[openvas-development] [openvas-plugins] LDAP plugin for OpenVAS

[Tim Brown]

On Thursday 09 March 2006 12:41, Tarik El-Yassem wrote:
> Hi all,
>
> I would like to commit the enclosed plugin to the OpenVAS project.
>
> -Plugin description-
> This plugin checks LDAP servers for misconfiguration and information
> leakage. It does so by using OpenLDAP queries to perform a Null-bind and
> a Null-base attack. The plugin allows a specified ammount of bytes from
> the result to be printed in the scan results. Please note that the
> plugin set provided by Tanable already contains plugins that execute a
> null-bind and a null-base attack, these plugins are licenced under the
> Tenable scripting license however. This plugin just uses a different
> method and actually prints a set ammount of information from the LDAP
> server and it is licenced under the GPL license.
>
> -Setup-
> First of all you need to have a running version of OpenLDAP on the
> OpenVAS system. Second you need to trust unsigned scripts, because it
> has not been signed. Finally, you need to copy the plugin to the plugins
> directory.
>
> I have tried to extend this plugin with a recursive funtion that tries
> to filter DN and CN information from the Null-base and Null-bind result,
> and use this to make specific connections in order to dig more
> information from the LDAP server. Unfortunately I haven't succeeded due
> to difficulties with the NASL regular expression limitations. If anyone
> knows how to do this, or has some other ideas or suggestions concerning
> this plugin, please feel free to contact me about it.
>
> Regards,
>
> Tarik

Woo!  I now declare openvas-plugins officially open ;)  Many thanks Tarik.  
We'll get this comitted ASAP.

Tim
-- 
Tim Brown, OpenVAS
<mailto:timb at openvas.org>
<http://www.openvas.org/>