[Openvas-commits] r1348 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Sep 15 15:38:11 CEST 2008 

Author: timb
Date: 2008-09-15 15:38:10 +0200 (Mon, 15 Sep 2008)
New Revision: 1348

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/ike-scan.nasl
Log:
Fixes typo in previous fix


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2008-09-15 13:36:33 UTC (rev 1347)
+++ trunk/openvas-plugins/ChangeLog	2008-09-15 13:38:10 UTC (rev 1348)
@@ -1,6 +1,10 @@
+2008-09-15 Tim Brown <timb at nth-dimension.org.uk>
+
+	* scripts/ike-scan.nasl: Fixes typo in previous fix.
+
 2008-09-15  Vlatko Kosturjak <kost at linux.hr>
 
-	* scripts/ike-scan.nasl: fixes to report right port open
+	* scripts/ike-scan.nasl: Fixes to report right port open.
 
 2008-09-15  Vlatko Kosturjak <kost at linux.hr>
 

Modified: trunk/openvas-plugins/scripts/ike-scan.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ike-scan.nasl	2008-09-15 13:36:33 UTC (rev 1347)
+++ trunk/openvas-plugins/scripts/ike-scan.nasl	2008-09-15 13:38:10 UTC (rev 1348)
@@ -121,11 +121,6 @@
 diffiehellmangroupname["4"] = "EC2N-185";
 diffiehellmangroupname["5"] = "MODP-1536";
 
-# Not sure how much value there is in supporting IKE v2
-#ike2flag = script_get_preference("Use IKE v2");
-sourceportnumber = script_get_preference("Source port number");
-destinationportnumber = script_get_preference("Destination port number");
-
 function command_construct(_ike2flag, _sourceportnumber, _destinationportnumber, _checkmode, _fingerprintmode, _groupname, _encryptionalgorithm, _hashalgorithm, _authenticationmethod, _diffiehellmangroup, _maximumretry, _maximumtimeout, _destinationipaddress)
 {
 	_argumentcounter = 0;
@@ -168,11 +163,11 @@
 	return _commandarguments;
 }
 
-function command_parse(_responsedata, _securitynote, _destinationipaddress)
+function command_parse(_responsedata, _securitynote, _destinationipaddress, _port)
 {
 	if ((_destinationipaddress >< _responsedata) && ("NO-PROPOSAL-CHOSEN" >!< _responsedata))
 	{
-		scanner_add_port(proto:"udp", port:destinationportnumber);
+		scanner_add_port(proto:"udp", port:_port);
 		_data = "IPSEC VPN endpoint detected.
 
 " + _securitynote + "
@@ -180,17 +175,21 @@
 ike-scan returned:
 
 " + _responsedata;
-		security_note(proto:"udp", port:destinationportnumber, data:_data);
+		security_note(proto:"udp", port:_port, data:_data);
 	}
 	else
 	{
 		if (_destinationipaddress >< _responsedata)
 		{
-			scanner_add_port(proto:"udp", port:destinationportnumber);
+			scanner_add_port(proto:"udp", port:_port);
 		}
 	}
 }
 
+# Not sure how much value there is in supporting IKE v2
+#ike2flag = script_get_preference("Use IKE v2");
+sourceportnumber = script_get_preference("Source port number");
+destinationportnumber = script_get_preference("Destination port number");
 if (islocalhost() && (sourceportnumber == destinationportnumber)) {
 	scanner_status(current:4, total:4);
 	set_kb_item(name:"Host/scanned", value:TRUE);
@@ -226,7 +225,7 @@
 						securitynote = "Aggressive Mode Handshaking succeeded using groupname=" + groupname + ", encryption algorithm=" + encryptionalgorithmname[encryptionalgorithm] + "(" + encryptionalgorithm + "), hash algorithm=" + hashalgorithmname[hashalgorithm] + "(" + hashalgorithm + "), authentication method=" + authenticationmethodname[authenticationmethod] + "(" + authenticationmethod + "), diffie-hellman group=" + diffiehellmangroupname[diffiehellmangroup] + "(" + diffiehellmangroup + ").
 
 Since the VPN endpoint answers to requests using IKE Aggressive Mode Handshaking, an attacker could potentially carry out a bruteforce attack against this host.";
-						command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress);
+						command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress, _port:destinationportnumber);
 					}
 				}
 			}
@@ -247,7 +246,7 @@
 					commandarguments = command_construct(_ike2flag:ike2flag, _sourceportnumber:sourceportnumber, _destinationportnumber:destinationportnumber, _checkmode:"", _groupname:"", _encryptionalgorithm:encryptionalgorithm, _hashalgorithm:hashalgorithm, _authenticationmethod:authenticationmethod, _diffiehellmangroup:diffiehellmangroup, _maximumretry:maximumretry, _maximumtimeout:maximumtimeout, _destinationipaddress:destinationipaddress);
 					responsedata = pread(cmd:"ike-scan", argv:commandarguments, cd:1, nice:5);
 					securitynote = "Main Mode Handshaking succeeded using groupname=" + groupname + ", encryption algorithm=" + encryptionalgorithmname[encryptionalgorithm] + "(" + encryptionalgorithm + "), hash algorithm=" + hashalgorithmname[hashalgorithm] + "(" + hashalgorithm + "), authentication method=" + authenticationmethodname[authenticationmethod] + "(" + authenticationmethod + "), diffie-hellman group=" + diffiehellmangroupname[diffiehellmangroup] + "(" + diffiehellmangroup + ").";
-					command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress);
+					command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress, _port:destinationportnumber);
 				}
 			}
 		}
@@ -271,7 +270,7 @@
 						securitynote = "Fingerprinting Aggressive Mode succeeded using groupname=" + groupname + ", encryption algorithm=" + encryptionalgorithmname[encryptionalgorithm] + "(" + encryptionalgorithm + "), hash algorithm=" + hashalgorithmname[hashalgorithm] + "(" + hashalgorithm + "), authentication method=" + authenticationmethodname[authenticationmethod] + "(" + authenticationmethod + "), diffie-hellman group=" + diffiehellmangroupname[diffiehellmangroup] + "(" + diffiehellmangroup + ").
 
 Since the VPN endpoint answers to requests using IKE Aggressive Mode Handshaking, an attacker could potentially carry out a bruteforce attack against this host.";
-						command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress);
+						command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress, _port:destinationportnumber);
 					}
 				}
 			}
@@ -292,7 +291,7 @@
 					commandarguments = command_construct(_ike2flag:ike2flag, _sourceportnumber:sourceportnumber, _destinationportnumber:destinationportnumber, _checkmode:"", _fingerprintmode:"--showbackoff", _groupname:"", _encryptionalgorithm:encryptionalgorithm, _hashalgorithm:hashalgorithm, _authenticationmethod:authenticationmethod, _diffiehellmangroup:diffiehellmangroup, _maximumretry:maximumretry, _maximumtimeout:maximumtimeout, _destinationipaddress:destinationipaddress);
 					responsedata = pread(cmd:"ike-scan", argv:commandarguments, cd:1, nice:5);
 					securitynote = "Fingerprinting Main Mode succeeded using groupname=" + groupname + ", encryption algorithm=" + encryptionalgorithmname[encryptionalgorithm] + "(" + encryptionalgorithm + "), hash algorithm=" + hashalgorithmname[hashalgorithm] + "(" + hashalgorithm + "), authentication method=" + authenticationmethodname[authenticationmethod] + "(" + authenticationmethod + "), diffie-hellman group=" + diffiehellmangroupname[diffiehellmangroup] + "(" + diffiehellmangroup + ").";
-					command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress);
+					command_parse(_responsedata:responsedata, _securitynote:securitynote, _destinationipaddress:destinationipaddress, _port:destinationportnumber);
 				}
 			}
 		}

More information about the Openvas-commits mailing list