Re: [Openvas-discuss] Scanning a hostname with more then three dots
I had a new issue with the host verification. I can't scan a domain name
that contains a numeric bloc like www.123.com.
On Wed, Jul 18, 2012 at 10:58 AM, rm4dillo D rm4di...@gmail.com wrote:
Glad to know that it helped you.
I don't think that you need to modify the nikto nasl script to use
host's name instead of ip address.
On Mon, Jul 16, 2012 at 9:28 PM, Juan José Pavlik Salles
jjpav...@gmail.com wrote:
rm4dillo, you have no idea how much work you saved me with this patch!!!
Now
i can scan vhosts by creating one target per vhost i have. Thanks
Now i
need that the nikto nasl uses that hostname instead of the ip addr.
2012/6/21 rm4dillo D rm4di...@gmail.com
Well, after fixing this bug, I encountered a second issue ; the
scanner overwrites my target's hostname by performing a reverse lookup
on it's IP address ( www.target.com == lookup == 123.123.123.123
== reverse lookup == virtual.hosting.com).
I was able to fix this by applying the following patch :
--- hosts_gatherer.c(revision 13635)
+++ hosts_gatherer.c(working copy)
@@ -192,7 +192,7 @@
}
else
{
-if (host-hostname (!hg_valid_ip_addr (host-hostname)))
+if (host-hostname)
{
strncpy (hostname, host-hostname, sz - 1);
}
as I don't thing that hostname has to be a valid IP address.
The only comment I could found about this code was the following
commit message First set of changes to openvas-libraries towards IPv6
support.
Rm4dillo
On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D rm4di...@gmail.com
wrote:
Great ! Thank you !
On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
I've been trying to create a target using the following hostname
a.b.c.example.com (4 dots) but it didn't work while
b.c.example.com (3 dots) works. This seems to be due to the
following check which is mistakenly applied even if the host is
alphanumeric. I think it should be moved somewhere deeper in
validate_host.
openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
21448 : if (g_strv_length (split) 4)
21449 : return 1;
Thanks. That was solved in trunk r13492 on 2012-05-24. I've now
backported to the openvas-manager-3.0 branch (r13621) so it should
appear
in the next stable release.
--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B
202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning a hostname with more then three dots
Glad to know that it helped you.
I don't think that you need to modify the nikto nasl script to use
host's name instead of ip address.
On Mon, Jul 16, 2012 at 9:28 PM, Juan José Pavlik Salles
jjpav...@gmail.com wrote:
rm4dillo, you have no idea how much work you saved me with this patch!!! Now
i can scan vhosts by creating one target per vhost i have. Thanks Now i
need that the nikto nasl uses that hostname instead of the ip addr.
2012/6/21 rm4dillo D rm4di...@gmail.com
Well, after fixing this bug, I encountered a second issue ; the
scanner overwrites my target's hostname by performing a reverse lookup
on it's IP address ( www.target.com == lookup == 123.123.123.123
== reverse lookup == virtual.hosting.com).
I was able to fix this by applying the following patch :
--- hosts_gatherer.c(revision 13635)
+++ hosts_gatherer.c(working copy)
@@ -192,7 +192,7 @@
}
else
{
-if (host-hostname (!hg_valid_ip_addr (host-hostname)))
+if (host-hostname)
{
strncpy (hostname, host-hostname, sz - 1);
}
as I don't thing that hostname has to be a valid IP address.
The only comment I could found about this code was the following
commit message First set of changes to openvas-libraries towards IPv6
support.
Rm4dillo
On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D rm4di...@gmail.com wrote:
Great ! Thank you !
On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
I've been trying to create a target using the following hostname
a.b.c.example.com (4 dots) but it didn't work while
b.c.example.com (3 dots) works. This seems to be due to the
following check which is mistakenly applied even if the host is
alphanumeric. I think it should be moved somewhere deeper in
validate_host.
openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
21448 : if (g_strv_length (split) 4)
21449 : return 1;
Thanks. That was solved in trunk r13492 on 2012-05-24. I've now
backported to the openvas-manager-3.0 branch (r13621) so it should
appear
in the next stable release.
--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning a hostname with more then three dots
rm4dillo, you have no idea how much work you saved me with this patch!!!
Now i can scan vhosts by creating one target per vhost i have. Thanks
Now i need that the nikto nasl uses that hostname instead of the ip addr.
2012/6/21 rm4dillo D rm4di...@gmail.com
Well, after fixing this bug, I encountered a second issue ; the
scanner overwrites my target's hostname by performing a reverse lookup
on it's IP address ( www.target.com == lookup == 123.123.123.123
== reverse lookup == virtual.hosting.com).
I was able to fix this by applying the following patch :
--- hosts_gatherer.c(revision 13635)
+++ hosts_gatherer.c(working copy)
@@ -192,7 +192,7 @@
}
else
{
-if (host-hostname (!hg_valid_ip_addr (host-hostname)))
+if (host-hostname)
{
strncpy (hostname, host-hostname, sz - 1);
}
as I don't thing that hostname has to be a valid IP address.
The only comment I could found about this code was the following
commit message First set of changes to openvas-libraries towards IPv6
support.
Rm4dillo
On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D rm4di...@gmail.com wrote:
Great ! Thank you !
On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
I've been trying to create a target using the following hostname
a.b.c.example.com (4 dots) but it didn't work while
b.c.example.com (3 dots) works. This seems to be due to the
following check which is mistakenly applied even if the host is
alphanumeric. I think it should be moved somewhere deeper in
validate_host.
openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
21448 : if (g_strv_length (split) 4)
21449 : return 1;
Thanks. That was solved in trunk r13492 on 2012-05-24. I've now
backported to the openvas-manager-3.0 branch (r13621) so it should
appear
in the next stable release.
--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning a hostname with more then three dots
Great ! Thank you ! On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell matthew.mund...@greenbone.net wrote: I've been trying to create a target using the following hostname a.b.c.example.com (4 dots) but it didn't work while b.c.example.com (3 dots) works. This seems to be due to the following check which is mistakenly applied even if the host is alphanumeric. I think it should be moved somewhere deeper in validate_host. openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host): 21448 : if (g_strv_length (split) 4) 21449 : return 1; Thanks. That was solved in trunk r13492 on 2012-05-24. I've now backported to the openvas-manager-3.0 branch (r13621) so it should appear in the next stable release. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning a hostname with more then three dots
Well, after fixing this bug, I encountered a second issue ; the
scanner overwrites my target's hostname by performing a reverse lookup
on it's IP address ( www.target.com == lookup == 123.123.123.123
== reverse lookup == virtual.hosting.com).
I was able to fix this by applying the following patch :
--- hosts_gatherer.c(revision 13635)
+++ hosts_gatherer.c(working copy)
@@ -192,7 +192,7 @@
}
else
{
-if (host-hostname (!hg_valid_ip_addr (host-hostname)))
+if (host-hostname)
{
strncpy (hostname, host-hostname, sz - 1);
}
as I don't thing that hostname has to be a valid IP address.
The only comment I could found about this code was the following
commit message First set of changes to openvas-libraries towards IPv6
support.
Rm4dillo
On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D rm4di...@gmail.com wrote:
Great ! Thank you !
On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
I've been trying to create a target using the following hostname
a.b.c.example.com (4 dots) but it didn't work while
b.c.example.com (3 dots) works. This seems to be due to the
following check which is mistakenly applied even if the host is
alphanumeric. I think it should be moved somewhere deeper in
validate_host.
openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
21448 : if (g_strv_length (split) 4)
21449 : return 1;
Thanks. That was solved in trunk r13492 on 2012-05-24. I've now
backported to the openvas-manager-3.0 branch (r13621) so it should appear
in the next stable release.
--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Scanning a hostname with more then three dots
Hi, I've been trying to create a target using the following hostname a.b.c.example.com (4 dots) but it didn't work while b.c.example.com (3 dots) works. This seems to be due to the following check which is mistakenly applied even if the host is alphanumeric. I think it should be moved somewhere deeper in validate_host. openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host): 21448 : if (g_strv_length (split) 4) 21449 : return 1; Rm4dillo ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning a hostname with more then three dots
I've been trying to create a target using the following hostname a.b.c.example.com (4 dots) but it didn't work while b.c.example.com (3 dots) works. This seems to be due to the following check which is mistakenly applied even if the host is alphanumeric. I think it should be moved somewhere deeper in validate_host. openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host): 21448 : if (g_strv_length (split) 4) 21449 : return 1; Thanks. That was solved in trunk r13492 on 2012-05-24. I've now backported to the openvas-manager-3.0 branch (r13621) so it should appear in the next stable release. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
