSize"); But that there was no such directory, so then I changed to as follows MaxSize = wmi_reg_get_dword_val(wmi_ handle:handle,key:"*SYSTEM/CurrentControlSet\Services\EventLog\Application*", key_name:"MaxSize"); Now the afer running the script, the following outpu is shown [root@localhost openvas]# openvas-nasl -t 192.168.111.223 -X wmi_reg_test.nasl User Name : jaggu Passwd : jaggu Host : 192.168.111.223 0.0.1 Connected to host with handle 28616896 nasl_wmi_reg_get_dword_val: WMI query failed Query Result : *1.I stuck, at this situation. The wmic command can retrieve the registry information, but my script is not retriving.* Found this script, http://komma-nix.de/nasl.php?oid=96050, named it 'wmi_reg_test_1.nasl', and placed it in the plugins directory. *2.HOW TO ADD A NEW NASL SCRIPT???????* Thanks in advance B Jagannath Keen & Able computers Pvt. Ltd.
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
