The best way to introduce such changes is through a CR, although I like the changes.
Chandra. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Henri Doreau Sent: 08 August 2011 20:01 To: [email protected] Subject: [Openvas-plugins] Registering CPEs as host details Hello We've been working on an assets information database recently (also referred to as "host details"). One of our aims is to store CPEs within this DB. Currently CPEs were translated by cpe.inc, using a huge (and growing) list of cpes, we are trying to get rid of that system and distribute registration of CPEs by letting detection scripts registering them on their own. Instead of registering a freeform KB entry, and adding a translator in cpe.inc, script writers should now keep on registering freeform KB entries (as it's used by mandatory_keys() for instance) but additionally register the corresponding CPEs as host details. Here are the steps to follow to register a CPE as host detail. 1) Build a CPE two cases are possible: * Craft a new CPE by "hand" Trivial situation, just use whatever string you want, might be useful for situations where you know exactly what to register. * Transform existing information In case you have a version number encoded in a string (like a banner), instead of adding a regexp and a base CPE to cpe.inc, you can pass them directly to build_cpe(). This is new function, exported by cpe.inc, that returns the cpe just as cpe.inc used to build it. The only difference is that the first argument is not a KB key to retrieve values from but directly the value to use. 2) Registering the CPE as a host detail. CPEs then need to be registered as a host details into the "Assets Information Database" (host_details.inc). One simply needs to call register_host_detail() to do so. This functions takes four arguments: - name: the host detail section. Use "OS" for an operating system ("o" or "h" CPEs), "App" for an application ("a" CPEs). - value: the information to store - nvt: the oid of the script that registers the information - desc: description of the script that registers the information eg; register_host_details(name:"App", value:"cpe:/a:libreoffice:libreoffice:11.2", nvt:"1.3.6.1.4.1.25623.1.0.902701", desc:"Finds version of installed LibreOffice instance"); Please find attached a modified version of secpod_libre_office_detect_lin.nasl as an example. Please let me know if something is unclear or if you have any question. Regards. -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
