Hello We've been working on an assets information database recently (also referred to as "host details"). One of our aims is to store CPEs within this DB. Currently CPEs were translated by cpe.inc, using a huge (and growing) list of cpes, we are trying to get rid of that system and distribute registration of CPEs by letting detection scripts registering them on their own. Instead of registering a freeform KB entry, and adding a translator in cpe.inc, script writers should now keep on registering freeform KB entries (as it's used by mandatory_keys() for instance) but additionally register the corresponding CPEs as host details.
Here are the steps to follow to register a CPE as host detail.
1) Build a CPE
two cases are possible:
* Craft a new CPE by "hand"
Trivial situation, just use whatever string you want, might be useful
for situations where you know exactly what to register.
* Transform existing information
In case you have a version number encoded in a string (like a banner),
instead of adding a regexp and a base CPE to cpe.inc, you can pass
them directly to build_cpe(). This is new function, exported by
cpe.inc, that returns the cpe just as cpe.inc used to build it. The
only difference is that the first argument is not a KB key to retrieve
values from but directly the value to use.
2) Registering the CPE as a host detail.
CPEs then need to be registered as a host details into the "Assets
Information Database" (host_details.inc). One simply needs to call
register_host_detail() to do so.
This functions takes four arguments:
- name: the host detail section. Use "OS" for an operating system
("o" or "h" CPEs), "App" for an application ("a" CPEs).
- value: the information to store
- nvt: the oid of the script that registers the information
- desc: description of the script that registers the information
eg; register_host_details(name:"App",
value:"cpe:/a:libreoffice:libreoffice:11.2",
nvt:"1.3.6.1.4.1.25623.1.0.902701", desc:"Finds version of installed
LibreOffice instance");
Please find attached a modified version of
secpod_libre_office_detect_lin.nasl as an example.
Please let me know if something is unclear or if you have any question.
Regards.
--
Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
secpod_libre_office_detect_lin.nasl
Description: Binary data
_______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
