Re: [Openvas-discuss] Scanning Hostnames/URLs

[Juan José Pavlik Salles]

* (OpenVAS 6 I think it was)

2016-08-07 20:34 GMT+01:00 Juan José Pavlik Salles <jjpav...@gmail.com>:

> Asked the same question a few years ago (OpenVAS I think it was), and
> there was no easy way. I ended up changing some code in order to get a
> workaround, but wasn't good enough. This link was in the thread
> http://lists.wald.intevation.org/pipermail/openvas-devel/
> 2010-June/002268.html
>
> 2016-08-07 20:19 GMT+01:00 Reindl Harald <h.rei...@thelounge.net>:
>
>>
>>
>> Am 07.08.2016 um 21:16 schrieb Eero Volotinen:
>>
>>> You cannot do this.
>>>
>>
>> and after years i still don't understand that stupidity reslove hostnames
>> to IPs at that level instead just send the correct host header to the
>> webserver
>>
>> all the possible config hacks don't scale if you host a ton of domains
>> and want just have a web application security scan with nothing else on them
>>
>> 7.8.2016 9.38 ip. "TN TN" <mpm7...@gmail.com <mailto:mpm7...@gmail.com>>
>>> kirjoitti:
>>>
>>> Hi all,
>>>
>>> When I attempt to scan by hostname (myhostname.com
>>> <http://myhostname.com>), the scanner always scans by IP address? I
>>> can see the task by going on the scanner and doing a ps -ef | grep
>>> openvas and it shows me it's scanning the IP address. Does anyone
>>> know how I can get the scanner to scan the hostname instead of the
>>> IP? Thanks - T
>>>
>>
>>
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o
>> penvas-discuss
>>
>
>
>
> --
> Pavlik Salles Juan José
> Blog - http://viviendolared.blogspot.com
>



-- 
Pavlik Salles Juan José
Blog - http://viviendolared.blogspot.com
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanning Hostnames/URLs

[Juan José Pavlik Salles]

Asked the same question a few years ago (OpenVAS I think it was), and there
was no easy way. I ended up changing some code in order to get a
workaround, but wasn't good enough. This link was in the thread
http://lists.wald.intevation.org/pipermail/openvas-devel/2010-June/002268.html

2016-08-07 20:19 GMT+01:00 Reindl Harald :

>
>
> Am 07.08.2016 um 21:16 schrieb Eero Volotinen:
>
>> You cannot do this.
>>
>
> and after years i still don't understand that stupidity reslove hostnames
> to IPs at that level instead just send the correct host header to the
> webserver
>
> all the possible config hacks don't scale if you host a ton of domains and
> want just have a web application security scan with nothing else on them
>
> 7.8.2016 9.38 ip. "TN TN" >
>> kirjoitti:
>>
>> Hi all,
>>
>> When I attempt to scan by hostname (myhostname.com
>> ), the scanner always scans by IP address? I
>> can see the task by going on the scanner and doing a ps -ef | grep
>> openvas and it shows me it's scanning the IP address. Does anyone
>> know how I can get the scanner to scan the hostname instead of the
>> IP? Thanks - T
>>
>
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>



-- 
Pavlik Salles Juan José
Blog - http://viviendolared.blogspot.com
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] one silly set_kb_item question

[Juan José Pavlik Salles]

Hi, is it possible to add any item i want to the kb??? I mean something
like: set_kb_item(name: ocs/login/uname, value:uname);

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] My own NASL

[Juan José Pavlik Salles]

Hi Chandra, thanks for answering, i will try the pread function. Is there
any documentation to read about it?

About the LSC, my boss doesn't like the idea of having all the users 
passwords of the servers we should scan in one server. He said a minor leak
in this server would cause a mayor one in the hole network, and he doesn't
want to take that risk. So.. i have to look for a safer way.

2012/8/20 Chandrashekhar B bchan...@secpod.com

 Juan,

 ** **

 You can run a Perl script from the machine which is running OpenVAS using
 NASL’s pread() function. We are using this method to execute external
 scanners like snmpwalk. 

 ** **

 Any particular reason why you were told strongly not use LSC?

 ** **

 Chandra.

 www.scaprepo.com

 ** **

 *From:* Openvas-discuss [mailto:
 openvas-discuss-boun...@wald.intevation.org] *On Behalf Of *Juan José
 Pavlik Salles
 *Sent:* Monday, August 20, 2012 7:26 AM
 *To:* Mailing-List openvas
 *Subject:* [Openvas-discuss] My own NASL

 ** **

 Hi, i want to show all the needed security updates on my servers, but i
 was strongly told not to use Local Security Checks. So i came up with this
 solution:

 -I've ocs inventory installed on my servers, and i wrote a module that
 sends the needed security updates to the ocs inventory server.

 Now i need to write a NASL wich i can use to get that information from the
 ocs database, is it possible??? Can i execute some perl script from the
 NASL and get its output??? Is this a good idea??? Thanks

 --
 Pavlik Juan José
 --

 No virus found in this message.
 Checked by AVG - www.avg.com
 Version: 2012.0.2197 / Virus Database: 2437/5207 - Release Date: 08/18/12*
 ***




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] My own NASL

[Juan José Pavlik Salles]

Thanks Again! I'm reading nikto.nasl right now, i think it will be enough.

2012/8/21 Chandrashekhar B bchan...@secpod.com

 Juan,

 ** **

 If you have the openvas-plugins svn checked out, you can grep for pread in
 that. There isn’t a good documentation yet for NASL.

 ** **

 Chandra.

 www.scaprepo.com

 ** **

 *From:* Juan José Pavlik Salles [mailto:jjpav...@gmail.com]
 *Sent:* Tuesday, August 21, 2012 5:36 PM
 *To:* bchan...@secpod.com
 *Cc:* Mailing-List openvas
 *Subject:* Re: [Openvas-discuss] My own NASL

 ** **

 Hi Chandra, thanks for answering, i will try the pread function. Is there
 any documentation to read about it?

 About the LSC, my boss doesn't like the idea of having all the users 
 passwords of the servers we should scan in one server. He said a minor leak
 in this server would cause a mayor one in the hole network, and he doesn't
 want to take that risk. So.. i have to look for a safer way.   

 2012/8/20 Chandrashekhar B bchan...@secpod.com

 Juan,

  

 You can run a Perl script from the machine which is running OpenVAS using
 NASL’s pread() function. We are using this method to execute external
 scanners like snmpwalk. 

  

 Any particular reason why you were told strongly not use LSC?

  

 Chandra.

 www.scaprepo.com

  

 *From:* Openvas-discuss [mailto:
 openvas-discuss-boun...@wald.intevation.org] *On Behalf Of *Juan José
 Pavlik Salles
 *Sent:* Monday, August 20, 2012 7:26 AM
 *To:* Mailing-List openvas
 *Subject:* [Openvas-discuss] My own NASL

  

 Hi, i want to show all the needed security updates on my servers, but i
 was strongly told not to use Local Security Checks. So i came up with this
 solution:

 -I've ocs inventory installed on my servers, and i wrote a module that
 sends the needed security updates to the ocs inventory server.

 Now i need to write a NASL wich i can use to get that information from the
 ocs database, is it possible??? Can i execute some perl script from the
 NASL and get its output??? Is this a good idea??? Thanks

 --
 Pavlik Juan José
 --

 No virus found in this message.
 Checked by AVG - www.avg.com
 Version: 2012.0.2197 / Virus Database: 2437/5207 - Release Date: 08/18/12*
 ***




 --
 Pavlik Juan José
 --

 No virus found in this message.
 Checked by AVG - www.avg.com
 Version: 2012.0.2197 / Virus Database: 2437/5212 - Release Date: 08/20/12*
 ***




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] My own NASL

[Juan José Pavlik Salles]

Hi, i want to show all the needed security updates on my servers, but i was
strongly told not to use Local Security Checks. So i came up with this
solution:

-I've ocs inventory installed on my servers, and i wrote a module that
sends the needed security updates to the ocs inventory server.

Now i need to write a NASL wich i can use to get that information from the
ocs database, is it possible??? Can i execute some perl script from the
NASL and get its output??? Is this a good idea??? Thanks

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Local security checks privileges

[Juan José Pavlik Salles]

Thanks Thomas, that's what i needed to know. I need to limit as mush as i
can the access for this user, i've done it using DenyUsers in sshd and some
PAM time options. Is it possible to use one private key for each target i
want to scan?

2012/8/16 Thomas Reinke li...@securityspace.com

 Depends on the distribution/OS being checked.

 For Linux distributions, you typically need to be able to run

 uname -a
 rpm, dpkg, or have read access to certain directories.

 I'm probably missing some, but afaik, most of the LSCs can
 run with any login credential, as the above commands are
 not priviledged when used in read-only as is being done
 by the scanner.

 You can check gather-package-list.nasl and view the logic
 yourself there.

 Thomas

 On 16/08/12 08:17 PM, Juan José Pavlik Salles wrote:
  Hi, how much privileges does the local sec check user need to run?
 
 
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
 
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] PHP vulnerabilities

[Juan José Pavlik Salles]

Hi, i'm having some problems with php in my openvas reports. The thing is
that for instance, Ubuntu LTS systems, doesn't change its php version
during its hole life, so openvas reports me a lot of vulnerabilities
related to the php version. But most of the vulnerabilites has been fixed
by the ubuntu team, so they're false positives after all.

I've run openvas to this two VMs:

1-A vm with Ubuntu 8.04 LTS without any update, running PHP 5.2.4-2ubuntu5.
2-A vm with Ubuntu 8.04 LTS totally updated, running PHP 5.2.4-2ubuntu5.25.

Both tests reported exactly the same PHP warnings. I've checked all the
CVEs involved in these warnings and all of them has been patched in the
latest php version (5.2.4-2ubuntu5.25). I've tried nexpose too and it has
the same behaviour, i also tried nessus and it really dissapointed me...
nessus didn't show any php warning at all.

I'd like to reduce this false positives. I assume this happens because
openvas is just checking for the php version (5.2.4), and it's not using
the rest of the information (2ubuntu.5.25). I also imagine, that every
distribution has its own way for naming its updates, so it can't be easy to
support all of them.

Is there any way we could make this tests more specific? I mean, if i had
certain information for instance  Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5
with Suhosin i could search somewhere (maybe in the ubuntu CVE
tracker? or a local db) wich of the vulnerabilites found in the PHP 5.2.4
version weren't patched in this particular version 5.2.4-2ubuntu5, and
report that.

I don't know if i was clear enough, but i did my best :D.

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GhostScripter Amazon Shop Multiple Vulnerabilities False possitive?

[Juan José Pavlik Salles]

Then it's a false positive, how can i report it to be checked??

2012/8/8 Michael Meyer michael.me...@greenbone.net

 *** Juan José Pavlik Salles wrote:

  As far as i know, that application is not installed on the VM project.
 Any
  clue???

 NVT sends the following requests:


 /{amazon,/cgi-bin,/scripts}/search.php?query=1scriptalert(document.cookie);/scriptmode=all

 and looks for scriptalert(document.cookie);/script

 in the response.

 Micha

 --
 Michael MeyerOpenPGP Key: 52A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] GhostScripter Amazon Shop Multiple Vulnerabilities False possitive?

[Juan José Pavlik Salles]

Hi, i'm running openvas 4 agaisnt the last OWASP bulnerable web application
VM, and it found what i think is a false possitive. Here i paste a copy

High (CVSS: 7.5)
NVT: GhostScripter Amazon Shop Multiple Vulnerabilities
Overview:
Amazon Shop is prone to multiple vulnerabilities, including a
cross-site scripting issue, a directory-traversal issue, and
multiple remote file-include issues, because it fails to
sufficiently sanitize user-supplied data.
An attacker can exploit these issues to run malicious PHP code in
the context of the webserver process, run script code in an
unsuspecting user’s browser, steal cookie-based authentication
credentials, or obtain sensitive information; other attacks are also
possible.
BID: 33994
OID of test routine: 1.3.6.1.4.1.25623.1.0.100024

As far as i know, that application is not installed on the VM project. Any
clue???

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanning a hostname with more then three dots

[Juan José Pavlik Salles]

rm4dillo, you have no idea how much work you saved me with this patch!!!
Now i can scan vhosts by creating one target per vhost i have. Thanks
Now i need that the nikto nasl uses that hostname instead of the ip addr.

2012/6/21 rm4dillo D rm4di...@gmail.com

 Well, after fixing this bug, I encountered a second issue ; the
 scanner overwrites my target's hostname by performing a reverse lookup
 on it's IP address ( www.target.com == lookup == 123.123.123.123
 == reverse lookup ==  virtual.hosting.com).

 I was able to fix this by applying the following patch :

 --- hosts_gatherer.c(revision 13635)
 +++ hosts_gatherer.c(working copy)
 @@ -192,7 +192,7 @@
}
  else
{
 -if (host-hostname  (!hg_valid_ip_addr (host-hostname)))
 +if (host-hostname)
{
  strncpy (hostname, host-hostname, sz - 1);
}

 as I don't thing that hostname has to be a valid IP address.

 The only comment I could found about this code was the following
 commit message First set of changes to openvas-libraries towards IPv6
 support.

 Rm4dillo

 On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D rm4di...@gmail.com wrote:
  Great ! Thank you !
 
  On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
  matthew.mund...@greenbone.net wrote:
  I've been trying to create a target using the following hostname
  a.b.c.example.com (4 dots) but it didn't work while
  b.c.example.com (3 dots)  works. This seems to be due to the
  following check which is mistakenly applied even if the host is
  alphanumeric. I think it should be moved somewhere deeper in
  validate_host.
 
  openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
 
  21448 : if (g_strv_length (split)  4)
  21449 :  return 1;
 
  Thanks.  That was solved in trunk r13492 on 2012-05-24.  I've now
  backported to the openvas-manager-3.0 branch (r13621) so it should
 appear
  in the next stable release.
 
  --
  Greenbone Networks GmbH
  Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
  Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] compiling openvas-scanner-3.3.0

[Juan José Pavlik Salles]

Hi, i'm trying to compile openvas4 from de sources, im following this link
http://www.fantaghost.com/2012/04/how-to-install-openvas-4-from-sources-on-ubuntu-lucid-10-04-x64/the
thing is that i've been able to compile wmiclient, libmicro,
openvas-libraries-4.0.7, but i get and error trying to compile
openvas-scanner-3.3.0.

checking for module 'libopenvas=5.0.0'
   package 'libopenvas=5.0.0' not found

any idea??? I thought that scanner3.3.0 should work with libraries4.0.7.

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] compiling openvas-scanner-3.3.0

[Juan José Pavlik Salles]

Nice observation, so the link i'm using it's wrong too. Well, there's hope
then, i will try with scaner-3.2.5. Thanks Reindl, was a terrible mistake.

2012/6/2 Reindl Harald h.rei...@thelounge.net



 Am 02.06.2012 14:57, schrieb Juan José Pavlik Salles:
  checking for module 'libopenvas=5.0.0'
 package 'libopenvas=5.0.0' not found
 
  any idea??? I thought that scanner3.3.0 should work with libraries4.0.7

 how comes you thought that?
 http://www.openvas.org/install-source.html

 clearly the OpenVAS-5 column


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas4 scanning vhosts

[Juan José Pavlik Salles]

I wanted double check, isn't there a patch or a workaround? I have 3 dtc
servers hosting more than 150 vhosts, and i'd like to scan all of them, i
don't have any problem in creating 150 openvas targets with each vhost. I
know i am being a bit annoying, but im trying to use openvas as the main
tool for getting my degree. Thanks guys!

2012/5/28 Scott Damron sdam...@gmail.com

 Well...you never mention anything about scanning vhosts in your first
 question.  The more info you provide, the more accurate the answers will be.
 On May 28, 2012 3:54 PM, Reindl Harald h.rei...@thelounge.net wrote:

 what do you mean with host records are correct?
 if you mean matching PTR - no, no and again: no
 it is a bgu in openvas that if you configure
 a hostname as target the default vhost is accessed
 due missing host headers from the scanner

 Am 28.05.2012 22:31, schrieb Scott Damron:
  You need take sure the open as server can resolve DNS.  If using
 internal DNS servers, make sure your host records
  are correct.
 
  On May 28, 2012 2:28 PM, Juan José Pavlik Salles 
  jjpav...@gmail.commailto:
 jjpav...@gmail.com wrote:
 
  Hi, is it possible to make openvas scan a server with its hostname
 instead of its IP address? I've created a
  target with its hostname but it doesn't work.


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas4 scanning vhosts

[Juan José Pavlik Salles]

Bad news then. I will try to take a loot at the sources, hope i can
remember some C or whatever it is written in. Thanks!!!

2012/5/29 Thomas Reinke li...@securityspace.com

 This is a long standing issue, I know this was discussed several years
 back in one of the DEVCONs (3 years ago I believe).  I thought at one
 point there was a CR written on this, but I can't seem to find it?

 Perhaps someone else that was involved at the time can refresh our
 collective memories?

 I know that the work involved to make this happen was non-trivial, and
 there was a certain level of discussion on how to handle common
 scenarios where there are many (sometimes 2,3, sometimes hundreds if
 not more) virtual hosts on a single IP.  The issue there was that scans
 are IP based, so support for virtual hosts needed to decide how to
 handle the many (vhost) to one (IP) mapping, and what kinds of limits
 to put around it.

 As far as I know, no one ever had significant time/bandwidth to resolve
 this issue.

 Thomas



 On 28/05/12 04:54 PM, Reindl Harald wrote:

 what do you mean with host records are correct?
 if you mean matching PTR -  no, no and again: no
 it is a bgu in openvas that if you configure
 a hostname as target the default vhost is accessed
 due missing host headers from the scanner

 Am 28.05.2012 22:31, schrieb Scott Damron:

 You need take sure the open as server can resolve DNS.  If using
 internal DNS servers, make sure your host records
 are correct.

 On May 28, 2012 2:28 PM, Juan José Pavlik Sallesjjpav...@gmail.com**
 mailto:jjpav...@gmail.com  wrote:

 Hi, is it possible to make openvas scan a server with its hostname
 instead of its IP address? I've created a
 target with its hostname but it doesn't work.




 __**_
 Openvas-discuss mailing list
 Openvas-discuss@wald.**intevation.orgOpenvas-discuss@wald.intevation.org
 http://lists.wald.intevation.**org/cgi-bin/mailman/listinfo/**
 openvas-discusshttp://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


 __**_
 Openvas-discuss mailing list
 Openvas-discuss@wald.**intevation.orgOpenvas-discuss@wald.intevation.org
 http://lists.wald.intevation.**org/cgi-bin/mailman/listinfo/**
 openvas-discusshttp://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] openvas4 scanning vhosts

[Juan José Pavlik Salles]

Hi, is it possible to make openvas scan a server with its hostname instead
of its IP address? I've created a target with its hostname but it doesn't
work.

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] some bugs / wishes openVAS

[Juan José Pavlik Salles]

Any idea about this? This is a big limitation, is it possible to avoid it?

2012/3/15 Juan José Pavlik Salles jjpav...@gmail.com

 Is it possible to fix that? I'm going to deploy openvas to scan a dtc
 webserver and it hosts more than 120 vhosts, so... i won't be able to scan
 them.

 2012/3/13 Reindl Harald h.rei...@thelounge.net



 Am 13.03.2012 16:07, schrieb Matthew Mundell:
  both is not really a solution if you are working in a VMware cluster
  and need to avoid overlap of scans
 
  Maybe scanning an IP range would help?  So any new machines are
 included in
  the range.
 
  what about a config-option to allow any changes in GSA for such
  environments?

 this does not help you if you get new virtual webhosts
 which are on different machines, but as said, currently
 openvas is using the wrong Host-Headers (PTR of the IP)
 so that it is impossible to scan a website if it is not
 the default-host of the machine


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Openvas 4 or 5

[Juan José Pavlik Salles]

Hi, i am not sure what to do, wheter to keep my Openvas4 installation or go
for a new Openvas5 one. Besides, i have some things already working, in my
actual desployment, but i want more. What are the main differences between
both of them?

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas 4 or 5

[Juan José Pavlik Salles]

Hi Daniel, thanks for your answer!! I will stick to my Openvas4 then. Hope
we can migrate easily from one to the other, after all the bugs are solved.

2012/5/19 Daniel Cabezas danielcabe...@hotmail.com

  Hi Juan José

 I've spent yesterday evening and most of today's morning trying to install
 and get OpenVAS 5 working. Long story short, it doesn't. I've stumbled
 across a long list of different bugs, not all of them directly related to
 OpenVAS, but in the end, it simply doesn't work:

 - In OpenSUSE and Debian distributions, problem resides in sqlite
 segfaulting when OpenVAS manager does the initial rebuild of the database.
 - In Centos 5.x and 6.x libmicrohttps doesn't support SSL, and
 openvas-nvt-sync corrupts the downloaded .nasl somehow, so openvas-scanner
 fails while initially loading the plugins.

 Jan-Oliver has recently posted a message indicating they are going to
 release a working OpenVAS 5 VM. My recommendation would be to wait for it
 and then check. In the meantime, stick to 4 version, or you are going to
 face a significant amount of issues.

 Kind regards,

 --
 Daniel

 --
 Date: Sat, 19 May 2012 14:39:57 -0300
 From: jjpav...@gmail.com
 To: openvas-discuss@wald.intevation.org
 Subject: [Openvas-discuss] Openvas 4 or 5


 Hi, i am not sure what to do, wheter to keep my Openvas4 installation or
 go for a new Openvas5 one. Besides, i have some things already working, in
 my actual desployment, but i want more. What are the main differences
 between both of them?

 --
 Pavlik Juan José

 ___ Openvas-discuss mailing
 list Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] gsad - libmicrohttpd problems

[Juan José Pavlik Salles]

Miguel, you should check this
http://lists.wald.intevation.org/pipermail/openvas-discuss/2011-November/003613.html

2012/3/23 Miguel Lucero miguel.luc...@gmail.com

 I just loaded the latest OpenVAS on Ubuntu 11.10 and can not get gsad to
 work.

 Whenever I try to login using the web gui the gsad process starts using
 99% cpu and login never succeeds. There are times when I cant even get the
 login page and the process begins to climb without showing me a login
 prompt. I tried searching for a solution and everything said it was a bug
 in libmicrohttpd but that was referring to an old version. I tried
 compiling an old version of libmicrohttpd (0.9.15) and it appeared to
 resolve it temporarily but the problem came back after I restarted the
 services. I attached to the process with strace but was not able to
 retrieve anything meaningful.

 I'm running the following:

 openvas 3.2.5-1
 openvas-manager 2.0.4-1
 openvas-cli 1.1.4-1
 openvas-administrator 1.1.2-1
 libmicrohttpd 0.9.19.1
 Ubuntu 11.10

 This only happens when running the gsad with SSL. If I run the service
 manually with --http-only, the application responds correctly and the
 process does not run away.

 Any help would be great... I am very interested in resolving this issue
 for other users. Thank you!

 Miguel

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Translating my reports

[Juan José Pavlik Salles]

Thanks Matthew!

El 12 de abril de 2012 05:58, Matthew Mundell matthew.mund...@greenbone.net
 escribió:

  Hi! I wish i could get my openvas reports in spanish, is that possible?
  What would i need to do or change? Thanks!

 The descriptions of the vulnerabilities from the NVTs are all in English.
 Translating all that would be a big job.  You could translate the rest of
 the report by creating a new report format.


 https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/doc/report-format-HOWTO

 --
 Greenbone Networks GmbH
 Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] How to get my reports

[Juan José Pavlik Salles]

Hi, i am working on my final project for my engineer degree, and i am
deploying an auditing server with openvas and using alfresco as my reports
repository. The problem is that i'd really like to use as much of the
openvas capabilities as i can, so i don't need to write complicated scripts
or hard-to-mainting things.

At this moment this is what i have:
1-I've created a lot of openvas tasks, one per server i want to audit.
2-I've wrote a really-hard-to-mainting perl script that use omp to run all
the tasks and control them. I run it with a cron job.
3-When the script detects one of the task is done, it dumps the report to a
pdf and save it in my alfresco installation throw cifs.
4-Alfresco process this new file, with some rules i've defined and send
massages to the administrator of the server, and some other people that
must be aware of the server.

I know that with a scheduler i could get step 2 to work, and maybe step 3
with the right escalator. What i would really love is to be able to create
my own escalator so i could send my reports to alfresco with it, instead of
using my actual schema. Is that possible? What about the CLI???

Until now, my schema works fine, but i'm not comfortable with it. Thanks
guys!


-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] How to get my reports

[Juan José Pavlik Salles]

Thanks Matthew, that sounds interesting, i'll try it and let you know.

El 11 de abril de 2012 15:41, Matthew Mundell matthew.mund...@greenbone.net
 escribió:

  I know that with a scheduler i could get step 2 to work, and maybe step 3
  with the right escalator. What i would really love is to be able to
 create
  my own escalator so i could send my reports to alfresco with it, instead
 of
  using my actual schema. Is that possible? What about the CLI???

 You can create a report format.  It's a little tricky, but possible.


 https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/doc/report-format-HOWTO

 The report format could send the report to alfresco.  Then you could use
 one of the existing escalators to trigger it, I think.

 --
 Greenbone Networks GmbH
 Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Translating my reports

[Juan José Pavlik Salles]

Hi! I wish i could get my openvas reports in spanish, is that possible?
What would i need to do or change? Thanks!


-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] How to get my reports

[Juan José Pavlik Salles]

I've been reading about creating a new report_format, but i really don't
know how i could use it for what i need. I mean, i need to dump the reports
in a cifs directory, i have no clue how to do that from a report format.

Maybe i could do this:
-Use an email escalator, with done task condition, and send the email to
localhost.
-Parse every mail that comes from openvas, and dump the reports to wherever
i need.

With this, i woulnd't need to much logic in my perl script, and i could use
the openvas scheduler. What do you think?

El 11 de abril de 2012 16:09, Juan José Pavlik Salles
jjpav...@gmail.comescribió:

 Thanks Matthew, that sounds interesting, i'll try it and let you know.

 El 11 de abril de 2012 15:41, Matthew Mundell 
 matthew.mund...@greenbone.net escribió:

  I know that with a scheduler i could get step 2 to work, and maybe step 3
  with the right escalator. What i would really love is to be able to
 create
  my own escalator so i could send my reports to alfresco with it,
 instead of
  using my actual schema. Is that possible? What about the CLI???

 You can create a report format.  It's a little tricky, but possible.


 https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/doc/report-format-HOWTO

 The report format could send the report to alfresco.  Then you could use
 one of the existing escalators to trigger it, I think.

 --
 Greenbone Networks GmbH
 Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner




 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] How to get my reports

[Juan José Pavlik Salles]

Hi, i am working on my final project for my engineer degree, and i am
deploying an auditing server with openvas and using alfresco as my reports
repository. The problem is that i'd really like to use as much of the
openvas capabilities as i can, so i don't need to write complicated scripts
or hard-to-mainting things.

At this moment this is what i have:
1-I've created a lot of openvas tasks, one per server i want to audit.
2-I've wrote a really-hard-to-mainting perl script that use omp to run all
the tasks and control them. I run it with a cron job.
3-When the script detects one of the task is done, it dumps the report to a
pdf and save it in my alfresco installation throw cifs.
4-Alfresco process this new file, with some rules i've defined and send
massages to the administrator of the server, and some other people that
must be aware of the server.

I know that with a scheduler i could get step 2 to work, and maybe step 3
with the right escalator. What i would really love is to be able to create
my own escalator so i could send my reports to alfresco with it, instead of
using my actual schema. Is that possible? What about the CLI???

Until now, my schema works fine, but i'm not comfortable with it. Thanks
guys!

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Translating my reports

[Juan José Pavlik Salles]

Hi! I wish i could get my openvas reports in spanish, is that possible?
What would i need to do or change? Thanks!

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] some bugs / wishes openVAS

[Juan José Pavlik Salles]

Is it possible to fix that? I'm going to deploy openvas to scan a dtc
webserver and it hosts more than 120 vhosts, so... i won't be able to scan
them.

2012/3/13 Reindl Harald h.rei...@thelounge.net



 Am 13.03.2012 16:07, schrieb Matthew Mundell:
  both is not really a solution if you are working in a VMware cluster
  and need to avoid overlap of scans
 
  Maybe scanning an IP range would help?  So any new machines are included
 in
  the range.
 
  what about a config-option to allow any changes in GSA for such
  environments?

 this does not help you if you get new virtual webhosts
 which are on different machines, but as said, currently
 openvas is using the wrong Host-Headers (PTR of the IP)
 so that it is impossible to scan a website if it is not
 the default-host of the machine


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Wapiti with openvas 4

[Juan José Pavlik Salles]

Hi!!! i've been trying to use wapiti to analyze my webservers but this is
what i get in my reports:

wapiti report filename is empty. that could mean that
wrong version of wapiti is used or tmp dir is not accessible.
Make sure to have wapiti 2.x as wapiti 1.x is not supported.
In short: check installation of wapiti and OpenVAS

Well... the problem is: the wapiti remote-web-wapiti.nasl is trying to use
-f txt reporte file type, but my wapiti 2.2.1 doesn't have txt type, it
only has xml and html. So... should i edit the nasl script??? should i wait
for an official fix??? What do u think?

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Hi!! well after some test i think i made it work. Actually i think my
problem was the target i was testing. This is what i did:

root@openvas:~/tools/pruebas# head ../../.bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
*export
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
*
*alias sudo=sudo env PATH=$PATH*

And a symlink:

root@openvas:~/tools/pruebas# ll /bin/nikto
*lrwxrwxrwx 1 root root 40 2011-12-14 00:50 /bin/nikto -
/root/tools/pruebas/nikto-2.1.4/nikto.pl**

One more thing, i changed the timeout value for this pluing to 1200 sec.
(20 minutes), because it was taking too long. I also changed the default
timeout to 600 sec.
There's a target that don't show me niktos scan, but in other targets it
works great. I hope this helps you.

2011/12/15 Allon Moritz - First Security allon.mor...@first-security.com

 Could you find a solution for this issue, because I’ve  experienced the
 same behavior…..

 ** **

 *Von:* openvas-discuss-boun...@wald.intevation.org [mailto:
 openvas-discuss-boun...@wald.intevation.org] *Im Auftrag von *Juan José
 Pavlik Salles
 *Gesendet:* Mittwoch, 14. Dezember 2011 04:53
 *An:* Sébastien AUCOUTURIER
 *Cc:* openvas-discuss@wald.intevation.org
 *Betreff:* Re: [Openvas-discuss] Using nikto NASL

 ** **

 I just lunched nikto.nasl manually and got this:

 root@openvas:/var/lib/openvas/plugins# openvas-nasl -t webserver1
 nikto.nasl -X
 ...
 host\n+ End Time:   2011-12-15 00:46:57 (*736 
 seconds*)\n---\n+
 1 host(s) tested\n;*
 ']: Socket operation on non-socket
 [20077] plug_set_key:internal_send(0)['3 Success/(null)=1;
 ']: Socket operation on non-socket*

 First thing: it took 736 secods, more than 10 minutes, when the defaulr
 timeout is 320 seconds.
 Second thing: what about the last 3 lines, is it normal?

 My first idea is to set a bigger plugin timeout in openvas and see what
 happens.

 El 14 de diciembre de 2011 00:17, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

 Well... Nikto could not be found in your system path. is back!!! what
 did i do? i removed all the nikto symlinks and copies i had in my $PATH.
 This make me think openvas did found nikto but for some unknown at least
 yet reason it's not working properly, maybe a timeout a parameter error,
 no clue at all. Tomorrow i'm gonna make more tests and see what happens.**
 **

 El 13 de diciembre de 2011 20:22, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

 ** **

 I've removed and updated the plugins tons of times, but nikto doesn't
 work. Today i removed all the tasks i had created, and i am trying with new
 tasks, but nikt still doesn't show up in my reports. I looked in the scan
 configs and it is activated Nikto NASL. 

 ** **

 2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

 Juan,
 you can try to update plugin feed again, may be you modify nikto.nasl by
 editing ? this way nikto.nasl.asc does not match anymore with nikto.nasl,
 and  this prevent nikto.nasl to be execute.
 Just an idea .


 Le 12/13/2011 12:07, Juan José Pavlik Salles a écrit : 

 Thanks Sébastien! i just tried installing nikto as you did, moving
 everything to /usr/local/bin/ and configuring /etc/nikto.conf, but nothing
 new. It's like openvas never sees nikto.nasl in the plugins directory,
 although it's there: 

 ** **

  root@openvas:~# ls /var/lib/openvas/plugins/nikto.nasl* -l 

 -rw-r--r-- 1 root root 4610 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl

 -rw-r--r-- 1 root root  198 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl.asc

 root@openvas:~# 

 ** **

 It's getting really anoying this, i wish i could find a solution. 

 ** **

 2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

 my two cents,
 with openvas4 (lib:4-0-6, scanner:3.2.5, nvt:2011121254), and openvas5:
 (beta2 for scanner and lib)

 i install nikto ugly way ..  moving  /opt/nikto-2-0-4/*  to  /usr/local/bin
 and i modify nikto.conf, to specify nikto plugins directory location.
 (/usr/local/bin/plugins)

 - running with 'openvas-nasl nikto.nasl -t target -T -' ,  nikto report
 was shown OK on stderr.

 - running through gsad, in openvassd.dump file, i got broken pipe
 during nikto report writes and No Ouputs in the results.

 i can help running more tests if needed.

 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax.
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss



 

 ** **

 --
 Pavlik Juan José

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Thanks Sébastien! i just tried installing nikto as you did, moving
everything to /usr/local/bin/ and configuring /etc/nikto.conf, but nothing
new. It's like openvas never sees nikto.nasl in the plugins directory,
although it's there:

 root@openvas:~# ls /var/lib/openvas/plugins/nikto.nasl* -l
-rw-r--r-- 1 root root 4610 2011-11-22 10:09
/var/lib/openvas/plugins/nikto.nasl
-rw-r--r-- 1 root root  198 2011-11-22 10:09
/var/lib/openvas/plugins/nikto.nasl.asc
root@openvas:~#

It's getting really anoying this, i wish i could find a solution.

2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

 my two cents,
 with openvas4 (lib:4-0-6, scanner:3.2.5, nvt:2011121254), and openvas5:
 (beta2 for scanner and lib)

 i install nikto ugly way ..  moving  /opt/nikto-2-0-4/*  to  /usr/local/bin
 and i modify nikto.conf, to specify nikto plugins directory location.
 (/usr/local/bin/plugins)

 - running with 'openvas-nasl nikto.nasl -t target -T -' ,  nikto report
 was shown OK on stderr.

 - running through gsad, in openvassd.dump file, i got broken pipe
 during nikto report writes and No Ouputs in the results.

 i can help running more tests if needed.

 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax.
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I've removed and updated the plugins tons of times, but nikto doesn't work.
Today i removed all the tasks i had created, and i am trying with new
tasks, but nikt still doesn't show up in my reports. I looked in the scan
configs and it is activated Nikto NASL.

2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

  Juan,
 you can try to update plugin feed again, may be you modify nikto.nasl by
 editing ? this way nikto.nasl.asc does not match anymore with nikto.nasl,
 and  this prevent nikto.nasl to be execute.
 Just an idea .


 Le 12/13/2011 12:07, Juan José Pavlik Salles a écrit :

 Thanks Sébastien! i just tried installing nikto as you did, moving
 everything to /usr/local/bin/ and configuring /etc/nikto.conf, but nothing
 new. It's like openvas never sees nikto.nasl in the plugins directory,
 although it's there:

   root@openvas:~# ls /var/lib/openvas/plugins/nikto.nasl* -l
 -rw-r--r-- 1 root root 4610 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl
 -rw-r--r-- 1 root root  198 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl.asc
 root@openvas:~#

  It's getting really anoying this, i wish i could find a solution.

 2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

 my two cents,
 with openvas4 (lib:4-0-6, scanner:3.2.5, nvt:2011121254), and openvas5:
 (beta2 for scanner and lib)

 i install nikto ugly way ..  moving  /opt/nikto-2-0-4/*  to
  /usr/local/bin
 and i modify nikto.conf, to specify nikto plugins directory location.
 (/usr/local/bin/plugins)

 - running with 'openvas-nasl nikto.nasl -t target -T -' ,  nikto report
 was shown OK on stderr.

 - running through gsad, in openvassd.dump file, i got broken pipe
 during nikto report writes and No Ouputs in the results.

 i can help running more tests if needed.

 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax.
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




  --
 Pavlik Juan José



 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax. 
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I just lunched nikto.nasl manually and got this:

root@openvas:/var/lib/openvas/plugins# openvas-nasl -t webserver1
nikto.nasl -X
...
host\n+ End Time:   2011-12-15 00:46:57 (*736
seconds*)\n---\n+
1 host(s) tested\n;*
']: Socket operation on non-socket
[20077] plug_set_key:internal_send(0)['3 Success/(null)=1;
']: Socket operation on non-socket*

First thing: it took 736 secods, more than 10 minutes, when the defaulr
timeout is 320 seconds.
Second thing: what about the last 3 lines, is it normal?

My first idea is to set a bigger plugin timeout in openvas and see what
happens.

El 14 de diciembre de 2011 00:17, Juan José Pavlik Salles 
jjpav...@gmail.com escribió:

 Well... Nikto could not be found in your system path. is back!!! what
 did i do? i removed all the nikto symlinks and copies i had in my $PATH.
 This make me think openvas did found nikto but for some unknown at least
 yet reason it's not working properly, maybe a timeout a parameter error,
 no clue at all. Tomorrow i'm gonna make more tests and see what happens.

 El 13 de diciembre de 2011 20:22, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

 I've removed and updated the plugins tons of times, but nikto doesn't
 work. Today i removed all the tasks i had created, and i am trying with new
 tasks, but nikt still doesn't show up in my reports. I looked in the scan
 configs and it is activated Nikto NASL.

 2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

  Juan,
 you can try to update plugin feed again, may be you modify nikto.nasl by
 editing ? this way nikto.nasl.asc does not match anymore with nikto.nasl,
 and  this prevent nikto.nasl to be execute.
 Just an idea .


 Le 12/13/2011 12:07, Juan José Pavlik Salles a écrit :

 Thanks Sébastien! i just tried installing nikto as you did, moving
 everything to /usr/local/bin/ and configuring /etc/nikto.conf, but nothing
 new. It's like openvas never sees nikto.nasl in the plugins directory,
 although it's there:

   root@openvas:~# ls /var/lib/openvas/plugins/nikto.nasl* -l
 -rw-r--r-- 1 root root 4610 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl
 -rw-r--r-- 1 root root  198 2011-11-22 10:09
 /var/lib/openvas/plugins/nikto.nasl.asc
 root@openvas:~#

  It's getting really anoying this, i wish i could find a solution.

 2011/12/13 Sébastien AUCOUTURIER s.aucoutur...@itrust.fr

 my two cents,
 with openvas4 (lib:4-0-6, scanner:3.2.5, nvt:2011121254), and openvas5:
 (beta2 for scanner and lib)

 i install nikto ugly way ..  moving  /opt/nikto-2-0-4/*  to
  /usr/local/bin
 and i modify nikto.conf, to specify nikto plugins directory location.
 (/usr/local/bin/plugins)

 - running with 'openvas-nasl nikto.nasl -t target -T -' ,  nikto report
 was shown OK on stderr.

 - running through gsad, in openvassd.dump file, i got broken pipe
 during nikto report writes and No Ouputs in the results.

 i can help running more tests if needed.

 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax.
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




  --
 Pavlik Juan José



 --
 | Sébastien AUCOUTURIER | Software Design Engineer Lead |
 | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
 | Email: s.aucoutur...@itrust.fr | Fixe Sdt. 05.67.34.67.80 | Fax. 
 09.80.08.37.23
 | IT Security Services  SaaS Editor  |


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




 --
 Pavlik Juan José




 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Hi Christian! This is my .bashrc right now:

root@openvas:~# head .bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
export
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
alias sudo=sudo env PATH=$PATH

# If not running interactively, don't do anything
[ -z $PS1 ]  return

# don't put duplicate lines in the history. See bash(1) for more options
root@openvas:~#

But it still doesn't work, actually there's a little difference, i don't
get the nikto not found message in my reports now... don't think that's a
coincidence! I really thought this would be a lot easier haha trust me!

El 11 de diciembre de 2011 11:11, Christian Kuersteiner
ckuer...@gmx.chescribió:

 On 12/09/2011 08:53 PM, Juan José Pavlik Salles wrote:

 I tried the alias solution:

 root@openvas:~/tools/pruebas# tail -3 /root/.bashrc
 #fi
 export
 PATH=/usr/local/sbin:/usr/**local/bin:/usr/sbin:/usr/bin:/**
 sbin:/bin:/usr/games:/opt/**nikto
 alias sudo='sudo env PATH=$PATH'
 root@openvas:~/tools/pruebas#


 Just for the record: I have this in my .bashrc:

 alias sudo=sudo env PATH=$PATH:/home/user/tools/**nikto

 which works like a charm for me. Note the double quotes: IIRC $PATH will
 be not evaluated in a single quote statement.

 Best regards,

 Christian




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I just remove everything in the cache but still have this problem:

root@openvas:~# openvas-nasl -D /var/lib/openvas/plugins/nikto.nasl
/var/lib/openvas/plugins/nikto.nasl: bad or missing signature. Will not
execute this script

root@openvas:~# md5sum /var/lib/openvas/plugins/nikto.nasl
530eaa46fc022336703d6ddd3ef35019  /var/lib/openvas/plugins/nikto.nasl

root@openvas:~# md5sum /var/lib/openvas/plugins/nikto.nasl.asc
ee7347d9074988a4a4f21a8aa43fd531  /var/lib/openvas/plugins/nikto.nasl.asc

root@openvas:~# ls -lah /var/lib/openvas/plugins/nikto.nasl*
-rw-r--r-- 1 root root 4,6K 2011-11-22 10:09
/var/lib/openvas/plugins/nikto.nasl
-rw-r--r-- 1 root root  198 2011-11-22 10:09
/var/lib/openvas/plugins/nikto.nasl.asc

The strange thing is that the plugin works, i mean i can run it:

root@openvas:~# openvas-nasl -t 192.168.0.1 -X
/var/lib/openvas/plugins/nikto.nasl
Here is the Nikto report:
- Nikto v2.1.4
---
+ Target IP:  192.168.0.1
+ Target Hostname:argos
+ Target Port:80
+ Start Time: 2011-12-12 19:00:05
---
+ Server: Apache/2.2.15 (Linux/SUSE)
+ / - Requires Authentication for realm 'mrtg'
+ No CGI Directories found (use '-C all' to force check all possible dirs)

[5890] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is the
Nikto report:\n- Nikto
v2.1.4\n---\n+
Target IP:  192.168.0.1\n+ Target Hostname:argos\n+ Target
Port:80\n+ Start Time: 2011-12-12
19:00:05\n---\n+
Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for realm
'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
possible dirs)\n;
']: Socket operation on non-socket
[5890] plug_set_key:internal_send(0)['3 Success/(null)=1;
']: Socket operation on non-socket


El 11 de diciembre de 2011 18:54, Brandon Perry
bperry.volat...@gmail.comescribió:

 Not sure of the proper way, but I clear the openvas cache by

 rm -rf /var/cache/openvas/*

 then restart openvassd

 2011/12/11 Juan José Pavlik Salles jjpav...@gmail.com:
  Something happend with nikto.nasl's signature:
 
  root@openvas:~# openvas-nasl -p nikto.nasl
 
  nikto.nasl: Not able to open nor to locate it in include paths
  root@openvas:~# openvas-nasl -p /var/lib/openvas/plugins/nikto.nasl
  /var/lib/openvas/plugins/nikto.nasl: bad or missing signature. Will not
  execute this script
 
  I removed nikto.nasl and nikto.nasl.asc, rsynced the nvts but the problem
  persists. That's why nikto is not in my reports now. Did someone change
 the
  script??? Maybe disabling the signed nasl i could make i work???
 
  El 11 de diciembre de 2011 18:09, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  Run the nasl with openvas-nasl now from your home dir, relatively. See
  what it spits out. Possibly making it more verbose if need be.
 
  2011/12/11 Juan José Pavlik Salles jjpav...@gmail.com:
   Hi Christian! This is my .bashrc right now:
  
   root@openvas:~# head .bashrc
   # ~/.bashrc: executed by bash(1) for non-login shells.
   # see /usr/share/doc/bash/examples/startup-files (in the package
   bash-doc)
   # for examples
   export
  
  
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
  
   alias sudo=sudo env PATH=$PATH
  
   # If not running interactively, don't do anything
   [ -z $PS1 ]  return
  
   # don't put duplicate lines in the history. See bash(1) for more
 options
   root@openvas:~#
  
   But it still doesn't work, actually there's a little difference, i
 don't
   get
   the nikto not found message in my reports now... don't think that's
 a
   coincidence! I really thought this would be a lot easier haha trust
 me!
  
   El 11 de diciembre de 2011 11:11, Christian Kuersteiner
   ckuer...@gmx.ch
   escribió:
  
   On 12/09/2011 08:53 PM, Juan José Pavlik Salles wrote:
  
   I tried the alias solution:
  
   root@openvas:~/tools/pruebas# tail -3 /root/.bashrc
   #fi
   export
  
  
  
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
   alias sudo='sudo env PATH=$PATH'
   root@openvas:~/tools/pruebas#
  
  
   Just for the record: I have this in my .bashrc:
  
   alias sudo=sudo env PATH=$PATH:/home/user/tools/nikto
  
   which works like a charm for me. Note the double quotes: IIRC $PATH
   will
   be not evaluated in a single quote statement.
  
   Best regards,
  
   Christian
  
  
  
  
   --
   Pavlik Juan José
  
   ___
   Openvas-discuss mailing list
   Openvas-discuss@wald.intevation.org
   http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
  
 
 
 
  --
  http://volatile-minds.blogspot.com -- blog
  http://www.volatileminds.net

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I've news! if i cd to /var/lib/openvas/plugins i can run nikto.nasl like
this;

root@openvas:/var/lib/openvas/plugins# openvas-nasl -t 200.16.16.50
nikto.nasl -X
- Nikto v2.1.4
---
+ Target IP:  192.168.1.5
+ Target Hostname:virtual-test
+ Target Port:80
+ Start Time: 2011-12-11 13:37:04
---
+ Server: Apache/2.2.15 (Linux/SUSE)
+ / - Requires Authentication for realm 'mrtg'
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.19).
Apache 1.3.42 (final release) and 2.0.64 are also current.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable
to XST
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 6456 items checked: 33 error(s) and 4 item(s) reported on remote host
+ End Time:   2011-12-11 13:49:14 (730 seconds)
---
+ 1 host(s) tested

[22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is the
Nikto report:\n- Nikto
v2.1.4\n---\n+
Target IP:  192.168.1.5\n+ Target Hostname:virtual-test\n+
Target Port:80\n+ Start Time: 2011-12-11
13:37:04\n---\n+
Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for realm
'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
possible dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the host is
vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing found.\n+
OSVDB-3233: /icons/README: Apache default file found.\n+ 6456 items
checked: 33 error(s) and 4 item(s) reported on remote host\n+ End
Time:   2011-12-11 13:49:14 (730
seconds)\n---\n+
1 host(s) tested\n;
']: Socket operation on non-socket
[22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
']: Socket operation on non-socket

BUT... i don't get it to work on my scan configs! Really no F clue about
this...

El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles jjpav...@gmail.com
 escribió:

 Here is more info:

 root@openvas:/var/lib/openvas/plugins# ls -l /usr/local/bin/nikto*
 lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto -
 /opt/nikto/nikto
 lrwxrwxrwx 1 root root 19 2011-12-09 02:04 /usr/local/bin/nikto.pl -
 /opt/nikto/nikto.pl
 root@openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
 /opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl

 nikto is a copy of nikto.pl.

 El 9 de diciembre de 2011 19:05, Brandon Perry 
 bperry.volat...@gmail.comescribió:

 Also, 'which nikto.pl'

 2011/12/9 Brandon Perry bperry.volat...@gmail.com:
  What does 'which nikto' return
 
  2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
  Here i come again, still can't make nikto work on my reports. Now i
 tried
  using nikto.nasl with openvas-nasl command, like this:
 
  root@openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host nikto
 -X
  nikto: Not able to open nor to locate it in include paths
 
  There's definitly something wrong here... This is where nikto is:
 
  root@openvas:/var/lib/openvas/plugins# whereis nikto
  nikto: /etc/nikto.conf /usr/local/bin/nikto.pl /usr/local/bin/nikto
 
  Actually, /usr/local/bin/nikto and nikto.pl are symbolic links to
  /opt/nikto/nikto.pl. What else could i try???
 
  El 9 de diciembre de 2011 11:05, Juan José Pavlik Salles
  jjpav...@gmail.com escribió:
 
  I found this in my openvassd.dump log file:
 
  [15465](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
 found
  in $PATH
  [15466](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
 found
  in $PATH
 
  No surprise though.
 
  El 9 de diciembre de 2011 10:53, Juan José Pavlik Salles
  jjpav...@gmail.com escribió:
 
  I tried the alias solution:
 
  root@openvas:~/tools/pruebas# tail -3 /root/.bashrc
  #fi
  export
 
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
  alias sudo='sudo env PATH=$PATH'
  root@openvas:~/tools/pruebas#
 
  without any luck... i also comment:
 
  #Defaultsenv_reset
 
  In /etc/sudoers, because this line set reset enviroment variables as
  default. I'm really lost right now.
 
  El 9 de diciembre de 2011 06:07, Christian Kuersteiner 
 ckuer...@gmx.ch
  escribió:
 
  On 12/09/2011 11:45 AM, Juan José Pavlik Salles wrote:
 
  I've already put nikto's path in .bashrc, but it doesn't work. Why
  openvas isn't seeing the same PATH var that i see??? any

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

If i run it out of /var/lib/openvas/pluings:

root@openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50 nikto.nasl -X
nikto.nasl: Not able to open nor to locate it in include paths

I'm really confused, now i don't even get the nikto not found message in
my reports anymore.

El 10 de diciembre de 2011 14:02, Brandon Perry
bperry.volat...@gmail.comescribió:

 Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then run
 the nikto nasl absolutely, rather than relatively.

 If this works, then there are some oddities in the environment of openvas.

 ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  I've news! if i cd to /var/lib/openvas/plugins i can run nikto.nasl like
  this;
 
  root@openvas:/var/lib/openvas/plugins# openvas-nasl -t 200.16.16.50
  nikto.nasl -X
  - Nikto v2.1.4
 
 ---
  + Target IP:  192.168.1.5
  + Target Hostname:virtual-test
  + Target Port:80
  + Start Time: 2011-12-11 13:37:04
 
 ---
  + Server: Apache/2.2.15 (Linux/SUSE)
  + / - Requires Authentication for realm 'mrtg'
  + No CGI Directories found (use '-C all' to force check all possible
 dirs)
  + Apache/2.2.15 appears to be outdated (current is at least
 Apache/2.2.19).
  Apache 1.3.42 (final release) and 2.0.64 are also current.
  + OSVDB-877: HTTP TRACE method is active, suggesting the host is
 vulnerable
  to XST
  + OSVDB-3268: /icons/: Directory indexing found.
  + OSVDB-3233: /icons/README: Apache default file found.
  + 6456 items checked: 33 error(s) and 4 item(s) reported on remote host
  + End Time:   2011-12-11 13:49:14 (730 seconds)
 
 ---
  + 1 host(s) tested
 
  [22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is the
  Nikto report:\n- Nikto
 
 v2.1.4\n---\n+
  Target IP:  192.168.1.5\n+ Target Hostname:virtual-test\n+
  Target Port:80\n+ Start Time: 2011-12-11
 
 13:37:04\n---\n+
  Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for
 realm
  'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
 possible
  dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
  Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
  current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the host
 is
  vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing found.\n+
  OSVDB-3233: /icons/README: Apache default file found.\n+ 6456 items
 checked:
  33 error(s) and 4 item(s) reported on remote host\n+ End Time:
  2011-12-11 13:49:14 (730
 
 seconds)\n---\n+
  1 host(s) tested\n;
  ']: Socket operation on non-socket
  [22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
  ']: Socket operation on non-socket
 
  BUT... i don't get it to work on my scan configs! Really no F clue about
  this...
 
  El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles
  jjpav...@gmail.com escribió:
 
  Here is more info:
 
  root@openvas:/var/lib/openvas/plugins# ls -l /usr/local/bin/nikto*
  lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto -
  /opt/nikto/nikto
  lrwxrwxrwx 1 root root 19 2011-12-09 02:04 /usr/local/bin/nikto.pl -
  /opt/nikto/nikto.pl
  root@openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
  /opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl
 
  nikto is a copy of nikto.pl.
 
  El 9 de diciembre de 2011 19:05, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  Also, 'which nikto.pl'
 
  2011/12/9 Brandon Perry bperry.volat...@gmail.com:
   What does 'which nikto' return
  
   2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
   Here i come again, still can't make nikto work on my reports. Now i
   tried
   using nikto.nasl with openvas-nasl command, like this:
  
   root@openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host
 nikto
   -X
   nikto: Not able to open nor to locate it in include paths
  
   There's definitly something wrong here... This is where nikto is:
  
   root@openvas:/var/lib/openvas/plugins# whereis nikto
   nikto: /etc/nikto.conf /usr/local/bin/nikto.pl /usr/local/bin/nikto
  
   Actually, /usr/local/bin/nikto and nikto.pl are symbolic links to
   /opt/nikto/nikto.pl. What else could i try???
  
   El 9 de diciembre de 2011 11:05, Juan José Pavlik Salles
   jjpav...@gmail.com escribió:
  
   I found this in my openvassd.dump log file:
  
   [15465](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
   found
   in $PATH
   [15466](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

You are right, if i run it like this:

openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugins/nikto.nasl -X

works great.

El 10 de diciembre de 2011 14:08, Brandon Perry
bperry.volat...@gmail.comescribió:

 In that example, you are running it relatively, that is relative to
 the environment you are in.

 Run it absolutely. Give it the absolute path to the nasl, not a
 relative path dependent on your env.
 ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  If i run it out of /var/lib/openvas/pluings:
 
  root@openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50 nikto.nasl -X
  nikto.nasl: Not able to open nor to locate it in include paths
 
  I'm really confused, now i don't even get the nikto not found message
 in
  my reports anymore.
 
  El 10 de diciembre de 2011 14:02, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then run
  the nikto nasl absolutely, rather than relatively.
 
  If this works, then there are some oddities in the environment of
 openvas.
 
  ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
 
  2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
   I've news! if i cd to /var/lib/openvas/plugins i can run nikto.nasl
 like
   this;
  
   root@openvas:/var/lib/openvas/plugins# openvas-nasl -t 200.16.16.50
   nikto.nasl -X
   - Nikto v2.1.4
  
  
 ---
   + Target IP:  192.168.1.5
   + Target Hostname:virtual-test
   + Target Port:80
   + Start Time: 2011-12-11 13:37:04
  
  
 ---
   + Server: Apache/2.2.15 (Linux/SUSE)
   + / - Requires Authentication for realm 'mrtg'
   + No CGI Directories found (use '-C all' to force check all possible
   dirs)
   + Apache/2.2.15 appears to be outdated (current is at least
   Apache/2.2.19).
   Apache 1.3.42 (final release) and 2.0.64 are also current.
   + OSVDB-877: HTTP TRACE method is active, suggesting the host is
   vulnerable
   to XST
   + OSVDB-3268: /icons/: Directory indexing found.
   + OSVDB-3233: /icons/README: Apache default file found.
   + 6456 items checked: 33 error(s) and 4 item(s) reported on remote
 host
   + End Time:   2011-12-11 13:49:14 (730 seconds)
  
  
 ---
   + 1 host(s) tested
  
   [22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is
   the
   Nikto report:\n- Nikto
  
  
 v2.1.4\n---\n+
   Target IP:  192.168.1.5\n+ Target Hostname:virtual-test\n+
   Target Port:80\n+ Start Time: 2011-12-11
  
  
 13:37:04\n---\n+
   Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for
   realm
   'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
   possible
   dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
   Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
   current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the
 host
   is
   vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing found.\n+
   OSVDB-3233: /icons/README: Apache default file found.\n+ 6456 items
   checked:
   33 error(s) and 4 item(s) reported on remote host\n+ End Time:
   2011-12-11 13:49:14 (730
  
  
 seconds)\n---\n+
   1 host(s) tested\n;
   ']: Socket operation on non-socket
   [22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
   ']: Socket operation on non-socket
  
   BUT... i don't get it to work on my scan configs! Really no F clue
 about
   this...
  
   El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles
   jjpav...@gmail.com escribió:
  
   Here is more info:
  
   root@openvas:/var/lib/openvas/plugins# ls -l /usr/local/bin/nikto*
   lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto -
   /opt/nikto/nikto
   lrwxrwxrwx 1 root root 19 2011-12-09 02:04 /usr/local/bin/nikto.pl-
   /opt/nikto/nikto.pl
   root@openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
   /opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl
  
   nikto is a copy of nikto.pl.
  
   El 9 de diciembre de 2011 19:05, Brandon Perry
   bperry.volat...@gmail.com
   escribió:
  
   Also, 'which nikto.pl'
  
   2011/12/9 Brandon Perry bperry.volat...@gmail.com:
What does 'which nikto' return
   
2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
Here i come again, still can't make nikto work on my reports.
 Now i
tried
using nikto.nasl with openvas-nasl command, like this:
   
root@openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host
nikto
-X
nikto

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

The only strange thing i can see, is that i don't have
/etc/openvas/openvassd.conf file, and the gsa web interface shows me the
running config saying: From file: /etc/openvas/openvassd.conf, but
there's no such file in my file system. There are others nasl plugins that
works great... really dont get it.

El 10 de diciembre de 2011 14:13, Brandon Perry
bperry.volat...@gmail.comescribió:

 This mean that openvas is fudging up some env variables. I've no idea
 what it could be, perhaps making openvas run nasl's absosultely all
 the time should be mandated? Would fix this bug...

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  You are right, if i run it like this:
 
  openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugins/nikto.nasl -X
 
  works great.
 
  El 10 de diciembre de 2011 14:08, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  In that example, you are running it relatively, that is relative to
  the environment you are in.
 
  Run it absolutely. Give it the absolute path to the nasl, not a
  relative path dependent on your env.
  ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
 
  2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
   If i run it out of /var/lib/openvas/pluings:
  
   root@openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50
 nikto.nasl -X
   nikto.nasl: Not able to open nor to locate it in include paths
  
   I'm really confused, now i don't even get the nikto not found
 message
   in
   my reports anymore.
  
   El 10 de diciembre de 2011 14:02, Brandon Perry
   bperry.volat...@gmail.com
   escribió:
  
   Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then run
   the nikto nasl absolutely, rather than relatively.
  
   If this works, then there are some oddities in the environment of
   openvas.
  
   ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
  
   2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
I've news! if i cd to /var/lib/openvas/plugins i can run nikto.nasl
like
this;
   
root@openvas:/var/lib/openvas/plugins# openvas-nasl -t
 200.16.16.50
nikto.nasl -X
- Nikto v2.1.4
   
   
   
 ---
+ Target IP:  192.168.1.5
+ Target Hostname:virtual-test
+ Target Port:80
+ Start Time: 2011-12-11 13:37:04
   
   
   
 ---
+ Server: Apache/2.2.15 (Linux/SUSE)
+ / - Requires Authentication for realm 'mrtg'
+ No CGI Directories found (use '-C all' to force check all
 possible
dirs)
+ Apache/2.2.15 appears to be outdated (current is at least
Apache/2.2.19).
Apache 1.3.42 (final release) and 2.0.64 are also current.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is
vulnerable
to XST
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 6456 items checked: 33 error(s) and 4 item(s) reported on remote
host
+ End Time:   2011-12-11 13:49:14 (730 seconds)
   
   
   
 ---
+ 1 host(s) tested
   
[22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here
 is
the
Nikto report:\n- Nikto
   
   
   
 v2.1.4\n---\n+
Target IP:  192.168.1.5\n+ Target Hostname:
virtual-test\n+
Target Port:80\n+ Start Time: 2011-12-11
   
   
   
 13:37:04\n---\n+
Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication
 for
realm
'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
possible
dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the
host
is
vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing
found.\n+
OSVDB-3233: /icons/README: Apache default file found.\n+ 6456 items
checked:
33 error(s) and 4 item(s) reported on remote host\n+ End Time:
2011-12-11 13:49:14 (730
   
   
   
 seconds)\n---\n+
1 host(s) tested\n;
']: Socket operation on non-socket
[22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
']: Socket operation on non-socket
   
BUT... i don't get it to work on my scan configs! Really no F clue
about
this...
   
El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles
jjpav...@gmail.com escribió:
   
Here is more info:
   
root@openvas:/var/lib/openvas/plugins# ls -l
 /usr/local/bin/nikto*
lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Here it is:

root@openvas:~# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto

This is the $PATH for an interactive shell, i also added this next two
lines on the top of ~/.bashrc

export
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
alias sudo='sudo env PATH=$PATH'

And commented Defaults env_reset in /etc/sudoers file. I've also tried
adding export PATH in the openvas init.d scripts, without any good answer.

El 10 de diciembre de 2011 14:22, Brandon Perry
bperry.volat...@gmail.comescribió:

 Could you echo your $PATH again? you can remove any personal info from
 it...

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  The only strange thing i can see, is that i don't have
  /etc/openvas/openvassd.conf file, and the gsa web interface shows me the
  running config saying: From file: /etc/openvas/openvassd.conf, but
 there's
  no such file in my file system. There are others nasl plugins that works
  great... really dont get it.
 
  El 10 de diciembre de 2011 14:13, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  This mean that openvas is fudging up some env variables. I've no idea
  what it could be, perhaps making openvas run nasl's absosultely all
  the time should be mandated? Would fix this bug...
 
  2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
   You are right, if i run it like this:
  
   openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugins/nikto.nasl -X
  
   works great.
  
   El 10 de diciembre de 2011 14:08, Brandon Perry
   bperry.volat...@gmail.com
   escribió:
  
   In that example, you are running it relatively, that is relative to
   the environment you are in.
  
   Run it absolutely. Give it the absolute path to the nasl, not a
   relative path dependent on your env.
   ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
  
   2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
If i run it out of /var/lib/openvas/pluings:
   
root@openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50
 nikto.nasl
-X
nikto.nasl: Not able to open nor to locate it in include paths
   
I'm really confused, now i don't even get the nikto not found
message
in
my reports anymore.
   
El 10 de diciembre de 2011 14:02, Brandon Perry
bperry.volat...@gmail.com
escribió:
   
Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then
run
the nikto nasl absolutely, rather than relatively.
   
If this works, then there are some oddities in the environment of
openvas.
   
~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl
-X
   
2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
 I've news! if i cd to /var/lib/openvas/plugins i can run
 nikto.nasl
 like
 this;

 root@openvas:/var/lib/openvas/plugins# openvas-nasl -t
 200.16.16.50
 nikto.nasl -X
 - Nikto v2.1.4




 ---
 + Target IP:  192.168.1.5
 + Target Hostname:virtual-test
 + Target Port:80
 + Start Time: 2011-12-11 13:37:04




 ---
 + Server: Apache/2.2.15 (Linux/SUSE)
 + / - Requires Authentication for realm 'mrtg'
 + No CGI Directories found (use '-C all' to force check all
 possible
 dirs)
 + Apache/2.2.15 appears to be outdated (current is at least
 Apache/2.2.19).
 Apache 1.3.42 (final release) and 2.0.64 are also current.
 + OSVDB-877: HTTP TRACE method is active, suggesting the host is
 vulnerable
 to XST
 + OSVDB-3268: /icons/: Directory indexing found.
 + OSVDB-3233: /icons/README: Apache default file found.
 + 6456 items checked: 33 error(s) and 4 item(s) reported on
 remote
 host
 + End Time:   2011-12-11 13:49:14 (730 seconds)




 ---
 + 1 host(s) tested

 [22289] plug_set_key:internal_send(0)['1
 SentData/(null)/NOTE=Here
 is
 the
 Nikto report:\n- Nikto




 v2.1.4\n---\n+
 Target IP:  192.168.1.5\n+ Target Hostname:
 virtual-test\n+
 Target Port:80\n+ Start Time: 2011-12-11




 13:37:04\n---\n+
 Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires
 Authentication
 for
 realm
 'mrtg'\n+ No CGI Directories found (use '-C all' to force check
 all
 possible
 dirs)\n+ Apache/2.2.15 appears to be outdated (current is at
 least
 Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are
 also
 current.\n+ OSVDB-877: HTTP TRACE method is active

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I'm not giving this up, haha really need to know why this is not working.
I've tried this:

root@openvas:~/tools/pruebas# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
root@openvas:~/tools/pruebas# sudo env | grep PATH
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin
root@openvas:~/tools/pruebas# visudo
root@openvas:~/tools/pruebas# sudo env | grep PATH
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
root@openvas:~/tools/pruebas#

As you can see, nikto is in my root PATH, but when i sudo, it changes it to
the other new PATH, So i dissabled secure_path in visudo Defaults
!secure_path, and now i have the same PATH in both situations. BUT openvas
can't find nikto... it's getting me insane...

El 10 de diciembre de 2011 14:40, Juan José Pavlik Salles 
jjpav...@gmail.com escribió:

 Nope, didn't work:

 root@openvas:~# PATH=/opt/nikto:$PATH
 root@openvas:~# echo $PATH

 /opt/nikto:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
 root@openvas:~# openvas-nasl -t 200.16.16.50 nikto.nasl -X

 nikto.nasl: Not able to open nor to locate it in include paths
 root@openvas:~#

 Did anyone make it work???

 El 10 de diciembre de 2011 14:33, Brandon Perry bperry.volat...@gmail.com
  escribió:

 For a separate, independent shell, do this:

 root@openvas:~/# PATH=/opt/nikto:$PATH

 Essentially, make the first place openvas looks is the /opt/nikto folder.

 Then run the nikto nasl relatively. This may be a precedence issue on
 your system.

 root@openvas:~/# openvas-nasl -t 200.16.16.50 nikto.nasl -X

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  Here it is:
 
  root@openvas:~# echo $PATH
 
 
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
 
  This is the $PATH for an interactive shell, i also added this next two
 lines
  on the top of ~/.bashrc
 
 
  export
 
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
  alias sudo='sudo env PATH=$PATH'
 



-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

The same thing happens with arachni... I've been reading/searching all over
the web, i found this:

http://lists.wald.intevation.org/pipermail/openvas-discuss/2011-May/002906.html

Same issue, without solution. Is it a sudo problem??? Does anybody know how
find_in_path function work??

El 10 de diciembre de 2011 17:56, Juan José Pavlik Salles 
jjpav...@gmail.com escribió:

 When i run this:

 root@openvas:~/tools/pruebas# sudo -V| grep override
 Value to override user's $PATH with:
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin

 Whata about this override??? How can i change this??? any clue? i think
 this could be my problem.

 El 10 de diciembre de 2011 17:44, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

 I'm not giving this up, haha really need to know why this is not working.
 I've tried this:

 root@openvas:~/tools/pruebas# echo $PATH

 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
 root@openvas:~/tools/pruebas# sudo env | grep PATH

 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin
 root@openvas:~/tools/pruebas# visudo
 root@openvas:~/tools/pruebas# sudo env | grep PATH

 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
 root@openvas:~/tools/pruebas#

 As you can see, nikto is in my root PATH, but when i sudo, it changes it
 to the other new PATH, So i dissabled secure_path in visudo Defaults
 !secure_path, and now i have the same PATH in both situations. BUT openvas
 can't find nikto... it's getting me insane...

 El 10 de diciembre de 2011 14:40, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

  Nope, didn't work:

 root@openvas:~# PATH=/opt/nikto:$PATH
 root@openvas:~# echo $PATH

 /opt/nikto:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
 root@openvas:~# openvas-nasl -t 200.16.16.50 nikto.nasl -X

 nikto.nasl: Not able to open nor to locate it in include paths
 root@openvas:~#

 Did anyone make it work???

 El 10 de diciembre de 2011 14:33, Brandon Perry 
 bperry.volat...@gmail.com escribió:

 For a separate, independent shell, do this:

 root@openvas:~/# PATH=/opt/nikto:$PATH

 Essentially, make the first place openvas looks is the /opt/nikto
 folder.

 Then run the nikto nasl relatively. This may be a precedence issue on
 your system.

 root@openvas:~/# openvas-nasl -t 200.16.16.50 nikto.nasl -X

 2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
  Here it is:
 
  root@openvas:~# echo $PATH
 
 
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
 
  This is the $PATH for an interactive shell, i also added this next
 two lines
  on the top of ~/.bashrc
 
 
  export
 
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
  alias sudo='sudo env PATH=$PATH'
 



 --
 Pavlik Juan José




 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Here is more info:

root@openvas:/var/lib/openvas/plugins# ls -l /usr/local/bin/nikto*
lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto -
/opt/nikto/nikto
lrwxrwxrwx 1 root root 19 2011-12-09 02:04 /usr/local/bin/nikto.pl -
/opt/nikto/nikto.pl
root@openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
/opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl

nikto is a copy of nikto.pl.

El 9 de diciembre de 2011 19:05, Brandon Perry
bperry.volat...@gmail.comescribió:

 Also, 'which nikto.pl'

 2011/12/9 Brandon Perry bperry.volat...@gmail.com:
  What does 'which nikto' return
 
  2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
  Here i come again, still can't make nikto work on my reports. Now i
 tried
  using nikto.nasl with openvas-nasl command, like this:
 
  root@openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host nikto -X
  nikto: Not able to open nor to locate it in include paths
 
  There's definitly something wrong here... This is where nikto is:
 
  root@openvas:/var/lib/openvas/plugins# whereis nikto
  nikto: /etc/nikto.conf /usr/local/bin/nikto.pl /usr/local/bin/nikto
 
  Actually, /usr/local/bin/nikto and nikto.pl are symbolic links to
  /opt/nikto/nikto.pl. What else could i try???
 
  El 9 de diciembre de 2011 11:05, Juan José Pavlik Salles
  jjpav...@gmail.com escribió:
 
  I found this in my openvassd.dump log file:
 
  [15465](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
 found
  in $PATH
  [15466](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
 found
  in $PATH
 
  No surprise though.
 
  El 9 de diciembre de 2011 10:53, Juan José Pavlik Salles
  jjpav...@gmail.com escribió:
 
  I tried the alias solution:
 
  root@openvas:~/tools/pruebas# tail -3 /root/.bashrc
  #fi
  export
 
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
  alias sudo='sudo env PATH=$PATH'
  root@openvas:~/tools/pruebas#
 
  without any luck... i also comment:
 
  #Defaultsenv_reset
 
  In /etc/sudoers, because this line set reset enviroment variables as
  default. I'm really lost right now.
 
  El 9 de diciembre de 2011 06:07, Christian Kuersteiner 
 ckuer...@gmx.ch
  escribió:
 
  On 12/09/2011 11:45 AM, Juan José Pavlik Salles wrote:
 
  I've already put nikto's path in .bashrc, but it doesn't work. Why
  openvas isn't seeing the same PATH var that i see??? any clue?
 
  root@openvas:~/tools/pruebas# tail ../../.bashrc
  . ~/.bash_aliases
  fi
 
 
  sudo path is not the same as root path in Ubuntu
 (--with-secure-path).
  In Ubuntu I used the alias solution in
  http://stackoverflow.com/questions/257616/sudo-changes-path-why
 
  HTH
 
  Christian
 
 
 
 
  --
  Pavlik Juan José
 
 
 
 
  --
  Pavlik Juan José
 
 
 
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 
 
 
 
  --
  http://volatile-minds.blogspot.com -- blog
  http://www.volatileminds.net -- website



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

Hi! i'm trying to use nikto nasl in openvas 4. The first problem was that
the nikto version in the ubuntu 10.04.3 LTS repos is older than what
openvas needs, so i downloaded the latest one, and added its directory to
my PATH variable

root@openvas:~/tools/pruebas# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/root/tools/pruebas/nikto-2.1.4

But my openvas reports says:

Nikto could not be found in your system path.
OpenVAS was unable to execute Nikto and to perform the scan you
requested.
Please make sure that Nikto is installed and that nikto.pl or nikto is
available in the PATH variable defined for your environment.

I've read nikto.nasl (the plugin), and it looks for nikto or
nikto.plexecutable files, i have
nikto.pl file, but it seems openvas can't see it. Any clue???

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I just tried that but didn't work either.

This is the part of the plugin i think is killing me, the find_in_path()
function, it's no finding nikto nor nikto.pl (the one i know i have).

nikto = ;

if (  find_in_path(nikto.pl)  )
{
nikto = nikto.pl;
}
else if (  find_in_path(nikto)  )
{
nikto = nikto;
}
else
{
text = 'Nikto could not be found in your system path.\n';
text += 'OpenVAS was unable to execute Nikto and to perform the scan you
requested.\nPlease make sure that Nikto is installed and that nikto.pl or
nikto is
available in the PATH variable defined for your environment.';
log_message(port: port, data: text);
exit(0);
}

Where can i find the function definition???

El 8 de diciembre de 2011 23:32, Brandon Perry
bperry.volat...@gmail.comescribió:

 Perhaps being in /root openvas cannot see it. Try moving it to /opt or
 similar.

 2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
  I tried that one too, but doesn't work either.
 
  El 8 de diciembre de 2011 23:23, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  The error says it could not execute it, which doesn't always mean it
  couldn't find it. Perhaps chmod +x your nikto.pl
 
  2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
   Hi! i'm trying to use nikto nasl in openvas 4. The first problem was
   that
   the nikto version in the ubuntu 10.04.3 LTS repos is older than what
   openvas
   needs, so i downloaded the latest one, and added its directory to my
   PATH
   variable
  
   root@openvas:~/tools/pruebas# echo $PATH
  
  
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/root/tools/pruebas/nikto-2.1.4
  
   But my openvas reports says:
  
   Nikto could not be found in your system path.
   OpenVAS was unable to execute Nikto and to perform the scan you
   requested.
   Please make sure that Nikto is installed and that nikto.pl or nikto
 is
   available in the PATH variable defined for your environment.
  
   I've read nikto.nasl (the plugin), and it looks for nikto or nikto.pl
   executable files, i have nikto.pl file, but it seems openvas can't
 see
   it.
   Any clue???
  
   --
   Pavlik Juan José
  
   ___
   Openvas-discuss mailing list
   Openvas-discuss@wald.intevation.org
   http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
  
 
 
 
  --
  http://volatile-minds.blogspot.com -- blog
  http://www.volatileminds.net -- website
 
 
 
 
  --
  Pavlik Juan José



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Using nikto NASL

[Juan José Pavlik Salles]

I've already put nikto's path in .bashrc, but it doesn't work. Why openvas
isn't seeing the same PATH var that i see??? any clue?

root@openvas:~/tools/pruebas# tail ../../.bashrc
. ~/.bash_aliases
fi

# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
#if [ -f /etc/bash_completion ]  ! shopt -oq posix; then
#. /etc/bash_completion
#fi
export
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
root@openvas:~/tools/pruebas#


El 9 de diciembre de 2011 00:45, Mark LaCore nerdym...@gmail.com escribió:

 Don't edit the nasl, it will get overwritten when you sync the NVT next.
 Put your path to nikto in root's .bashrc. I don't think root gets what you
 put in /etc/environment or /etc/profile in some distros. Doing a symlink in
 /usr/local/bin might work too, but try the bashrc thing first.
 On Dec 8, 2011 6:31 PM, Juan José Pavlik Salles jjpav...@gmail.com
 wrote:

 I tried that one too, but doesn't work either.

 El 8 de diciembre de 2011 23:23, Brandon Perry bperry.volat...@gmail.com
  escribió:

 The error says it could not execute it, which doesn't always mean it
 couldn't find it. Perhaps chmod +x your nikto.pl

 2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
  Hi! i'm trying to use nikto nasl in openvas 4. The first problem was
 that
  the nikto version in the ubuntu 10.04.3 LTS repos is older than what
 openvas
  needs, so i downloaded the latest one, and added its directory to my
 PATH
  variable
 
  root@openvas:~/tools/pruebas# echo $PATH
 
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/root/tools/pruebas/nikto-2.1.4
 
  But my openvas reports says:
 
  Nikto could not be found in your system path.
  OpenVAS was unable to execute Nikto and to perform the scan you
  requested.
  Please make sure that Nikto is installed and that nikto.pl or nikto is
  available in the PATH variable defined for your environment.
 
  I've read nikto.nasl (the plugin), and it looks for nikto or nikto.pl
  executable files, i have nikto.pl file, but it seems openvas can't
 see it.
  Any clue???
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




 --
 Pavlik Juan José

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Fwd: Using nikto NASL

[Juan José Pavlik Salles]

-- Mensaje reenviado --
De: Juan José Pavlik Salles jjpav...@gmail.com
Fecha: 9 de diciembre de 2011 02:05
Asunto: Re: [Openvas-discuss] Using nikto NASL
Para: Mark LaCore nerdym...@gmail.com


This is part of the nikto.nasl plugin:


if (  find_in_path(nikto.pl)  )
{
nikto = nikto.pl;
}
else if (  find_in_path(nikto)  )
{
nikto = nikto;
}
else
{
text = 'Nikto could not be found in your system path.\n';
text += 'OpenVAS was unable to execute Nikto and to perform the scan you
requested.\nPlease make sure that Nikto is installed and that nikto.pl or
nikto is

available in the PATH variable defined for your environment.';
log_message(port: port, data: text);
exit(0);
}

find_in_path() function can't find nikto nor nikto.pl, but nikto.pl is in
my PATH enviroment variable.

El 9 de diciembre de 2011 01:45, Juan José Pavlik Salles jjpav...@gmail.com
 escribió:

I've already put nikto's path in .bashrc, but it doesn't work. Why openvas
 isn't seeing the same PATH var that i see??? any clue?

 root@openvas:~/tools/pruebas# tail ../../.bashrc
 . ~/.bash_aliases
 fi

 # enable programmable completion features (you don't need to enable
 # this, if it's already enabled in /etc/bash.bashrc and /etc/profile
 # sources /etc/bash.bashrc).
 #if [ -f /etc/bash_completion ]  ! shopt -oq posix; then
 #. /etc/bash_completion
 #fi
 export
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
 root@openvas:~/tools/pruebas#


 El 9 de diciembre de 2011 00:45, Mark LaCore nerdym...@gmail.comescribió:

 Don't edit the nasl, it will get overwritten when you sync the NVT next.
 Put your path to nikto in root's .bashrc. I don't think root gets what you
 put in /etc/environment or /etc/profile in some distros. Doing a symlink in
 /usr/local/bin might work too, but try the bashrc thing first.
  On Dec 8, 2011 6:31 PM, Juan José Pavlik Salles jjpav...@gmail.com
 wrote:

 I tried that one too, but doesn't work either.

 El 8 de diciembre de 2011 23:23, Brandon Perry 
 bperry.volat...@gmail.com escribió:

 The error says it could not execute it, which doesn't always mean it
 couldn't find it. Perhaps chmod +x your nikto.pl

 2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
  Hi! i'm trying to use nikto nasl in openvas 4. The first problem was
 that
  the nikto version in the ubuntu 10.04.3 LTS repos is older than what
 openvas
  needs, so i downloaded the latest one, and added its directory to my
 PATH
  variable
 
  root@openvas:~/tools/pruebas# echo $PATH
 
 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/root/tools/pruebas/nikto-2.1.4
 
  But my openvas reports says:
 
  Nikto could not be found in your system path.
  OpenVAS was unable to execute Nikto and to perform the scan you
  requested.
  Please make sure that Nikto is installed and that nikto.pl or nikto
 is
  available in the PATH variable defined for your environment.
 
  I've read nikto.nasl (the plugin), and it looks for nikto or nikto.pl
  executable files, i have nikto.pl file, but it seems openvas can't
 see it.
  Any clue???
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




 --
 Pavlik Juan José

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




 --
 Pavlik Juan José




-- 
Pavlik Juan José



-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] GSA still not working

[Juan José Pavlik Salles]

Hi, a couple of weeks ago GSA stopped working, it consumes enourmes
ammounts of cpu and the web ui doesn't load at all. I read this is caused
by a compatibility issue with the newer versions of libmicrohttpd library,
so i followed the steps to compile the older version libmicrohttpd-0.9.15.
After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i
copied it to /usr/lib and changed the symbolic:

lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 -
libmicrohttpd.so.10.13.0
-rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0
-rw-r--r-- 1 root root  72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0
-rw-r--r-- 1 root root  72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak

Then i started GSA and this showed up:

root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start
Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD
compiled without HTTPS support
ERROR.

GSA doesn't work at all... is there another workaround???

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSA still not working

[Juan José Pavlik Salles]

I didn't set any particular flag during compilation, i read the README file
and didn't find anything about it. It just says how to disable https to
save some space. Any ideas about howto turn ssl support on?

El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió:

 Did you compile libmicrohttpd with SSL support ?
 --
 Thanks, Phil

 --

 Hi, a couple of weeks ago GSA stopped working, it consumes enourmes
 ammounts of cpu and the web ui doesn't load at all. I read this is caused
 by a compatibility issue with the newer versions of libmicrohttpd library,
 so i followed the steps to compile the older version libmicrohttpd-0.9.15.
 After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i
 copied it to /usr/lib and changed the symbolic:

 lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 -
 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root  72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0
 -rw-r--r-- 1 root root  72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak

 Then i started GSA and this showed up:

 root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start
 Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD
 compiled without HTTPS support
 ERROR.

 GSA doesn't work at all... is there another workaround???

 --
 Pavlik Juan José

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss





-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSA still not working

[Juan José Pavlik Salles]

I'm sorry.. i am using Ubuntu 10.04.3 LTS.

El 29 de noviembre de 2011 09:18, Juan José Pavlik Salles 
jjpav...@gmail.com escribió:

 I didn't set any particular flag during compilation, i read the README
 file and didn't find anything about it. It just says how to disable https
 to save some space. Any ideas about howto turn ssl support on?

 El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió:

 Did you compile libmicrohttpd with SSL support ?
 --
 Thanks, Phil

 --

 Hi, a couple of weeks ago GSA stopped working, it consumes enourmes
 ammounts of cpu and the web ui doesn't load at all. I read this is caused
 by a compatibility issue with the newer versions of libmicrohttpd library,
 so i followed the steps to compile the older version libmicrohttpd-0.9.15.
 After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i
 copied it to /usr/lib and changed the symbolic:

 lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 -
 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root  72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0
 -rw-r--r-- 1 root root  72440 2011-11-29 08:49
 libmicrohttpd.so.10.14.0_bak

 Then i started GSA and this showed up:

 root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start
 Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD
 compiled without HTTPS support
 ERROR.

 GSA doesn't work at all... is there another workaround???

 --
 Pavlik Juan José

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss





 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSA still not working

[Juan José Pavlik Salles]

Ryan you saved me!! That was the problem, i hadn't install libgnutls-dev
nor libgcrypt-dev. I installed them and recompiled libmicrohttpd and now it
works great!!! Thanks!

One last thing... every time i perform a system update i should recompile
this library, right?

El 29 de noviembre de 2011 11:39, Ryan Schulze secur...@dopefish.deescribió:

  Hi Juan,

 ssl is enabled by default *if* configure finds the files it needs. Can you
 check if the packages libgnutls-dev and libgcrypt-dev are installed?
 ./configure should spit out something like this at the end:

 configure: Configuration Summary:
   Operating System:  linux-gnu
   libgcrypt: yes
   libcurl (testing): yes
   Target directory:  /usr/local
   Messages:  yes
   HTTP Authentic.:   yes
   Postproc:  yes
   HTTPS support: yes

 configure: HTTPS subsystem configuration:
   License :  LGPL only



 On 11/29/2011 6:45 AM, Juan José Pavlik Salles wrote:

 I'm sorry.. i am using Ubuntu 10.04.3 LTS.

 El 29 de noviembre de 2011 09:18, Juan José Pavlik Salles 
 jjpav...@gmail.com escribió:

 I didn't set any particular flag during compilation, i read the README
 file and didn't find anything about it. It just says how to disable https
 to save some space. Any ideas about howto turn ssl support on?

 El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió:

  Did you compile libmicrohttpd with SSL support ?
 --
 Thanks, Phil

 --

  Hi, a couple of weeks ago GSA stopped working, it consumes enourmes
 ammounts of cpu and the web ui doesn't load at all. I read this is caused
 by a compatibility issue with the newer versions of libmicrohttpd library,
 so i followed the steps to compile the older version libmicrohttpd-0.9.15.
 After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i
 copied it to /usr/lib and changed the symbolic:

  lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 -
 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0
 -rw-r--r-- 1 root root  72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0
 -rw-r--r-- 1 root root  72440 2011-11-29 08:49
 libmicrohttpd.so.10.14.0_bak

  Then i started GSA and this showed up:

  root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start
 Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD
 compiled without HTTPS support
 ERROR.

  GSA doesn't work at all... is there another workaround???

  --
 Pavlik Juan José

  ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss





  --
 Pavlik Juan José




  --
 Pavlik Juan José


 ___
 Openvas-discuss mailing 
 listOpenvas-discuss@wald.intevation.orghttp://lists.wald.intevation.org/mailman/listinfo/openvas-discuss






-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Can't login on Greenbone Security Assistant

[Juan José Pavlik Salles]

Are you trying to login from another ip than 127.0.0.1??? You should tell
greeborne to listen in another interface instead of loopback, might be
that...

2011/11/14 Luiz Cezar Quaquio cez...@gmail.com

 I am trying to login on Greenbone, but i got this mesage:
 ERROR: received handshake message out of context

 root@qbex:# netstat -antpe
 Conexões Internet Ativas (servidores e estabelecidas)
 Proto Recv-Q Send-Q Endereço Local  Endereço Remoto Estado
  User   Inode   PID/Program name
 tcp0  0 127.0.0.1:9391  0.0.0.0:*   OUÇA
   0  36236   6435/openvassd: wai
 tcp0  0 127.0.0.1:9392  0.0.0.0:*   OUÇA
   0  39279   6467/gsad
 tcp0  0 127.0.0.1:9393  0.0.0.0:*   OUÇA
   0  36265   6456/openvasad
 tcp0  0 127.0.0.1:9390  0.0.0.0:*   OUÇA
   0  37441   6445/openvasmd
 tcp0  0 127.0.0.1:9392  127.0.0.1:60296
 ESTABELECIDA 0  57516   6467/gsad
 tcp0  0 127.0.0.1:9390  127.0.0.1:60752
 ESTABELECIDA 0  56875   6652/openvasmd
 tcp0  0 127.0.0.1:34316 127.0.0.1:9391
  ESTABELECIDA 0  57517   6652/openvasmd
 tcp0  0 127.0.0.1:60752 127.0.0.1:9390
  ESTABELECIDA 0  58763   6467/gsad
 tcp0  0 127.0.0.1:9391  127.0.0.1:34316
 ESTABELECIDA 0  52453   6653/openvassd: ser

 Any ideas?

 At.

 --
   _
  °v°  Luiz Cezar Quaquio
 /(_)\ http://www.infosegura.eti.br
  ^ ^  Brasil


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] openvas.omplib

[Juan José Pavlik Salles]

Hi!, does anybody use openvas.omplib?? Is there any api i can use to
comunicate with the openvas-manager besides omp -X?? I'd like to do some
things like adding new servers or removing down ones.

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] First access

[Juan José Pavlik Salles]

Marcio, we need more information, what OS you have at least. This might
help: http://openvas.org/install-packages.html . In that link you have all
the steps you should follow to bring openvas up, in almost every distro.

2011/11/13 Marcio Carneiro via...@gmail.com

 I just installed OpenVAS but do not know how to access.
 The admin user does not exist.
 Can you help me with the first user and password?
 thank you

 --


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] GSAD is not exporting to PDF

[Juan José Pavlik Salles]

Hi, i'm trying to export my reports to pdf from the gsad web interface, but
it's not working. I just get 0 bytes pdf files. Does anybody know something
about this???

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD is not exporting to PDF

[Juan José Pavlik Salles]

Yeah, that's the problem, i haven't install pdflatex yet! But it's not in
my ubuntu 10.04.3 LTS repositories...

El 11 de noviembre de 2011 12:33, Jim Halfpenny
jim.halfpe...@gmail.comescribió:

 Hi,
 There's also an issue on CentOS with utf8x:


 http://jimhalfpenny.blogspot.com/2011/06/pdf-reports-in-greenbone-security.html

 Regards,
 Jim

 2011/11/11 Juan José Pavlik Salles jjpav...@gmail.com:
  Hi, i'm trying to export my reports to pdf from the gsad web interface,
 but
  it's not working. I just get 0 bytes pdf files. Does anybody know
 something
  about this???
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 
 




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD is not exporting to PDF

[Juan José Pavlik Salles]

Well i finally made it :D, i installed this:

*aptitude install texlive-latex-base texlive-latex-extra -y*

El 11 de noviembre de 2011 13:19, Juan José Pavlik Salles 
jjpav...@gmail.com escribió:

 Yeah, that's the problem, i haven't install pdflatex yet! But it's not in
 my ubuntu 10.04.3 LTS repositories...

 El 11 de noviembre de 2011 12:33, Jim Halfpenny 
 jim.halfpe...@gmail.comescribió:

 Hi,

 There's also an issue on CentOS with utf8x:


 http://jimhalfpenny.blogspot.com/2011/06/pdf-reports-in-greenbone-security.html

 Regards,
 Jim

 2011/11/11 Juan José Pavlik Salles jjpav...@gmail.com:
  Hi, i'm trying to export my reports to pdf from the gsad web interface,
 but
  it's not working. I just get 0 bytes pdf files. Does anybody know
 something
  about this???
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 
 




 --
 Pavlik Juan José




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Using openvas.omplib

[Juan José Pavlik Salles]

Does anybody use openvas.omplib as an easy way to talk to the
openvas-manager? I can't install it on my server. Is it really usefull? I'm
using bash and omp -X raw xml string to create targets and tasks.

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Security local checks and SLAD

[Juan José Pavlik Salles]

Hi, i'm a bit confused withe these two things. I wanna run the local
security checks on my servers, do i need the slad software??? or i just
need a credential to help openvas-scanner log-in into the server and run
the checks???

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Creating a lot of targets

[Juan José Pavlik Salles]

I guess i am. I also tried passing the user and password parameters in the
script with -u and -w, but there's no difference, still getting Failed to
read response.

El 8 de noviembre de 2011 22:27, Brandon Perry
bperry.volat...@gmail.comescribió:

 Are you authenticating properly with openvassmd?

 2011/11/8 Juan José Pavlik Salles jjpav...@gmail.com:
  Hi! it's me again. I tried creating targets with
 
  omp -X 'create_targetnamexxx/namehostspaste hosts
  here/hosts/create_target' -u username -w password
 
  and i worked great, but... i have 203 web servers to create... so this is
  not a good way. I thought about repeating that line in a bash script for
 all
  my servers, like this:
 
  #!/bin/bash
  TARGETS=/root/pruebas/web_limpio
  CONFIG=/root/pruebas/config
 
  if [ ! -e $TARGETS ]; then
  echo $TARGETS doesn't exist
  exit -1
  fi
 
  counter=0
  for i in `cat $TARGETS`;do
  cadena='create_targetnameWebserver
  $counter/namehosts$i/hosts/create_target'
  omp -X $cadena --config-file=$CONFIG
  counter=$(($counter+1))
  done
 
  But it does not work, i get Failed to read response. for every
 webserver.
  Any clue???
 
  --
  Pavlik Juan José
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 
 



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Creating a lot of targets

[Juan José Pavlik Salles]

This is the context:
*
root@openvas:~/pruebas# netstat -natp|grep openvas
tcp0  0 127.0.0.1:9390  0.0.0.0:*
ESCUCHAR1665/openvasmd
tcp0  0 127.0.0.1:9391  0.0.0.0:*
ESCUCHAR12661/openvassd: wa
tcp0  0 127.0.0.1:9393  0.0.0.0:*
ESCUCHAR16805/openvasad

root@openvas:~/pruebas# cat config
[Connection]
host=localhost
port=9390
username=admin
password=admin

root@openvas:~/pruebas# omp -X 'create_targetnameWebserver
0/namehosts200.16.30.227/hosts/create_target' --config-file=config
create_target_response status=201
id=3e7e1451-979a-4f4e-b57a-1b7b21197f8f status_text=OK, resource
created/create_target_response

root@openvas:~/pruebas# ./crear_targets.sh
Failed to read response.
^C
root@openvas:~/pruebas# **
*
crear_targets.sh is the file script i pasted in the first mail.

I have no clue... must be some stupid mistake, but it's killing me.

El 8 de noviembre de 2011 22:56, Brandon Perry
bperry.volat...@gmail.comescribió:

 is openvasmd listening on the correct IP Address/Port? (using the -a
 argument)

 2011/11/8 Juan José Pavlik Salles jjpav...@gmail.com:
  I guess i am. I also tried passing the user and password parameters in
 the
  script with -u and -w, but there's no difference, still getting Failed
 to
  read response.
 
  El 8 de noviembre de 2011 22:27, Brandon Perry 
 bperry.volat...@gmail.com
  escribió:
 
  Are you authenticating properly with openvassmd?
 
  2011/11/8 Juan José Pavlik Salles jjpav...@gmail.com:
   Hi! it's me again. I tried creating targets with
  
   omp -X 'create_targetnamexxx/namehostspaste hosts
   here/hosts/create_target' -u username -w password
  
   and i worked great, but... i have 203 web servers to create... so this
   is
   not a good way. I thought about repeating that line in a bash script
 for
   all
   my servers, like this:
  
   #!/bin/bash
   TARGETS=/root/pruebas/web_limpio
   CONFIG=/root/pruebas/config
  
   if [ ! -e $TARGETS ]; then
   echo $TARGETS doesn't exist
   exit -1
   fi
  
   counter=0
   for i in `cat $TARGETS`;do
   cadena='create_targetnameWebserver
   $counter/namehosts$i/hosts/create_target'
   omp -X $cadena --config-file=$CONFIG
   counter=$(($counter+1))
   done
  
   But it does not work, i get Failed to read response. for every
   webserver.
   Any clue???
  
   --
   Pavlik Juan José
  
   ___
   Openvas-discuss mailing list
   Openvas-discuss@wald.intevation.org
   http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
  
  
 
 
 
  --
  http://volatile-minds.blogspot.com -- blog
  http://www.volatileminds.net -- website
 
 
 
  --
  Pavlik Juan José
 



 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

[Openvas-discuss] Defining targets

[Juan José Pavlik Salles]

Hi, i am deploying openvas (trying actually) to audit some servers (more
than a fifty...). I am thinking about starting with all the webservers,
they are all in different networks and i don't feel like writing all the IP
addresses one by one in the hosts field when defining the targets. Is there
a way i can tell openvas to pick that addreses up from a text file? i've
already parsed the firewall rules so i have all the ip addresses of the
webservers listed in a file. Thanks

-- 
Pavlik Juan José
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss