[openvas-development] [openvas-plugins] LDAP plugin for OpenVAS
timb at openvas.org
Thu Mar 9 14:47:16 CET 2006
On Thursday 09 March 2006 12:41, Tarik El-Yassem wrote:
> Hi all,
> I would like to commit the enclosed plugin to the OpenVAS project.
> -Plugin description-
> This plugin checks LDAP servers for misconfiguration and information
> leakage. It does so by using OpenLDAP queries to perform a Null-bind and
> a Null-base attack. The plugin allows a specified ammount of bytes from
> the result to be printed in the scan results. Please note that the
> plugin set provided by Tanable already contains plugins that execute a
> null-bind and a null-base attack, these plugins are licenced under the
> Tenable scripting license however. This plugin just uses a different
> method and actually prints a set ammount of information from the LDAP
> server and it is licenced under the GPL license.
> First of all you need to have a running version of OpenLDAP on the
> OpenVAS system. Second you need to trust unsigned scripts, because it
> has not been signed. Finally, you need to copy the plugin to the plugins
> I have tried to extend this plugin with a recursive funtion that tries
> to filter DN and CN information from the Null-base and Null-bind result,
> and use this to make specific connections in order to dig more
> information from the LDAP server. Unfortunately I haven't succeeded due
> to difficulties with the NASL regular expression limitations. If anyone
> knows how to do this, or has some other ideas or suggestions concerning
> this plugin, please feel free to contact me about it.
Woo! I now declare openvas-plugins officially open ;) Many thanks Tarik.
We'll get this comitted ASAP.
Tim Brown, OpenVAS
<mailto:timb at openvas.org>
More information about the Openvas-devel