Hello Tom,
Command line debugging is good if the NVT is not relying on KB items. In this case, ssh_login_or_reuse_connection() function relies on KB items. KB (Knowledge Base) management is done by openvas-scanner. It is better to debug running the scanner and adding debug messages or security_note to whatever line you suspect to be having problem. In this NVT, you may not be able to reproduce the issue when you run only this NVT, the problem was when you run with multiple other NVT's, the variable 'arg' is so commonly used that it gets overwritten. That's why Antu initialized and used. The concept of local and global variables is not so well defined in NASL, rather implemented in NASL. Thanks, Chandra. From: [email protected] [mailto:[email protected]] On Behalf Of Tom H Sent: Monday, February 06, 2012 10:20 PM To: Antu Sanadi Cc: [email protected] Subject: Re: [Openvas-plugins] How to determine why openvas-plugin test has true results (Arora - oid=1.3.6.1.4.1.25623.1.0.902764) On 06/02/12 14:15, Antu Sanadi wrote: Hi Tom, Fixed the issue. Committed the updated plugin. False positive was because of uninitialized usage of the 'arg ' variable. Please let me know if you found any issues. Oh brilliant thanks! I don't suppose you are aware of any useful tutorials or documents that explain how to debug that plugin with tracing of values over the ssh connection? If I try to run it from the openvas-nasl prompt it exits as expected at the check for the ssh connection; # /usr/bin/openvas-nasl -X /opt/openvas-plugins/scripts/secpod_arora_cn_ssl_cert_spoofing_vuln_lin.nasl _lin.nasl) NASL> Return ssh_login_or_reuse_connection: 0 [14535]() NASL> [0x20ac1a0] <- 0 NASL:0087> if (! (sock)) { ... } [14535](/home/tomhodder/projects/trunk/openvas-plugins/scripts/secpod_arora_ cn_ssl_cert_spoofing_vuln_lin.nasl) NASL> [0x20ac1a0] -> 0 NASL:0083> exit(...)
_______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
