[Openvas-commits] r5884 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Nov 18 11:43:11 CET 2009 

Author: mwiegand
Date: 2009-11-18 11:43:05 +0100 (Wed, 18 Nov 2009)
New Revision: 5884

Added:
   trunk/openvas-plugins/scripts/cpe.inc
   trunk/openvas-plugins/scripts/cpe_inventory.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
* scripts/cpe.inc, scripts/cpe_inventory.nasl: New NVTs for initial CPE
support.


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-11-17 22:14:21 UTC (rev 5883)
+++ trunk/openvas-plugins/ChangeLog	2009-11-18 10:43:05 UTC (rev 5884)
@@ -1,3 +1,8 @@
+2009-11-18  Michael Wiegand <michael.wiegand at intevation.de>
+
+	* scripts/cpe.inc, scripts/cpe_inventory.nasl: New NVTs for initial CPE
+	support.
+
 2009-11-17  Thomas Reinke <reinke at securityspace.com>
 
 	* scripts/deb_1933_1.nasl,

Added: trunk/openvas-plugins/scripts/cpe.inc
===================================================================
--- trunk/openvas-plugins/scripts/cpe.inc	2009-11-17 22:14:21 UTC (rev 5883)
+++ trunk/openvas-plugins/scripts/cpe.inc	2009-11-18 10:43:05 UTC (rev 5884)
@@ -0,0 +1,44 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id:
+#
+# CPE Support Functions
+#
+# Authors:
+# Michael Wiegand <michael.wiegand at intevation.de>
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+# This list has three entries for every KB-to-CPE conversion:
+# - The KB item to look for in the KB
+# - A regular expression the value of this item should be checked against
+# - The KB item to set if the check was successful
+list = make_list (
+"SMB/WindowsVersion", "5\.1", "cpe:/o:microsoft:windows-nt:xp",
+"MS/IE/Version", "6\.0", "cpe:/a:microsoft:internet_explorer:6",
+"MS/IE/Version", "7\.0", "cpe:/a:microsoft:internet_explorer:7");
+
+function translate_to_cpe () {
+  max = max_index (list) - 1;
+  for (i = 0; i < max; i = i + 3) {
+    x = get_kb_item(list[i]);
+    if (ereg(string:x, pattern:list[i + 1], icase:1)) {
+      set_kb_item (name:list[i + 2], value:TRUE);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/cpe_inventory.nasl
===================================================================
--- trunk/openvas-plugins/scripts/cpe_inventory.nasl	2009-11-17 22:14:21 UTC (rev 5883)
+++ trunk/openvas-plugins/scripts/cpe_inventory.nasl	2009-11-18 10:43:05 UTC (rev 5884)
@@ -0,0 +1,75 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id:
+#
+# CPE Inventory
+#
+# Authors:
+# Michael Wiegand <michael.wiegand at intevation.de>
+#
+# Copyright:
+# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(810002);
+  script_version("$Revision: 1.0 $");
+  script_name("CPE Inventory");
+  desc["english"] = "CPE Inventory
+
+  This NVT uses information present in the Knowledge Base (KB) to
+  determine CPE identities (http://cpe.mitre.org/) of operating
+  systems, services and applications detected during the scan.
+
+  Risk Factor: None";
+
+  script_description(desc["english"]);
+  script_summary("CPE Inventory");
+  script_category(ACT_END);
+  script_copyright("Copyright (c) 2009 Greenbone Networks GmbH");
+  script_family("Service detection");
+  exit(0);
+}
+
+
+include("cpe.inc");
+
+translate_to_cpe ();
+
+cpes = get_kb_list("cpe:/*");
+if (isnull (cpes))
+{
+  log_message (data: 'No CPE identities could be determined.');
+}
+else
+{
+  report = 'The following products were identified during the scan and related to CPE (http://cpe.mitre.org/) identities.\n\n';
+  report = report + 'This list supports verification of software inventories. It may be incomplete and contains the best guesses based on various indiciators during operating system, service and application detection routines.\n\n';
+  report = report + 'IP|CPE\n';
+
+  ip = get_host_ip ();
+
+  # TODO: Ultimately, this report should also contain
+  # the OID of the NVT which found this OS/App/Service
+  # and the port it was found listening on, if applicable.
+  foreach cpe (keys(cpes))
+  {
+    report = report + ip + '|' + cpe + '\n';
+  }
+
+  log_message (data: report);
+}

More information about the Openvas-commits mailing list