[Openvas-commits] r2633 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Mar 2 13:03:36 CET 2009
Author: kost
Date: 2009-03-02 13:03:30 +0100 (Mon, 02 Mar 2009)
New Revision: 2633
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl
Log:
Made script to work with OpenVAS (did not work before!).
Extensively tested as well as made the script to check both methods
if safe_checks are disabled (MKD does not work well with every server
FTP out there, for example, check with writable dirs in proftpd!).
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-03-02 11:58:01 UTC (rev 2632)
+++ trunk/openvas-plugins/ChangeLog 2009-03-02 12:03:30 UTC (rev 2633)
@@ -1,3 +1,11 @@
+2009-03-02 Vlatko Kosturjak <kost at linux.hr>
+ * scripts/ftp_writeable_directories.nasl
+ Made script to work with OpenVAS (did not work before!). Extensively
+ tested as well as made the script to check both methods if safe_checks
+ are disabled (MKD does not work well with every server FTP out there,
+ for example, check with writable dirs in proftpd!).
+
+
2009-02-27 Chandrashekhar B <bchandra at secpod.com>
* scripts/gb_fedora_2007_762_openoffice.org_fc6.nasl
scripts/gb_fedora_2007_551_thunderbird_fc5.nasl
Modified: trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl 2009-03-02 11:58:01 UTC (rev 2632)
+++ trunk/openvas-plugins/scripts/ftp_writeable_directories.nasl 2009-03-02 12:03:30 UTC (rev 2633)
@@ -50,7 +50,7 @@
script_copyright(english:"This script is Copyright (C) 2005 TNS");
family["english"] = "FTP";
script_family(english:family["english"]);
- script_dependencie("ftp_anonymous.nasl");
+# script_dependencie("ftp_anonymous.nasl");
script_require_ports("Services/ftp", 21);
exit(0);
}
@@ -67,7 +67,7 @@
function crawl_dir(socket, directory, level )
{
- local_var port, soc2, r, dirs,array, dir, sep, str;
+ local_var port, soc2, r, dirs,array, dir, sep, str, alreadyadded;
if ( level > 20 ) return 0;
if ( directory[strlen(directory) - 1] == "/" )
@@ -81,7 +81,8 @@
soc2 = open_sock_tcp(port);
if (! soc2 ) return 0;
dirs = make_list();
-
+
+ alreadyadded=0;
if ( Mode == MODE_WRITE )
{
str = "OpenVAS" + rand_str(length:8);
@@ -95,6 +96,7 @@
if ( ! Saved_in_KB ) {
set_kb_item(name:"ftp/writeable_dir", value:directory);
Saved_in_KB ++;
+ alreadyadded=1;
}
}
}
@@ -117,17 +119,20 @@
array = eregmatch(pattern:"([drwxtSs-]*) *([0-9]*) ([0-9]*) *([^ ]*) *([0-9]*) ([^ ]*) *([^ ]*) *([^ ]*) (.*)", string:chomp(r));
if ( max_index(array) >= 9 )
{
- if ( Mode == MODE_CHECK_PERM )
- {
+# if ( Mode == MODE_CHECK_PERM )
+# {
if ( array[1] =~ "^d.......w." )
{
+ if (alreadyadded == 0)
+ {
WriteableDirs[directory + sep + array[9]] = 1;
if ( ! Saved_in_KB ) {
set_kb_item(name:"ftp/writeable_dir", value:directory + sep + array[9]);
Saved_in_KB ++;
}
+ }
}
- }
+# }
if ( array[9] != "." && array[9] != ".." )
dirs = make_list(dirs, directory + sep + array[9]);
}
@@ -145,7 +150,7 @@
port = get_kb_item("Services/ftp");
-if ( ! get_kb_item("ftp/anonymous") ) exit(0);
+# if ( ! get_kb_item("ftp/anonymous") ) exit(0);
if ( ! port ) port = 21;
if ( ! get_port_state(port) ) exit(0);
More information about the Openvas-commits
mailing list