Hi, On 06/24/2016 01:16 PM, Corti Matteo (ID BD) wrote: > I would like to scan for default Tomcat users and passwords on machines > running Tomcat on non-standard ports. > > When I look at the plugin "Apache Tomcat Default Accounts” > (http://plugins.openvas.org/nasl.php?oid=11204) I see > > port = get_http_port(default:8080); > > if ( ! port ) exit(0); > > it seems that if not port is supplied then 8080 will be used. What I do > not know is how OpenVAS will call the plugin.
get_http_port behaves different. If you're scanning a portrange like: 80-9000 and four webserver on the ports 80, 443, 8080, 9000 are reported as open from nmap to OpenVAS the get_http_port function (or better the get_kb_item within it) will fork and return all four ports to the plugin. Another example is the scan of a portrange like 20-25 where no webservers were found. Then the function behaves: - If unscanned_closed is set to "yes" in your scanconfig then get_http_port(default:8080); will exit as 8080 wasn't scanned. - If unscanned_closed is set to "no" in your scanconfig then get_http_port(default:8080); will return port 8080 to the plugin. So in your case you just need to make sure that the non-standard ports are included in the nmap/portscan portrange. _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
