On 01/28/2011 02:58 AM, Felix Wolfsteller wrote: > Without further information it is difficult to tell. > > Quick ideas: > > - In /etc/openvas/openvassd.conf > "nasl_no_signature_check = no" ? > - OID already given to another script? > > --felix > > On Thursday 27 January 2011 20:56:35 NopSec wrote: >> I am testing a newly created plugin with openvas-nasl and it runs fine >> spawning the related process. >> >> But when I go load it on the server and configure in the Client, the >> related process does not run and neither results are reported. >> >> Do you have any idea why? >> >> Thanks >> >> Michelangelo Felix,
thanks for the reply. I check both the nasl_no_signature_check which is set to "yes" and if the new NVT script has an already assigned OID, which it does not. I think it is easier to include the NVT script here for your review. It is OpenVAS plugin wrapper for the arachni web application vulnerability scanner (https://github.com/Zapotek/arachni) The script is validated and runs perfectly with openvas-nasl -X -t but it does not run when I load it in the Openvas server plugin directory. The script loads fine and when I connect with the client, I see it, I can select it and I also see the options but when I launch the scan with port 80 only it does not run. Let me know if you have any idea or by looking at the source you can spot some trivial mistake. Thanks. Michelangelo
############################################################################## # OpenVAS Vulnerability Test # # Assess web security with arachni # # Authors: # Michelangelo Sidagni <[email protected]> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 # (or any later version), as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ############################################################################### if ( ! defined_func("pread")) exit(0); if(description) { script_id(50001); script_version ("1.0"); script_tag(name:"risk_factor", value:"None"); name = "arachni (NASL wrapper)"; script_name(name); desc = " This plugin uses arachni ruby command line to find web security issues. See the preferences section for arachni options. Note that OpenVAS is using limited set of arachni options. Therefore, for more complete web assessment, you should use standalone arachni tool for deeper/customized checks. Risk factor : None"; script_description(desc); summary = "Assess web security with arachni"; script_summary(summary); script_category(ACT_GATHER_INFO); script_copyright("This script is Copyright (C) 2011 Michelangelo Sidagni"); family = "Web application abuses"; script_family(family); script_add_preference(name: "Modules", type:"radio",value:"All;Audit;Recon"); script_add_preference(name: "Concurrent Request Limit", type: "entry", value: "60"); script_add_preference(name: "User Agent", type: "entry", value: "arachni"); script_add_preference(name: "Authorized by", type: "entry", value: "arachni"); script_add_preference(name: "Exclude URLs", type: "entry", value: ""); script_add_preference(name: "Include URLs", type: "entry", value: ""); script_add_preference(name: "Follow Subdomains", type:"checkbox", value: "no"); script_add_preference(name: "Obey robot.txt", type:"checkbox", value: "no"); script_add_preference(name: "Audit Headers", type:"checkbox", value: "no"); script_add_preference(name: "Autologin Login URL", type: "entry", value: "http://url/loginpage";); script_add_preference(name: "Autologin Login Parameters", type: "entry", value: "parameter-username=user¶meter-password=pass"); script_add_preference(name: "Seed URL", type: "entry", value: ""); script_dependencies("find_service.nes","httpver.nasl","http_login.nasl","no404.nasl"); script_require_ports("Services/www", 80); script_timeout(0); exit(0); } # Install Notes # Before running this wrapper with Openvas make sure that: # 1. You installed ruby version 1.9.2 and all arachni dependencies (for the gem install they are already included) # 2. If you installed arachni 0.2.2 via the gem availble on the web site, the arachni file is already on your path. Just make sure it is executable. # 3. If you installed arachni 0.2.2 from github experimental branch, make sure that ./bin/arachni is executable and it is on your PATH. # 4. You entered arachni path in your environmental variables: export PATH=$PATH:/path/to/your/arachni/install/bin/ if (! defined_func("pread")) { set_kb_item(name: "/tmp/UnableToRun/40001", value: TRUE); display("Script #40001 (arachni_wrapper) cannot run\n"); exit(0); } arachni = ""; if ( find_in_path("arachni.rb") ) { arachni = "arachni.rb"; } else if ( find_in_path("arachni") ) { arachni = "arachni"; } else { text = 'Arachni could not be found in your system path.\n'; text += 'OpenVAS was unable to execute Arachni and to perform the scan you requested.\nPlease make sure that Arachni is installed and that arachni is available in the PATH variable defined for your environment.'; security_note(port: port, data: text); exit(0); } #user = get_kb_item("http/login"); #pass = get_kb_item("http/login"); i = 0; argv[i++] = arachni; argv[i++] = "--report=txt:outfile=report.txt"; p = script_get_preference("Modules"); if (p == "All") argv[i++] = "--mods=*"; else if (p == "Audit") argv[i++] = "--mods=audit*"; else if (p == "Recon") argv[i++] = "--mods=recon*"; p = script_get_preference("Concurrent Request Limit"); if (p =~ '^[0-9]+$') { argv[i++] = "--http-req-limit="; argv[i++] = p; } p = script_get_preference("User Agent"); if (p =~ '^[0-9a-zA-Z]+$') { argv[i++] = "--user-agent="; argv[i++] = p; } p = script_get_preference("Authorized by"); if (p =~ '^[0-9a-zA-Z]+$') { argv[i++] = "--authed-by="; argv[i++] = p; } p = script_get_preference("Exclude URLs"); if (p =~ '^[0-9a-zA-Z]+$') { argv[i++] = "--exclude="; argv[i++] = p; } p = script_get_preference("Include URLs"); if (p =~ '^[0-9a-zA-Z]+$') { argv[i++] = "--include="; argv[i++] = p; } p = script_get_preference("Follow Subdomains"); if ("yes" >< p) argv[i++] = "--follow-subdomains"; p = script_get_preference("Obey robot.txt"); if ("yes" >< p) argv[i++] = "--obey-robots-txt"; p = script_get_preference("Audit Headers"); if ("yes" >< p) argv[i++] = "--audit-headers"; p = script_get_preference("Autologin - Login URL"); r = script_get_preference("Autologin - Login Parameters"); if ((p =~ '^[0-9a-zA-Z]+$') || (r =~ '^[0-9a-zA-Z]+$')) { argv[i++] = "--plugin=autologin:url="; argv[i++] = p; argv[i++] =","; argv[i++] = "params="; argv[i++] = r; } port = get_kb_item("Services/www"); if (! port) port = 80; if (! get_port_state(port)) exit(0); encaps = get_port_transport(port); if (encaps > 1) httprefix="https://";; else httprefix="http://";; httpver = get_kb_item("http/"+port); if (httpver == "11") { httparg=get_host_name(); } else { httparg=get_host_ip(); } httpurl=httprefix+httparg+":"+port; seed = script_get_preference ("Seed URL"); if (seed) { if (ereg(pattern: "^/", string: seed)) { httpurl = httpurl + seed; } else { httpurl = httpurl + "/" + seed; } } argv[i++] = httpurl; r = pread(cmd: arachni, argv: argv, cd: 1); if (! r) exit(0); # error function on_exit() { if (file_stat (repfilename)) unlink(repfilename); } repfilename = "report.txt"; if (file_stat(repfilename)) { rfile=fread(repfilename); report = 'Here is the arachni report:\n'; report += rfile; # rhttp=fread(httpfilename); if ('[~] Severity: High' >< report) { security_hole(port: port, data: report); if ('[~] Severity: Medium' >< report) { security_warning(port: port, data: report); } else { security_note(port: port, data: report); } } else { text = 'arachni report filename is empty. that could mean that\n'; text += 'wrong version of arachni is used or tmp dir is not accessible.\n'; text += 'In short: check installation of w3af and OpenVAS'; log_message(port: port, data: text); } }
_______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
