[Openvas-commits] r1342 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Sep 12 15:07:53 CEST 2008


Author: chandra
Date: 2008-09-12 15:07:53 +0200 (Fri, 12 Sep 2008)
New Revision: 1342

Removed:
   trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
Removed secpod_ssh_sys_info.nasl

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2008-09-12 13:05:39 UTC (rev 1341)
+++ trunk/openvas-plugins/ChangeLog	2008-09-12 13:07:53 UTC (rev 1342)
@@ -1,3 +1,7 @@
+2008-09-12 Chandrashekhar B <bchandra at secpod.com>
+	* scripts/secpod_ssh_sys_info.nasl:
+	  Removed secpod_ssh_sys_info.nasl	
+
 2008-09-12  Thomas Reinke <reinke at securityspace.com>
 	* Fixed apache_access_wo_netmask.nasl to rely on
 	gather-package-list.nasl and kb entry created by it.

Deleted: trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl	2008-09-12 13:05:39 UTC (rev 1341)
+++ trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl	2008-09-12 13:07:53 UTC (rev 1342)
@@ -1,735 +0,0 @@
-#############################################################################
-#
-#  SSH System Security Information
-#
-#  Copyright: SecPod
-#
-#  Date Written: 2008/07/22
-#
-#  Revision: 1.2
-#
-#  Log: schandan
-#  Issue #
-#  Added "\n" at the end to all rpm packages before KB set.
-#  (It is done to support Regex match in proper way).
-#
-#  CHANGES: Jaime Blasco from AlienVault VRT
-#  ------------------------------------------------------------------------
-#  This program was written by SecPod and is licensed under the GNU GPL
-#  license. Please refer to the below link for details,
-#  http://www.gnu.org/licenses/gpl.html
-#  This header contains information regarding licensing terms under the GPL,
-#  and information regarding obtaining source code from the Author.
-#  Consequently, pursuant to section 3(c) of the GPL, you must accompany the
-#  information found in this header with any distribution you make of this
-#  Program.
-#  ------------------------------------------------------------------------
-###########################################################################
-
-
-if(description)
-{
- script_id(900014);
- script_copyright(english:"Copyright (C) 2008 SecPod");
- script_version("Revision: 1.2 ");
- script_category(ACT_GATHER_INFO);
- script_name(english:"SSH System Security Information");
- script_family(english:"General");
- script_summary(english:"Check OS Name, Version and Packages");
- desc["english"] = "
- Overview :  This script will retrieve system information on the target
- host with OS Name, Version and all installed packages.
-
- Risk factor : Informational";
-
- script_description(english:desc["english"]);
- script_dependencies("find_service.nes", "ssh_authorization.nasl");
- script_require_ports(22, "Services/ssh");
- exit(0);
-}
-
-
- include("ssh_func.inc");
-
-
- port = get_kb_item("Services/ssh");
- if(!port){
-        port = 22;
- }
-
- sock = ssh_login_or_reuse_connection();
- if(!sock)
- {
-        report = "Unable to logon into the remote host";
-        security_note(port:port, data:report);
-        exit(0);
- }
- else
- {
-        report = "Able to logon into the remote host with given credentials. SSH Local checks is enabled.";
-        security_note(port:port, data:report);
- }
-
- 
- #From gather-package-list.nasl (OpenVAs)
- # OpenVAS Vulnerability Test
-# $Id$
-# Description: Gather installed packages/rpms/etc for local security checks
-#
-# Authors:
-# Thomas Reinke <reinke at securityspace.com>
-#
-# Copyright:
-# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License Version 2
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-#
-
-
- # First command: Grab uname -a of the remote system
-uname = ssh_cmd(socket:sock, cmd:"uname -a");
-if(uname){
-	set_kb_item(name: "ssh/login/uname", value:uname);
-} else 
-{
-	report = "Unable to execute uname cmd";
-	security_note(port:port, data:report);
-	ssh_close_connection();
-	exit(0);
-}
-
- security_note(port:port, data:uname);
-# Ok...let's first check if this is a RedHat/Fedora Core/Mandrake release
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/redhat-release");
-if("Red Hat Linux release 7.3" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "RH7.3");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Red Hat Linux release 8.0 (Psyche)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "RH8.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Red Hat Linux release 9 (Shrike)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "RH9");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 1 (Yarrow)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 2 (Tettnang)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 3 (Heidelberg)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC3");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 4 (Stentz)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC4");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 5 (Bordeaux)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC5");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora Core release 6 (Zod)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC6");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora release 7 (Moonshine)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC7");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora release 8 (Werewolf)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC8");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Fedora release 9 (Sulphur)" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "FC9");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-
-# Red Hat Enterprise Linux ES release 2.1 (Panama)
-# Red Hat Enterprise Linux AS release 3 (Taroon Update 1)
-# Red Hat Enterprise Linux AS release 3 (Taroon Update 2)
-# Red Hat Enterprise Linux AS release 3 (Taroon Update 3)
-# Red Hat Enterprise Linux Desktop release 3.90
-
-if(egrep(pattern:"Red Hat Enterprise.*release 2\.1", string:rls)) {
-    set_kb_item(name: "ssh/login/release", value: "RHENT_2.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if(egrep(pattern:"Red Hat Enterprise.*release 3 ", string:rls)) {
-    set_kb_item(name: "ssh/login/release", value: "RHENT_3");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if(egrep(pattern:"Red Hat Enterprise.*release 4 ", string:rls)) {
-    set_kb_item(name: "ssh/login/release", value: "RHENT_4");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if(egrep(pattern:"Red Hat Enterprise.*release 5 ", string:rls)) {
-    set_kb_item(name: "ssh/login/release", value: "RHENT_5");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-
-if("Mandriva Linux release 2008.1" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_2008.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandriva Linux release 2008.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_2008.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandriva Linux release 2007.1" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_2007.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandriva Linux release 2007.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_2007.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandriva Linux release 2006.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_2006.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrakelinux release 10.2" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_10.2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrakelinux release 10.1" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_10.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 10.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_10.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 9.2" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_9.2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 9.1" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_9.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 8.1" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_8.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 8.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_8.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Mandrake Linux release 7.2" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "MNDK_7.2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-
-# Ok...also using /etc/redhat-release is CentOS...let's try them now
-# We'll stay with major release # checking unless we find out we need to do
-# otherwise.
-#CentOS release 4.0 (Final)
-#CentOS release 4.1 (Final)
-#CentOS release 3.4 (final)
-if("CentOS release 4" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "CENTOS4");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running CentOS release 4"));
-    exit(0);
-}
-if("CentOS release 3" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "CENTOS3");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running CentOS release 3"));
-    exit(0);
-}
-
-# Hmmm...is it Ubuntu?
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/lsb-release");
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=4.10"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU4.1");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 4.10"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=5.04"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU5.04");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 5.04"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=5.10"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU5.10");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 5.10"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=6.06"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU6.06 LTS");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 6.06"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=6.10"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU6.10");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 6.10"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=7.04"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU7.04");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 7.04"));
-    exit(0);
-}
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=7.10"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU7.10");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 7.10") + string(get_kb_list("ssh/login/release")));
-    exit(0);
-}
-
-if("DISTRIB_ID=Ubuntu"><rls && "DISTRIB_RELEASE=8.04"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "UBUNTU8.04");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Ubuntu 8.04"));
-    exit(0);
-}
-
-# How about Conectiva Linux?
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/conectiva-release");
-if("Conectiva Linux 9" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "CL9");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Conectiva Linux 9"));
-    exit(0);
-}
-if("Conectiva Linux 10" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "CL10");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Conectiva Linux 10"));
-    exit(0);
-}
-
-# How about Turbolinux?
-# Turbolinux signatures:
-# release 6.0 WorkStation (Shiga)       -- Unsupported
-# TurboLinux release 6.1 Server (Naha)	-- Unsupported
-# Turbolinux Server 6.5 (Jupiter)       -- Unsupported
-# Turbolinux Server 7.0 (Esprit)
-# Turbolinux Workstation 7.0 (Monza)
-# Turbolinux Server 8.0 (Viper)
-# Turbolinux Workstation 8.0 (SilverStone)
-# Turbolinux Server 10.0 (Celica)
-# Turbolinux Desktop 10.0 (Suzuka)
-# -- Need:
-#- Turbolinux Appliance Server 1.0 Hosting Edition
-#- Turbolinux Appliance Server 1.0 Workgroup Edition
-#- Turbolinux Home
-#- Turbolinux 10 F...
-
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/turbolinux-release");
-if("Turbolinux Server 7.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLS7");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux Workstation 7.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLWS7");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux Server 8.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLS8");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux Workstation 8.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLWS8");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux Desktop 10.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLDT10");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux Server 10.0" >< rls) {
-    set_kb_item(name: "ssh/login/release", value: "TLS10");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running ", rls));
-    exit(0);
-}
-if("Turbolinux">< rls) {
-    security_note(port:port, data:string("We have detected you are running a version of Turbolinux currently not supported by SecuritySpace.  Please report the following banner to SecuritySpace: ", rls));
-    exit(0);
-}
-
-#How about FreeBSD?  If the uname line begins with "FreeBSD ", we have a match
-if(substr(uname, 0, 7)=="FreeBSD ") {
-    version=eregmatch(pattern:"^[^ ]+ [^ ]+ ([^ ]+)+",string:uname);
-    splitup = eregmatch(pattern:"([^-]+)-([^-]+)-p([0-9]+)", string:version[1]);
-    found = 0;
-    if(!isnull(splitup)) {
-	release = splitup[1];
-	patchlevel = splitup[3];
-	found = 1;
-    } else {
-	splitup = eregmatch(pattern:"([^-]+)-RELEASE", string:version[1]);
-	if(!isnull(splitup)) {
-	    release = splitup[1];
-	    patchlevel = "0";
-	    found = 1;
-	} else {
-	    splitup=eregmatch(pattern:"([^-]+)-SECURITY",string:version[1]);
-	    if(!isnull(splitup)) {
-		release = splitup[1];
-		security_note(port:port, data:string("We have detected you are running FreeBSD ", splitup[0], ". It also appears that you are using freebsd-update, a binary update tool for keeping your distribution up to date.  We will not be able to check your core distribution for vulnerabilities, but we will check your installed ports packages."));
-		found = 2;
-	    } else {
-		security_note(port:port, data:string("You appear to be running FreeBSD, but we do not recognize the output format of uname: ", uname, ". Local security checks will NOT be run."));
-	    }
-	}
-    }
-    if(found==1) {
-	set_kb_item(name: "ssh/login/freebsdrel", value: release);
-	set_kb_item(name: "ssh/login/freebsdpatchlevel", value: patchlevel);
-	security_note(port:port, data:string("We are able to login and detect that you are running FreeBSD ", release, " Patch level: ", patchlevel));
-    }
-    if(found==2) {
-	set_kb_item(name: "ssh/login/freebsdrel", value: release);
-	security_note(port:port, data:string("We are able to login and detect that you are running FreeBSD ", release, " Patch level: Unknown"));
-    }
-    if(found!=0) {
-	buf = ssh_cmd(socket:sock, cmd:"pkg_info");
-	set_kb_item(name: "ssh/login/freebsdpkg", value:buf);
-    }
-}
-
-# Hmmm...is it Debian?
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/debian_version");
-if("2.2"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "DEB2.2");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Debian 2.2 (Potato)"));
-    exit(0);
-}
-if("3.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "DEB3.0");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Debian 3.0 (Woody)"));
-    exit(0);
-}
-if("3.1"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "DEB3.1");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Debian 3.1 (Sarge)"));
-    exit(0);
-}
-if("4.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "DEB4.0");
-    buf = ssh_cmd(socket:sock, cmd:"COLUMNS=200 dpkg -l");
-    set_kb_item(name: "ssh/login/packages", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Debian 4.0 (Etch)"));
-    exit(0);
-}
-
-# How about Slackware?
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/slackware-version");
-if("Slackware 12.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK12.0");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 12.0"));
-    exit(0);
-}
-if("Slackware 11.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK11.0");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 11.0"));
-    exit(0);
-}
-if("Slackware 10.2"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK10.2");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 10.2"));
-    exit(0);
-}
-if("Slackware 10.1"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK10.1");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 10.1"));
-    exit(0);
-}
-if("Slackware 10.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK10.0");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 10.0"));
-    exit(0);
-}
-if("Slackware 9.1"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK9.1");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 9.1"));
-    exit(0);
-}
-if("Slackware 9.0"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK9.0");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 9.0"));
-    exit(0);
-}
-if("Slackware 8.1"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "SLK8.1");
-    buf = ssh_cmd(socket:sock, cmd:"ls /var/log/packages");
-    set_kb_item(name: "ssh/login/slackpack", value:buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Slackware 8.1"));
-    exit(0);
-}
-# How about SuSe?
-# SuSE Linux 9.x (i586)
-# SUSE LINUX 11.0
-
-rls = toupper(ssh_cmd(socket:sock, cmd:"cat /etc/SuSE-release"));
-if("SUSE"><rls) {
-    ver = eregmatch(pattern:"VERSION = ([0-9\.]+)", string:rls);
-    if( isnull(ver) ) ver[1] = " ";
-    set_kb_item(name: "ssh/login/release", value: "SUSE"+ver[1]);
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running SuSE Linux "+ver[1]));
-    exit(0);
-}
-
-# How about Trustix?
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/release");
-rls2 = ssh_cmd(socket:sock, cmd:"cat /etc/trustix-release");
-if("Trustix Secure Linux release 3.0.5"><rls ||
-       "Trustix Secure Linux release 3.0.5"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL3.0.5");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 3.0.5"));
-    exit(0);
-}
-if("Trustix Secure Linux release 3.0"><rls ||
-       "Trustix Secure Linux release 3.0"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL3.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 3.0"));
-    exit(0);
-}
-if("Trustix Secure Linux release 2.2"><rls ||
-       "Trustix Secure Linux release 2.2"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL2.2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 2.2"));
-    exit(0);
-}
-if("Trustix Secure Linux release 2.1"><rls ||
-       "Trustix Secure Linux release 2.1"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL2.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 2.1"));
-    exit(0);
-}
-if("Trustix Secure Linux release 2.0"><rls ||
-       "Trustix Secure Linux release 2.0"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL2.0");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 2.0"));
-    exit(0);
-}
-if("Trustix Secure Linux release 1.5"><rls ||
-       "Trustix Secure Linux release 1.5"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL1.5");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 1.5"));
-    exit(0);
-}
-if("Trustix Secure Linux release 1.2"><rls ||
-       "Trustix Secure Linux release 1.2"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL1.2");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 1.2"));
-    exit(0);
-}
-if("Trustix Secure Linux release 1.1"><rls ||
-       "Trustix Secure Linux release 1.1"><rls2) {
-    set_kb_item(name: "ssh/login/release", value: "TSL1.1");
-    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
-    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Trustix 1.1"));
-    exit(0);
-}
-# Missing Trustix e-2
-
-# How about Gentoo? Note, just check that its ANY gentoo release, since the
-# build # doesn't matter for purposes of checking package version numbers.
-rls = ssh_cmd(socket:sock, cmd:"cat /etc/gentoo-release");
-if("Gentoo"><rls) {
-    set_kb_item(name: "ssh/login/release", value: "GENTOO");
-    set_kb_item(name: "ssh/login/gentoo", value: "GENTOO");
-    buf = ssh_cmd(socket:sock, cmd:'find /var/db/pkg -mindepth 2 -maxdepth 2 -printf "%P\\n"');
-    set_kb_item(name: "ssh/login/pkg", value: buf);
-    security_note(port:port, data:string("We are able to login and detect that you are running Gentoo"));
-	
-    #AlienVault: Changed to work with qpkg.inc
-	
-    arch = ssh_cmd(cmd: 'egrep "ARCH=" /etc/make.profile/make.defaults');
-    if ( arch )
-    {
-     buf = ereg_replace(string: buf, pattern: 'ARCH="(.*)"', replace: "\1");
-     set_kb_item(name: "ssh/login/arch", value: buf);
-    }
-    exit(0);
-}
-
-#{ "NetBSD",     "????????????????",         },
-#{ "OpenBSD",    "????????????????",         },
-#{ "WhiteBox",   "????????????????",         },
-#{ "Linspire",   "????????????????",         },
-#{ "Desktop BSD","????????????????",         },
-#{ "PC-BSD",     "????????????????",         },
-#{ "FreeSBIE",   "????????????????",         },
-#{ "JDS",        "/etc/sun-release",         },
-#{ "Yellow Dog", "/etc/yellowdog-release",   },
-
-exit(0);
-



More information about the Openvas-commits mailing list