Hi Drazen, great to hear from you on the mailinglist, too. I am very fine with your proposal. I would have comments for you and the responses to your post, but dont want to spawn other discussions right now.
You were praising the NSE libraries. I think it would not be too overwhelmingly difficult to access these. Depends a bit on how we plan to support nse. The current idea is to launch nmap, but afaik integrating a lua interpreter wouldnt be that difficult either. One way or another, i like the basic idea very much, but would wait a bit with thinking about the details until we (including you, Drazen) are sure to be accepted for gsoc. Except you want to help out in every case ... -- felix On Friday 26 February 2010 20:18:27 Dražen Popović wrote: > Hello everyone. :) > > I have an idea for GSoC, so I would like to hear your thoughts about it. > I've spent a lot of hours programming remote checks in NASL, and I must > admit that it was somewhat a painfull experience. I think that remote > checks are very important in pentesting, as such NASL should provide a > strong framework for their development. By a "strong framework" I mean, > various network protocols support including packet building/dissecting > ".inc"s. For example, my goal is to port all of Metasploits DCERPC/SMB > based exploits to OpenVAS in a form of intrusive checks, also utilize > the use of MSRPC in all kinds of enumeration (service, users, > shares...). So far my every step in implementing MSRPC was severly > slowed down due to inadequate/incomplete NASL implementation of > underlying network protocols such as SMB and NetBT. Why MS-RPC (a > Microsofts port of DCE-RPC)? Because it seems to be a vulnerability > "surfboard". Just count the Metasploit SMB/DCERPC exploit modules, or > even CANVASs. To sum it all up, my idea is to implement the MSRPC > protocol in NASL, including packet crafting .inc, data types handling > (Network Data Representation marshalling and unmarashalling), statefull > operations (bind, request, fault) and ofcourse calls to Windows remote > procedures extracted from SAMBA 4.0 .idls. The main design guidelines > would be Pythons Impacket DCERPC implementation and a beautiful NMAPs > NSE MSRPC implementation. > > Regards, > D. -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
