From jan-oliver.wagner at intevation.de Fri Aug 1 09:32:09 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 1 Aug 2008 09:32:09 +0200 Subject: [Openvas-devel] Compiler warnings on openvas-libraries In-Reply-To: <200807301142.31861.timb@nth-dimension.org.uk> References: <200807101125.51160.hanno@hboeck.de> <200807301222.39659.jan-oliver.wagner@intevation.de> <200807301142.31861.timb@nth-dimension.org.uk> Message-ID: <200808010932.12147.jan-oliver.wagner@intevation.de> On Mittwoch, 30. Juli 2008, Tim Brown wrote: > The underlying problem which caused #639 should also be tagged with a FIXME. > OpenVAS is not currently 64-bit clean - again this will take some concerted > work to resolve. if you can identify the place in the code, it is a good idea to tag it. Can you do that since you have done some analysis already? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 1 09:35:42 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 1 Aug 2008 09:35:42 +0200 Subject: [Openvas-devel] Croatian translation of openvas-client In-Reply-To: <489077B3.7090904@linux.hr> References: <489077B3.7090904@linux.hr> Message-ID: <200808010935.44310.jan-oliver.wagner@intevation.de> Hello Kost, On Mittwoch, 30. Juli 2008, Vlatko Kosturjak wrote: > I made Croatian translation of openvas-client: > > hr.po.gz: I started doing Croatian translation of openvas-client, so > please put it on SVN because I don't know when I'll be able to translate > other part, so maybe someone will join me in the meantime. > > Hope it helps! thanks a lot! I've noticed you already got SVN write access and committed youself :-) I just added the missing ChangeLog entry. We usually try to manually add any change to the ChangeLog and commit this together with the actual change. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 1 09:38:45 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 1 Aug 2008 09:38:45 +0200 Subject: [Openvas-devel] Few small fixes to openvas on svn/trunk In-Reply-To: <48907730.1020402@linux.hr> References: <48907730.1020402@linux.hr> Message-ID: <200808010938.48396.jan-oliver.wagner@intevation.de> Hello Kost, On Mittwoch, 30. Juli 2008, Vlatko Kosturjak wrote: > I made few small fixes on svn/trunk of OpenVAS: > > openvas-libraries-compile-fix.diff: it's fix in function of two times > declaring the same variable (char *oldid) > > openvas-server-openvas-adduser-fix.diff: I added missing stuff to script > because it will not work without it (I see that release version as well > as SVN version have same problem). So users might have problem adding > user(s). > > aggregated.diff: it's aggregated diff (including those two fixes in one > patch, so you can apply it easier) > > Hope it helps! thanks for the fixes. I've seen that Tim comitted them already. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 1 10:58:38 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 1 Aug 2008 10:58:38 +0200 Subject: [Openvas-devel] Branching a 1-0 series to open trunk for deeper changes Message-ID: <200808011058.43455.jan-oliver.wagner@intevation.de> Hi, lat month some Change Requests where accepted that do intend to apply some deeper changes to OpenVAS Server and Client. I'd like to branch a 1-0 series in the following days to open trunk for the comprehensive changes. The 1-0 series should be treated as our stable branch and any bug fix should of course go to 1-0 as well as to trunk. I propose the branch name "branch-1-0" and I will apply it not to the whole repositorty but to the modules, step by step where needed starting with openvas-client. I do not plan to make immediate releases. Those who like to try out and test the new features should work with SVN directly for the time being. Later on we can think of something like a "1.1-beta1" release. Any comments or suggestions? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Fri Aug 1 12:10:22 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 01 Aug 2008 12:10:22 +0200 Subject: [Openvas-devel] Croatian translation of openvas-client In-Reply-To: <200808010935.44310.jan-oliver.wagner@intevation.de> References: <489077B3.7090904@linux.hr> <200808010935.44310.jan-oliver.wagner@intevation.de> Message-ID: <4892E10E.3080205@linux.hr> >> hr.po.gz: I started doing Croatian translation of openvas-client, so >> please put it on SVN because I don't know when I'll be able to translate >> other part, so maybe someone will join me in the meantime. > thanks a lot! I've noticed you already got SVN write access and committed youself :-) > I just added the missing ChangeLog entry. We usually try to manually add any > change to the ChangeLog and commit this together with the actual change. Didn't know that. Thanks for letting me know. Will do it in future commits. Is there any other practices I should be aware of? Kost From jan-oliver.wagner at intevation.de Fri Aug 1 14:39:27 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 1 Aug 2008 14:39:27 +0200 Subject: [Openvas-devel] Croatian translation of openvas-client In-Reply-To: <4892E10E.3080205@linux.hr> References: <489077B3.7090904@linux.hr> <200808010935.44310.jan-oliver.wagner@intevation.de> <4892E10E.3080205@linux.hr> Message-ID: <200808011439.30066.jan-oliver.wagner@intevation.de> On Freitag, 1. August 2008, Vlatko Kosturjak wrote: > >> hr.po.gz: I started doing Croatian translation of openvas-client, so > >> please put it on SVN because I don't know when I'll be able to translate > >> other part, so maybe someone will join me in the meantime. > > thanks a lot! I've noticed you already got SVN write access and committed youself :-) > > I just added the missing ChangeLog entry. We usually try to manually add any > > change to the ChangeLog and commit this together with the actual change. > > Didn't know that. Thanks for letting me know. Will do it in future > commits. Is there any other practices I should be aware of? no Problem. We try to collect some practices in the OpenVAS Compendium. But in fact some coffee usually does the job. Apart from precise ChangeLog, there is only some guide for indenting. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Mon Aug 4 10:15:05 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 4 Aug 2008 10:15:05 +0200 Subject: [Openvas-devel] openvas-mnaual renamed to openvas-compendium Message-ID: <200808041015.07324.jan-oliver.wagner@intevation.de> Hello, for those who work from SVN: I've recently renamed openvas-manual to openvas-compendium and replaced its contents respectively. Next I will release version 0.1.0 of the compendium. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Mon Aug 4 11:15:48 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 4 Aug 2008 11:15:48 +0200 Subject: [Openvas-devel] openvas-mnaual renamed to openvas-compendium In-Reply-To: <200808041015.07324.jan-oliver.wagner@intevation.de> References: <200808041015.07324.jan-oliver.wagner@intevation.de> Message-ID: <200808041115.51172.jan-oliver.wagner@intevation.de> On Montag, 4. August 2008, Jan-Oliver Wagner wrote: > for those who work from SVN: I've recently renamed openvas-manual > to openvas-compendium and replaced its contents respectively. > > Next I will release version 0.1.0 of the compendium. Done :-) -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Mon Aug 4 12:37:22 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 4 Aug 2008 12:37:22 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <200807091525.27304.jan-oliver.wagner@intevation.de> References: <200807091525.27304.jan-oliver.wagner@intevation.de> Message-ID: <200808041237.24176.jan-oliver.wagner@intevation.de> Hi, I'd like to push this matter now. On Mittwoch, 9. Juli 2008, Jan-Oliver Wagner wrote: > Hello OpenVAS developer team, > > I think it would be good to launch a news about OpenVAS now that > we are done with a new release cycle for all the modules. > > I could image something like this: here is my updated proposal, please improve or comment. I will prepare a german version. Where should we publish it except for openvas-announce mailing list? OpenVAS tool-chain for network vulnerability tests established and stable, now focussing tests development and documentation In July 2008 the OpenVAS developer team finished the update cycle of the 1.0 release including all four server modules and the client. Most work of this update cycle went into cleanups and support for RPM and Debian packagers. The number of necessary bug-fixes remained pleasing low. OpenVAS installation packages are readily available for various platforms: OpenSUSE, Fedora, Mandrake, FreeBSD and Gentoo. Debian and Ubuntu are in the works. OpenVAS-Client is additionally available for MS Windows operting systems. While it is been worked on comprehensive documentation, the next major challenge focussed now is to extend the range of the actual vulnerability tests for present and upcoming CVEs, BIDs etc. It is a fundamental goal of the OpenVAS project team to accompany the Free Software OpenVAS network security scanner licensend under GNU GPL with a feed of vulnerability tests being Open Source and readily available for everyone as well. Additional contributors are welcome to join the OpenVAS developer team. -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bh at intevation.de Wed Aug 6 12:09:24 2008 From: bh at intevation.de (Bernhard Herzog) Date: Wed, 06 Aug 2008 12:09:24 +0200 Subject: [Openvas-devel] [Openvas-commits] r1103 - trunk/openvas-libnasl/nasl In-Reply-To: <20080806094114.7A0A24069B@pyrosoma.intevation.org> (scm-commit@wald.intevation.org's message of "Wed, 6 Aug 2008 11:41:14 +0200 (CEST)") References: <20080806094114.7A0A24069B@pyrosoma.intevation.org> Message-ID: scm-commit at wald.intevation.org writes: > Fixed an issue with UDP socket close in nasl_close_socket [...] > --- trunk/openvas-libnasl/nasl/nasl_socket.c 2008-08-04 09:16:50 UTC (rev 1102) > +++ trunk/openvas-libnasl/nasl/nasl_socket.c 2008-08-06 09:41:14 UTC (rev 1103) > @@ -612,7 +612,7 @@ > int e; > > soc = get_int_var_by_num(lexic, 0, -1); > - if(soc <= 4) > + if(soc < 4) > { > nasl_perror(lexic, "close(): invalid argument\n"); > return NULL; This seems a bit strange. What problem does that fix, exactly? And what's the relevance of the number 4 here? Why don't the other NASL functions that accept sockets as parameters contain similar checks? Bernhard -- Bernhard Herzog Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Wed Aug 6 12:35:56 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Wed, 6 Aug 2008 16:05:56 +0530 Subject: [Openvas-devel] [Openvas-commits] r1103 -trunk/openvas-libnasl/nasl In-Reply-To: References: <20080806094114.7A0A24069B@pyrosoma.intevation.org> Message-ID: <011201c8f7b0$3c57c930$0201a8c0@mahesh> When we call open_sock_udp(port), fd value returned is 4 and upwards on multiple calls. So, when nasl_close_socket() is called, it justs returns without closing the local port bound to the socket, when the fd value is 4. A minor issue. Chandra. -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Bernhard Herzog Sent: Wednesday, August 06, 2008 3:39 PM To: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits] r1103 -trunk/openvas-libnasl/nasl scm-commit at wald.intevation.org writes: > Fixed an issue with UDP socket close in nasl_close_socket [...] > --- trunk/openvas-libnasl/nasl/nasl_socket.c 2008-08-04 09:16:50 UTC (rev 1102) > +++ trunk/openvas-libnasl/nasl/nasl_socket.c 2008-08-06 09:41:14 UTC (rev 1103) > @@ -612,7 +612,7 @@ > int e; > > soc = get_int_var_by_num(lexic, 0, -1); > - if(soc <= 4) > + if(soc < 4) > { > nasl_perror(lexic, "close(): invalid argument\n"); > return NULL; This seems a bit strange. What problem does that fix, exactly? And what's the relevance of the number 4 here? Why don't the other NASL functions that accept sockets as parameters contain similar checks? Bernhard -- Bernhard Herzog Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From bh at intevation.de Wed Aug 6 16:05:56 2008 From: bh at intevation.de (Bernhard Herzog) Date: Wed, 6 Aug 2008 16:05:56 +0200 Subject: [Openvas-devel] [Openvas-commits] r1103 -trunk/openvas-libnasl/nasl In-Reply-To: <011201c8f7b0$3c57c930$0201a8c0@mahesh> References: <20080806094114.7A0A24069B@pyrosoma.intevation.org> <011201c8f7b0$3c57c930$0201a8c0@mahesh> Message-ID: <200808061606.00225.bh@intevation.de> On 06.08.2008, Chandrashekhar B wrote: > When we call open_sock_udp(port), fd value returned is 4 and upwards on > multiple calls. So, when nasl_close_socket() is called, it justs returns > without closing the local port bound to the socket, when the fd value is 4. Well, it was more or less obvious that you ran into a situation where the sock value was 4. However, what I'd like to know is deeper, and only accidentally related to your commit. The commit modifies code which seems somewhat suspicious. My questions are more about that code in general. nasl_close_socket seems to be the only place in nasl/nasl_socket.c where the value of the socket filedescriptor is checked in this way. That in itself is strange. Why only there? Also, why can't the socket fd be less than 4? I could sort of understand 3 (0, 1, 2 are already taken by the standard streams) but 4? Does the openvas server and/or the NASL interpreter guarantee that at least one other file is open? My guess is that the check is there to prevent NASL scripts from closing file descriptors needed by openvas/NASL which includes the ones it uses for accessing the knowledgebase. If that's the case, then the test has too much knowledge of the circumstances under which the NASL interpreter runs. It should be moved to a separate function whose behavior can be influenced by the program embedding the NASL interpreter. Other functions should probably also check the descriptors. I also wonder whether the original code (disallowing any file descriptor <= 4) actually was correct and the real defect is that open_sock_udp actually returned 4. Under which circumstances does it actually do that? In my brief tests with the stand-alone nasl interpreter the smallest number it returned was 5. Bernhard -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20080806/cd940aa9/attachment.pgp From jan-oliver.wagner at intevation.de Wed Aug 6 16:18:55 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 6 Aug 2008 16:18:55 +0200 Subject: [Openvas-devel] Branching a 1-0 series to open trunk for deeper changes In-Reply-To: <200808011058.43455.jan-oliver.wagner@intevation.de> References: <200808011058.43455.jan-oliver.wagner@intevation.de> Message-ID: <200808061618.58126.jan-oliver.wagner@intevation.de> On Freitag, 1. August 2008, Jan-Oliver Wagner wrote: > Hi, > > lat month some Change Requests where accepted that do intend > to apply some deeper changes to OpenVAS Server and Client. > > I'd like to branch a 1-0 series in the following days to open > trunk for the comprehensive changes. I did so now for the client, see here for the stable 1.0 series: http://wald.intevation.org/plugins/scmsvn/viewcvs.php/branches/?root=openvas What you see also (and what I wasn't aware of anymore) are two branches inherited from very early OpenVAS times. Tim: I guess we can remove the two other branches... ? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Wed Aug 6 16:46:06 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 6 Aug 2008 16:46:06 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <200808041237.24176.jan-oliver.wagner@intevation.de> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808041237.24176.jan-oliver.wagner@intevation.de> Message-ID: <200808061646.12131.jan-oliver.wagner@intevation.de> On Montag, 4. August 2008, Jan-Oliver Wagner wrote: > here is my updated proposal, please improve or comment. > I will prepare a german version. below the german translation. > Where should we publish it except for openvas-announce mailing list? german version: http://www.pro-linux.de/ english version: openvas-announce mailing list http://lwn.net (?) Which security communities should we address? OpenVAS Tool-Chain f?r Netzwerk-Sicherheitsscans etabliert und stabil, nun steht die Entwicklung der Tests und die Dokumentation im Vordergrund. Im Juli 2008 hat das OpenVAS Entwicklungs-Team den Update-Zyklus der 1.0-Serie f?r all vier Server-Module also auch den Client abgeschlossen. Im wesentlichen wurden bei diesem Update-Zyklus Aufr?umarbeiten erledigt sowie die Ersteller von RPM und Debian Paketen unterst?tzt. Die Zahl wichtiger Bug-Fixes war erfreulich gering. OpenVAS Installationspakete sind f?r folgende Plattformen verf?gbar: OpenSUSE, Fedora, Mandrake, FreeBSD und Gentoo. Debian und Ubuntu sind in Vorbereitung. OpenVAS-Client ist ausserdem auch f?r MS Windows Betriebssysteme verf?gbar. W?hrend inzwischen an einer umfangreichen Dokumenation gearbeitet wird, liegt die wesentliche n?chste Herausforderung darin, eine m?glichst breite Abdeckung bestehender und kommender CVEs. BIDs etc. in Form weiterer Tests zu erreichen. Es ist ein grundlegendes Ziel des OpenVAS Projekt-Teams, die unter GNU GPL stehende Freie Software f?r Netzwerk-Sicherheitsscans mit einem nachhatigen Strom von aktuellen Testroutinen zu erg?nzen die ebenfalls als Open Source allgemein verf?gbar sind. Jeder Beitrag und jedes neue Team-Mitglied f?r die Test-Entwicklung ist willkommen. Verweise: www.openvas.org -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Wed Aug 6 17:26:09 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Wed, 6 Aug 2008 20:56:09 +0530 Subject: [Openvas-devel] [Openvas-commits] r1103-trunk/openvas-libnasl/nasl In-Reply-To: <200808061606.00225.bh@intevation.de> References: <20080806094114.7A0A24069B@pyrosoma.intevation.org><011201c8f7b0$3c57c930$0201a8c0@mahesh> <200808061606.00225.bh@intevation.de> Message-ID: <014401c8f7d8$c9aca2b0$0201a8c0@mahesh> -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Bernhard Herzog Sent: Wednesday, August 06, 2008 7:36 PM To: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits] r1103-trunk/openvas-libnasl/nasl On 06.08.2008, Chandrashekhar B wrote: > When we call open_sock_udp(port), fd value returned is 4 and upwards on > multiple calls. So, when nasl_close_socket() is called, it justs returns > without closing the local port bound to the socket, when the fd value is 4. > Well, it was more or less obvious that you ran into a situation where the > sock value was 4. However, what I'd like to know is deeper, and only > accidentally related to your commit. The commit modifies code which seems > somewhat suspicious. My questions are more about that code in general. > nasl_close_socket seems to be the only place in nasl/nasl_socket.c where > the value of the socket filedescriptor is checked in this way. That in > itself is strange. Why only there? Also, why can't the socket fd be less > than 4? I could sort of understand 3 (0, 1, 2 are already taken by the > standard streams) but 4? Does the openvas server and/or the NASL > interpreter guarantee that at least one other file is open? Yes, the rest of the code seems to just validate for NULL. I always get 4, let me see if I can do some testing to figure who's eating up 3. > My guess is that the check is there to prevent NASL scripts from closing > file descriptors needed by openvas/NASL which includes the ones it uses > for accessing the knowledgebase. If that's the case, then the test has > too much knowledge of the circumstances under which the NASL interpreter > runs. It should be moved to a separate function whose behavior can be > influenced by the program embedding the NASL interpreter. Other functions > should probably also check the descriptors. > I also wonder whether the original code (disallowing any file descriptor > <= 4) actually was correct and the real defect is that open_sock_udp > actually returned 4. Under which circumstances does it actually do that? > In my brief tests with the stand-alone nasl interpreter the smallest > number it returned was 5. It always returns 4 for me in stand-alone mode. > Bernhard From bh at intevation.de Wed Aug 6 17:53:05 2008 From: bh at intevation.de (Bernhard Herzog) Date: Wed, 6 Aug 2008 17:53:05 +0200 Subject: [Openvas-devel] [Openvas-commits] r1103-trunk/openvas-libnasl/nasl In-Reply-To: <014401c8f7d8$c9aca2b0$0201a8c0@mahesh> References: <20080806094114.7A0A24069B@pyrosoma.intevation.org> <200808061606.00225.bh@intevation.de> <014401c8f7d8$c9aca2b0$0201a8c0@mahesh> Message-ID: <200808061753.10769.bh@intevation.de> On 06.08.2008, Chandrashekhar B wrote: > > Also, why can't the socket fd be > > less than 4? I could sort of understand 3 (0, 1, 2 are already taken by > > the standard streams) but 4? Does the openvas server and/or the NASL > > interpreter guarantee that at least one other file is open? > > Yes, the rest of the code seems to just validate for NULL. I always get 4, > let me see if I can do some testing to figure who's eating up 3. According to /proc//fd/, on my system fd 3 is /dev/urandom and fd 4 is the nasl script. That's on a Debian Etch GNU/Linux system. Bernhard -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20080806/72e8bbd3/attachment-0001.pgp From kost at linux.hr Wed Aug 6 19:10:59 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Wed, 06 Aug 2008 19:10:59 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <200808061646.12131.jan-oliver.wagner@intevation.de> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808041237.24176.jan-oliver.wagner@intevation.de> <200808061646.12131.jan-oliver.wagner@intevation.de> Message-ID: <4899DB23.8000502@linux.hr> >> Where should we publish it except for openvas-announce mailing list? > > german version: > http://www.pro-linux.de/ > > english version: > openvas-announce mailing list > http://lwn.net (?) http://www.lxer.com http://www.digg.com http://www.slashdot.org > Which security communities should we address? bugtraq definitively mailing lists from insecure.org I think OpenVAS should have presentation about it on CCC this year too. In order to present to wider hacking communities and to attract them to submit more scripts. Especially when Nessus is now closed source software without any free feed available from Tenable. Site is: http://events.ccc.de/congress/2008/ And we can be in category "Community". I can take the task and make the slides and have some experience with talks/slides, but I definitively need someone from the project admins/initiatiors to check the slides and to talk on the stage :) Kost From jan-oliver.wagner at intevation.de Wed Aug 6 19:57:27 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 6 Aug 2008 19:57:27 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <4899DB23.8000502@linux.hr> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061646.12131.jan-oliver.wagner@intevation.de> <4899DB23.8000502@linux.hr> Message-ID: <200808061957.43349.jan-oliver.wagner@intevation.de> On Wednesday 06 August 2008 19:10, Vlatko Kosturjak wrote: > http://events.ccc.de/congress/2008/ > And we can be in category "Community". I can take the task and make the > slides and have some experience with talks/slides, but I definitively > need someone from the project admins/initiatiors to check the slides and > to talk on the stage :) that'll be great. I can assist you by reviewing your slides and answer any questions you have. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Thu Aug 7 11:44:55 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 07 Aug 2008 11:44:55 +0200 Subject: [Openvas-devel] openvasd - bug in OpenVAS server, right after portscan Message-ID: <489AC417.8080300@linux.hr> Hello! I tried to submit the bug at the following URL: http://wald.intevation.org/tracker/?group_id=29 But, I couldn't submit bug for openvas-server, there is only openvas-client and openvas-plugins in components drop down list. So. i'm sending bug report to this mailing list. I took latest SVN source as of today and recompile it. I'm using following CPU (cat /proc/cpuinfo): processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Intel(R) Pentium(R) D CPU 3.00GHz stepping : 5 cpu MHz : 2400.000 cache size : 2048 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 6 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe lm constant_tsc pebs bts sync_rdtsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm bogomips : 6004.42 clflush size : 64 processor : 1 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Intel(R) Pentium(R) D CPU 3.00GHz stepping : 5 cpu MHz : 2400.000 cache size : 2048 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 6 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe lm constant_tsc pebs bts sync_rdtsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm bogomips : 6000.00 clflush size : 64 I tried to do simple vulnerability scan on single host (with all 1-65535 ports). I used only openvas TCP scanner as port scan and right after the portscan, the openvasd child dies with sigsegv (not good sign at all!). The problem is reproducible and it is happening every time. These are the log messages (with debug option turned on): [Thu Aug 7 06:34:56 2008][25806] user XXXXXXXX starts a new scan. Target(s) : 192.168.xx.xx, with max_hosts = 20 and max_checks = 4 [Thu Aug 7 06:34:56 2008][25806] user XXXXXXXXXX : testing 192.168.xx.xx (192.168.xx.xx) [25809] [Thu Aug 7 06:38:07 2008][25809] SIGSEGV occured ! [Thu Aug 7 06:38:07 2008][25806] user XXXXXXXXX : test complete [Thu Aug 7 06:38:07 2008][25806] SIGSEGV occured ! I tried to run gdb against the openvasd running and attached to the running openvasd process. This is the backtrace: # gdb -p 28021 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". Attaching to process 28021 Reading symbols from /opt/openvas-svn/sbin/openvasd...done. Reading symbols from /opt/openvas-svn/lib/libopenvasnasl.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvasnasl.so.1 Reading symbols from /opt/openvas-svn/lib/libopenvas.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvas.so.1 Reading symbols from /opt/openvas-svn/lib/libopenvas_hg.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvas_hg.so.1 Reading symbols from /lib/tls/i686/cmov/libutil.so.1...done. Loaded symbols for /lib/tls/i686/cmov/libutil.so.1 Reading symbols from /lib/tls/i686/cmov/libnsl.so.1...done. Loaded symbols for /lib/tls/i686/cmov/libnsl.so.1 Reading symbols from /usr/lib/libpcap.so.0.8...done. Loaded symbols for /usr/lib/libpcap.so.0.8 Reading symbols from /usr/lib/libgnutls.so.13...done. Loaded symbols for /usr/lib/libgnutls.so.13 Reading symbols from /lib/tls/i686/cmov/libresolv.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libresolv.so.2 Reading symbols from /lib/tls/i686/cmov/libdl.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libdl.so.2 Reading symbols from /lib/tls/i686/cmov/libc.so.6...done. Loaded symbols for /lib/tls/i686/cmov/libc.so.6 Reading symbols from /lib/libgcrypt.so.11...done. Loaded symbols for /lib/libgcrypt.so.11 Reading symbols from /usr/lib/libgpgme.so.11...done. Loaded symbols for /usr/lib/libgpgme.so.11 Reading symbols from /lib/libgpg-error.so.0...done. Loaded symbols for /lib/libgpg-error.so.0 Reading symbols from /usr/lib/libtasn1.so.3...done. Loaded symbols for /usr/lib/libtasn1.so.3 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /lib/tls/i686/cmov/libnss_files.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libnss_files.so.2 Reading symbols from /lib/libnss_mdns4_minimal.so.2...done. Loaded symbols for /lib/libnss_mdns4_minimal.so.2 Reading symbols from /lib/tls/i686/cmov/libnss_dns.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libnss_dns.so.2 Reading symbols from /lib/libnss_mdns4.so.2...done. Loaded symbols for /lib/libnss_mdns4.so.2 0xb7fd0410 in __kernel_vsyscall () (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0xb7d1087b in ?? () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7d1087b in ?? () from /lib/tls/i686/cmov/libc.so.6 #1 0xb7d105e0 in strtol () from /lib/tls/i686/cmov/libc.so.6 #2 0xb7d0d891 in atoi () from /lib/tls/i686/cmov/libc.so.6 #3 0x08058182 in get_closed_ports () #4 0x080584a6 in requirements_plugin () #5 0x0804c1b2 in launch_plugin () #6 0x0804c659 in attack_host () #7 0x0804c92b in attack_start () #8 0x0805046d in create_process () #9 0x0804d5aa in attack_network () #10 0x08059265 in server_thread () #11 0x0805046d in create_process () #12 0x08059902 in main_loop () #13 0x0805a69c in main () (gdb) I tried to print the content of ports->name with single printf in get_closed_ports(), but then openvasd failed in printing the argument: (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0xb7ce025b in strlen () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7ce025b in strlen () from /lib/tls/i686/cmov/libc.so.6 #1 0xb7cca635 in puts () from /lib/tls/i686/cmov/libc.so.6 #2 0x08058189 in get_closed_ports () #3 0x080584be in requirements_plugin () #4 0x0804c1b2 in launch_plugin () #5 0x0804c659 in attack_host () #6 0x0804c92b in attack_start () #7 0x0805046d in create_process () #8 0x0804d5aa in attack_network () #9 0x0805927d in server_thread () #10 0x0805046d in create_process () #11 0x0805991a in main_loop () #12 0x0805a6b4 in main () (gdb) It seems like that linked list is trashed somehow. Any help finding the source of this problem? Kost From timb at nth-dimension.org.uk Fri Aug 8 00:14:23 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Thu, 7 Aug 2008 23:14:23 +0100 Subject: [Openvas-devel] Launch news? In-Reply-To: <4899DB23.8000502@linux.hr> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061646.12131.jan-oliver.wagner@intevation.de> <4899DB23.8000502@linux.hr> Message-ID: <200808072314.24316.timb@nth-dimension.org.uk> On Wednesday 06 August 2008 18:10:59 Vlatko Kosturjak wrote: > I think OpenVAS should have presentation about it on CCC this year too. > In order to present to wider hacking communities and to attract them to > submit more scripts. Especially when Nessus is now closed source > software without any free feed available from Tenable. > > Site is: > http://events.ccc.de/congress/2008/ > And we can be in category "Community". I can take the task and make the > slides and have some experience with talks/slides, but I definitively > need someone from the project admins/initiatiors to check the slides and > to talk on the stage :) I'm intending to be out at CCC :) Cheers, Tim -- Tim Brown From bchandra at secpod.com Fri Aug 8 12:38:21 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Fri, 8 Aug 2008 16:08:21 +0530 Subject: [Openvas-devel] openvasd - bug in OpenVAS server, right after portscan In-Reply-To: <489AC417.8080300@linux.hr> References: <489AC417.8080300@linux.hr> Message-ID: <009f01c8f942$e40c0590$0201a8c0@mahesh> I couldn't reproduce this on my Fedora system. Can you check your glibc version? I have glibc-2.5-3. Chandra. -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Vlatko Kosturjak Sent: Thursday, August 07, 2008 3:15 PM To: openvas-devel at wald.intevation.org Subject: [Openvas-devel] openvasd - bug in OpenVAS server,right after portscan Hello! I tried to submit the bug at the following URL: http://wald.intevation.org/tracker/?group_id=29 But, I couldn't submit bug for openvas-server, there is only openvas-client and openvas-plugins in components drop down list. So. i'm sending bug report to this mailing list. I took latest SVN source as of today and recompile it. I'm using following CPU (cat /proc/cpuinfo): processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Intel(R) Pentium(R) D CPU 3.00GHz stepping : 5 cpu MHz : 2400.000 cache size : 2048 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 6 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe lm constant_tsc pebs bts sync_rdtsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm bogomips : 6004.42 clflush size : 64 processor : 1 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Intel(R) Pentium(R) D CPU 3.00GHz stepping : 5 cpu MHz : 2400.000 cache size : 2048 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 6 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe lm constant_tsc pebs bts sync_rdtsc pni monitor ds_cpl est cid cx16 xtpr lahf_lm bogomips : 6000.00 clflush size : 64 I tried to do simple vulnerability scan on single host (with all 1-65535 ports). I used only openvas TCP scanner as port scan and right after the portscan, the openvasd child dies with sigsegv (not good sign at all!). The problem is reproducible and it is happening every time. These are the log messages (with debug option turned on): [Thu Aug 7 06:34:56 2008][25806] user XXXXXXXX starts a new scan. Target(s) : 192.168.xx.xx, with max_hosts = 20 and max_checks = 4 [Thu Aug 7 06:34:56 2008][25806] user XXXXXXXXXX : testing 192.168.xx.xx (192.168.xx.xx) [25809] [Thu Aug 7 06:38:07 2008][25809] SIGSEGV occured ! [Thu Aug 7 06:38:07 2008][25806] user XXXXXXXXX : test complete [Thu Aug 7 06:38:07 2008][25806] SIGSEGV occured ! I tried to run gdb against the openvasd running and attached to the running openvasd process. This is the backtrace: # gdb -p 28021 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". Attaching to process 28021 Reading symbols from /opt/openvas-svn/sbin/openvasd...done. Reading symbols from /opt/openvas-svn/lib/libopenvasnasl.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvasnasl.so.1 Reading symbols from /opt/openvas-svn/lib/libopenvas.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvas.so.1 Reading symbols from /opt/openvas-svn/lib/libopenvas_hg.so.1...done. Loaded symbols for /opt/openvas-svn/lib/libopenvas_hg.so.1 Reading symbols from /lib/tls/i686/cmov/libutil.so.1...done. Loaded symbols for /lib/tls/i686/cmov/libutil.so.1 Reading symbols from /lib/tls/i686/cmov/libnsl.so.1...done. Loaded symbols for /lib/tls/i686/cmov/libnsl.so.1 Reading symbols from /usr/lib/libpcap.so.0.8...done. Loaded symbols for /usr/lib/libpcap.so.0.8 Reading symbols from /usr/lib/libgnutls.so.13...done. Loaded symbols for /usr/lib/libgnutls.so.13 Reading symbols from /lib/tls/i686/cmov/libresolv.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libresolv.so.2 Reading symbols from /lib/tls/i686/cmov/libdl.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libdl.so.2 Reading symbols from /lib/tls/i686/cmov/libc.so.6...done. Loaded symbols for /lib/tls/i686/cmov/libc.so.6 Reading symbols from /lib/libgcrypt.so.11...done. Loaded symbols for /lib/libgcrypt.so.11 Reading symbols from /usr/lib/libgpgme.so.11...done. Loaded symbols for /usr/lib/libgpgme.so.11 Reading symbols from /lib/libgpg-error.so.0...done. Loaded symbols for /lib/libgpg-error.so.0 Reading symbols from /usr/lib/libtasn1.so.3...done. Loaded symbols for /usr/lib/libtasn1.so.3 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /lib/tls/i686/cmov/libnss_files.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libnss_files.so.2 Reading symbols from /lib/libnss_mdns4_minimal.so.2...done. Loaded symbols for /lib/libnss_mdns4_minimal.so.2 Reading symbols from /lib/tls/i686/cmov/libnss_dns.so.2...done. Loaded symbols for /lib/tls/i686/cmov/libnss_dns.so.2 Reading symbols from /lib/libnss_mdns4.so.2...done. Loaded symbols for /lib/libnss_mdns4.so.2 0xb7fd0410 in __kernel_vsyscall () (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0xb7d1087b in ?? () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7d1087b in ?? () from /lib/tls/i686/cmov/libc.so.6 #1 0xb7d105e0 in strtol () from /lib/tls/i686/cmov/libc.so.6 #2 0xb7d0d891 in atoi () from /lib/tls/i686/cmov/libc.so.6 #3 0x08058182 in get_closed_ports () #4 0x080584a6 in requirements_plugin () #5 0x0804c1b2 in launch_plugin () #6 0x0804c659 in attack_host () #7 0x0804c92b in attack_start () #8 0x0805046d in create_process () #9 0x0804d5aa in attack_network () #10 0x08059265 in server_thread () #11 0x0805046d in create_process () #12 0x08059902 in main_loop () #13 0x0805a69c in main () (gdb) I tried to print the content of ports->name with single printf in get_closed_ports(), but then openvasd failed in printing the argument: (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0xb7ce025b in strlen () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt #0 0xb7ce025b in strlen () from /lib/tls/i686/cmov/libc.so.6 #1 0xb7cca635 in puts () from /lib/tls/i686/cmov/libc.so.6 #2 0x08058189 in get_closed_ports () #3 0x080584be in requirements_plugin () #4 0x0804c1b2 in launch_plugin () #5 0x0804c659 in attack_host () #6 0x0804c92b in attack_start () #7 0x0805046d in create_process () #8 0x0804d5aa in attack_network () #9 0x0805927d in server_thread () #10 0x0805046d in create_process () #11 0x0805991a in main_loop () #12 0x0805a6b4 in main () (gdb) It seems like that linked list is trashed somehow. Any help finding the source of this problem? Kost _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From bchandra at secpod.com Fri Aug 8 12:50:55 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Fri, 8 Aug 2008 16:20:55 +0530 Subject: [Openvas-devel] [Openvas-commits]r1103-trunk/openvas-libnasl/nasl In-Reply-To: <200808061753.10769.bh@intevation.de> References: <20080806094114.7A0A24069B@pyrosoma.intevation.org><200808061606.00225.bh@intevation.de><014401c8f7d8$c9aca2b0$0201a8c0@mahesh> <200808061753.10769.bh@intevation.de> Message-ID: <00a001c8f944$a4d9f920$0201a8c0@mahesh> /proc/4907/fd/3 -> /usr/local/var/log/openvas/openvasd.messages /proc/4907/fd/4 -> socket:[42319] /proc/4953/fd/5 -> /dev/urandom And whne I run a scan, in the forked process, I don't see fd/4. ls -l /proc/4939/fd/ 0 1 2 3 5 6 7 8 Chandra. -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Bernhard Herzog Sent: Wednesday, August 06, 2008 9:23 PM To: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits]r1103-trunk/openvas-libnasl/nasl On 06.08.2008, Chandrashekhar B wrote: > > Also, why can't the socket fd be > > less than 4? I could sort of understand 3 (0, 1, 2 are already taken by > > the standard streams) but 4? Does the openvas server and/or the NASL > > interpreter guarantee that at least one other file is open? > > Yes, the rest of the code seems to just validate for NULL. I always get 4, > let me see if I can do some testing to figure who's eating up 3. According to /proc//fd/, on my system fd 3 is /dev/urandom and fd 4 is the nasl script. That's on a Debian Etch GNU/Linux system. Bernhard From timb at nth-dimension.org.uk Fri Aug 8 12:57:14 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Fri, 8 Aug 2008 11:57:14 +0100 Subject: [Openvas-devel] openvasd - bug in OpenVAS server, right after portscan In-Reply-To: <009f01c8f942$e40c0590$0201a8c0@mahesh> References: <489AC417.8080300@linux.hr> <009f01c8f942$e40c0590$0201a8c0@mahesh> Message-ID: <200808081157.15442.timb@nth-dimension.org.uk> On Friday 08 August 2008 11:38:21 Chandrashekhar B wrote: > I couldn't reproduce this on my Fedora system. Can you check your glibc > version? I have glibc-2.5-3. > > Chandra. Vlatko, Could you put a breakpoint on atoi and paste the contents of the registers (i r), stack (bt) and dump of the current function dissembly (disas). Might make it a bit easier for us to isolate what is triggering the SEGV allowing us to backtrace and find the route cause. Cheers, Tim -- Tim Brown From kost at linux.hr Fri Aug 8 15:07:33 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 08 Aug 2008 15:07:33 +0200 Subject: [Openvas-devel] openvasd - bug in OpenVAS server, right after portscan In-Reply-To: <200808081157.15442.timb@nth-dimension.org.uk> References: <489AC417.8080300@linux.hr> <009f01c8f942$e40c0590$0201a8c0@mahesh> <200808081157.15442.timb@nth-dimension.org.uk> Message-ID: <489C4515.4010801@linux.hr> Tim Brown wrote: > On Friday 08 August 2008 11:38:21 Chandrashekhar B wrote: >> I couldn't reproduce this on my Fedora system. Can you check your glibc >> version? I have glibc-2.5-3. I'm using Ubuntu 8.04.1 with following GLIBC version (default on Ubuntu): dpkg -l | grep -i libc6 ii libc6 2.7-10ubuntu3 GNU C Library: Shared libraries ii libc6-dev 2.7-10ubuntu3 GNU C Library: Development Libraries and Hea ii libc6-i686 2.7-10ubuntu3 GNU C Library: Shared libraries [i686 optimi Will try to put a breakpoint on atoi and get the additional data Tim requested. Kost From jan-oliver.wagner at intevation.de Mon Aug 11 09:58:14 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 11 Aug 2008 09:58:14 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <4899DB23.8000502@linux.hr> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061646.12131.jan-oliver.wagner@intevation.de> <4899DB23.8000502@linux.hr> Message-ID: <200808110958.16566.jan-oliver.wagner@intevation.de> On Mittwoch, 6. August 2008, Vlatko Kosturjak wrote: > >> Where should we publish it except for openvas-announce mailing list? > > german version: > > http://www.pro-linux.de/ done and already featured. > > english version: > > openvas-announce mailing list > > http://lwn.net (?) submitted, but don't know whether it is of interest for them. > http://www.lxer.com > http://www.digg.com > http://www.slashdot.org > > > Which security communities should we address? > > bugtraq definitively > mailing lists from insecure.org good proposals. Anyone takes over job to get our news there? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From randy at procyonlabs.com Tue Aug 19 07:33:57 2008 From: randy at procyonlabs.com (Randal T. Rioux) Date: Tue, 19 Aug 2008 01:33:57 -0400 (EDT) Subject: [Openvas-devel] Launch news? In-Reply-To: <200808061957.43349.jan-oliver.wagner@intevation.de> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061646.12131.jan-oliver.wagner@intevation.de> <4899DB23.8000502@linux.hr> <200808061957.43349.jan-oliver.wagner@intevation.de> Message-ID: <406eab506a71adddc0f37e569d68f13e.squirrel@192.168.3.3> On Wed, August 6, 2008 1:57 pm, Jan-Oliver Wagner wrote: > On Wednesday 06 August 2008 19:10, Vlatko Kosturjak wrote: >> http://events.ccc.de/congress/2008/ And we can be in category >> "Community". I can take the task and make the slides and have some >> experience with talks/slides, but I definitively need someone from the >> project admins/initiatiors to check the slides and to talk on the stage >> :) > > that'll be great. I can assist you by reviewing your slides and answer > any questions you have. I am considering going to CCC - possibly to speak (unrelated to OpenVAS). I've never been to Europe either (living in Washingon, DC). I can help out there if I go. Thanks, Randy From jan-oliver.wagner at intevation.de Tue Aug 19 22:54:48 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Tue, 19 Aug 2008 22:54:48 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <406eab506a71adddc0f37e569d68f13e.squirrel@192.168.3.3> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061957.43349.jan-oliver.wagner@intevation.de> <406eab506a71adddc0f37e569d68f13e.squirrel@192.168.3.3> Message-ID: <200808192254.52262.jan-oliver.wagner@intevation.de> On Dienstag, 19. August 2008, Randal T. Rioux wrote: > On Wed, August 6, 2008 1:57 pm, Jan-Oliver Wagner wrote: > > On Wednesday 06 August 2008 19:10, Vlatko Kosturjak wrote: > >> http://events.ccc.de/congress/2008/ And we can be in category > >> "Community". I can take the task and make the slides and have some > >> experience with talks/slides, but I definitively need someone from the > >> project admins/initiatiors to check the slides and to talk on the stage > >> :) > > > > that'll be great. I can assist you by reviewing your slides and answer > > any questions you have. > > I am considering going to CCC - possibly to speak (unrelated to OpenVAS). > I've never been to Europe either (living in Washingon, DC). > > I can help out there if I go. Randy, Vlatko, Tim can you coordinate on this? I'd be happy to see a OpenVAS talk at CCC. I am not sure I can attend. But if you happen to be around (coming from outside Germany), its only a 3hrs train to get to Osnabr?ck. You are welcome :-) Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From swurth at astaro.com Wed Aug 20 15:27:38 2008 From: swurth at astaro.com (Sven Wurth) Date: Wed, 20 Aug 2008 06:27:38 -0700 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems Message-ID: <13A7D16E6BC8794CB20DF8218B944BB20C424030@dhost002-54.dex002.intermedia.net> Hi openvas ML, I have a problem with making openvas-libnasl-1.0.1 on my Debian Lenny. I attached the output of my "make". Any ideas? best regards Sven ----------------------------------------------------------------------------------------- make[1]: Entering directory `/root/openvas-libnasl-1.0.1/nasl' /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_packet_forgery.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_socket.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_crypto.c nasl_crypto.c: In function 'nasl_gcrypt_hash': nasl_crypto.c:76: warning: pointer targets in passing argument 1 of 'nasl_strndup' differ in signedness /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c -DNESSUS_STATE_DIR=\"/usr/local/var\" nasl_crypto2.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_http.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_host.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_text_utils.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_nessusd_glue.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_misc_funcs.c ^[OH/bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c -DNESSUS_STATE_DIR=\"/usr/local/var\" nasl_cmd_exec.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c capture_packet.c bison -d -v -t -p nasl nasl_grammar.y nasl_grammar.y:47 parser name defined to default :"parse" /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_grammar.tab.c /usr/share/bison++/bison.cc: In function 'naslparse': /usr/share/bison++/bison.cc:730: error: too few arguments to function 'nasllex' make[1]: *** [nasl_grammar.tab.o] Error 1 make[1]: Leaving directory `/root/openvas-libnasl-1.0.1/nasl' make: *** [all] Error 2 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20080820/120397ab/attachment.html From kost at linux.hr Thu Aug 21 10:24:18 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 21 Aug 2008 10:24:18 +0200 Subject: [Openvas-devel] Launch news? In-Reply-To: <200808192254.52262.jan-oliver.wagner@intevation.de> References: <200807091525.27304.jan-oliver.wagner@intevation.de> <200808061957.43349.jan-oliver.wagner@intevation.de> <406eab506a71adddc0f37e569d68f13e.squirrel@192.168.3.3> <200808192254.52262.jan-oliver.wagner@intevation.de> Message-ID: <48AD2632.6040102@linux.hr> >>>> http://events.ccc.de/congress/2008/ And we can be in category >>>> "Community". I can take the task and make the slides and have some >>>> experience with talks/slides, but I definitively need someone from the >>>> project admins/initiatiors to check the slides and to talk on the stage >>> that'll be great. I can assist you by reviewing your slides and answer >>> any questions you have. >> I am considering going to CCC - possibly to speak (unrelated to OpenVAS). >> I've never been to Europe either (living in Washingon, DC). > Randy, Vlatko, Tim can you coordinate on this? I just got back from vacation. So, I'm ready to continue with this (and with debugging the bug I sent earlier). I plan to attend the CCC anyway too. I already created account for submitting the talk. For submitting the paper, here's my proposition to entry fields: Dates are: December 27th to 30th, 2008 Title: OpenVAS - Really free vulnerability scanner Subtitle: Nessus is closed, long live OpenVAS! Language: English Track: Community Event type: Lecture Submission notes: Abstract: Full description: Links: http://www.openvas.org For abstract and full description we can extract some parts from launch news text. Just please, check if the title and other fields are going into right direction... > But if you happen to be around (coming from outside Germany), > its only a 3hrs train to get to Osnabr?ck. You are welcome :-) Thanks for inviting. If there will be critical mass for such adventure, I might join! :) Kost From michael.wiegand at intevation.de Thu Aug 21 11:33:40 2008 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 21 Aug 2008 11:33:40 +0200 Subject: [Openvas-devel] Preparing -server 1.0.2 release Message-ID: <200808211133.41239.michael.wiegand@intevation.de> Hello, as you may have observed on this list and on -discuss, there was an issue in -server 1.0.1 that caused problems when adding new users and another one that caused SIGSEGV when starting a scan. Both bugs are now fixed in trunk as well as in the 1.0-branch (big thanks to Vlatko!). Since these bugs do break functionality in certain circumstances, I'd like to do a 1.0.2 release for -server as soon as possible. Please let me know if you can think of anything that should delay this release; otherwise, I'd like to do the release on Friday morning. If you have suffered from the bugs described above, please checkout the 1.0 branch from SVN (located at branches/openvas-server-1-0) and let me know if it fixes the problems. Thanks! Regards, Michael -- Michael Wiegand OpenPGP key: D7D049EC Intevation GmbH, Osnabr?ck http://www.intevation.de/ Amtsgericht Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Thu Aug 21 14:38:48 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 21 Aug 2008 14:38:48 +0200 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems In-Reply-To: <13A7D16E6BC8794CB20DF8218B944BB20C424030@dhost002-54.dex002.intermedia.net> References: <13A7D16E6BC8794CB20DF8218B944BB20C424030@dhost002-54.dex002.intermedia.net> Message-ID: <200808211438.51295.jan-oliver.wagner@intevation.de> On Mittwoch, 20. August 2008, Sven Wurth wrote: > I have a problem with making openvas-libnasl-1.0.1 on my Debian Lenny. > I attached the output of my "make". > > Any ideas? not yet. Can you send nasl_grammar.tab.c and nasl_grammar.y so I can compare with my files. Ther might be some difference. If you have Etch as well, you can try comaprison yourself, it is just a guess it might be in these two files. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Thu Aug 21 15:16:25 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 21 Aug 2008 15:16:25 +0200 Subject: [Openvas-devel] smb_nt.inc In-Reply-To: <488A8FCB.40208@securityspace.com> References: <001a01c8eb35$82b73d20$0301a8c0@mahesh> <200807260044.32187.jan-oliver.wagner@intevation.de> <488A8FCB.40208@securityspace.com> Message-ID: <200808211516.27373.jan-oliver.wagner@intevation.de> On Samstag, 26. Juli 2008, Thomas Reinke wrote: > Jan-Oliver Wagner wrote: > > Am Freitag, 25. Juli 2008 08:07:51 schrieb Chandrashekhar B: > >> This came from 2004 GPL release of Tenable. > > > > do you have the release version at hand? > > > >> The revision we have is 1.75 > >> which doesn't have any license header. A later version of smb_nt.inc (1.81) > >> has Tenable copyright. > > > > this sounds promising. However, I am still interested in a comment by Javier. > ^^^^^^^^^^^^^^^^^^^^^^^^ > > Dec 7th email from Renaud, announcing plugin feed changes, > said as follows: > > "- The first one, is that the current feed will only contain GPL plugins > (ie: currently about 2,000 plugins)..." > > The Jan 2nd, 2005 plugin feed (from the above statement, > containing only GPL plugins) contained 1959 files. > smb_nt.inc version 1.75 was one of them.) > > >> Also, we saw smb_hotfixes.inc in OpenVAS plugin set which is copyrighted. > > > > hm, indeed there is a copyright header of Tenable. While a copyright as such > > does not say anything about the license, I wonder why this file escaped our > > analysis so far. Or why it might have qualified as GPL. This requires further > > investigation. > > smb_hotfixes.inc, version 1.7, was included in the same Jan 2nd, 2005 > feed mentioned above. I've moved my mind about this and came to the same conclusion that we should assume any NASL script that was included in the GPL feed as GPLed by default. Only exception are if the header explicitely states another license and if Tenable explicitley says (and argues) something was not GPL although they announce so 2004-12-7: """ Basically, several changes are occuring : - The first one, is that the current feed will only contain GPL plugins (ie: currently about 2,000 plugins). This means that the current command "nessus-update-plugins" will continue to work properly, but you will get less plugins than what you can get today, as (as many of you have noticed), plugins released by my company (Tenable) are *not* released under the GPL """ The only problem is to find a clean download of the plugin feed that is not mixed up with a local nessus-plugins installation that contained already proprietary plugins. If anyone has such lying around, I'd be glad to receive it as I do not have such. Helpful would be one from the very first days of GPL feed and one of the very last days. However to my best knowledge for this special case of smb_nt.inc it is clearified and I will commit it to openvas-client. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Thu Aug 21 19:58:44 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 21 Aug 2008 19:58:44 +0200 Subject: [Openvas-devel] [Fwd: Re: Nessus free feed] Message-ID: <48ADACD4.7060705@linux.hr> I was testing AlienVault's nessus's free feed with OpenVAS and sent the bug report few weeks earlier. It seems they are having binaries in their feed (specifically nessus_tcp_scanner.nes). But, that's not the single problem, problem is that they're compiled it for single platform (Intel, 64bit, ...) Just for your info & somebody comes up with bug report... ...and to come up with some solution if some NVT depends on nessus_tcp_scanner.nes to work with openvas_tcp_scanner.nes.... -------- Original Message -------- Subject: Re: Nessus free feed Date: Fri, 08 Aug 2008 15:18:58 +0200 From: Vlatko Kosturjak To: Dominique Karg CC: code at alienvault.com Hello and greetings from Croatia! I have another report, this time bug request. It seems that your feed is (r)syncing file nessus_tcp_scanner.nes which does not work on all platforms (it seems it's compiled for 64bit). Look: nessus_tcp_scanner.nes: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), stripped Why do you have such file at all? This should come with Nessus/OpenVAS anyway, but there is still issue with dependencies - i.e. if some sciprt requires explicitly nessus_tcp_scanner (at least, we need to work out some solution for OpenVas because it is called differently - openvas_tcp_scanner.nes) Hope it helps! From jan-oliver.wagner at intevation.de Thu Aug 21 21:42:07 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 21 Aug 2008 21:42:07 +0200 Subject: [Openvas-devel] [Fwd: Re: Nessus free feed] In-Reply-To: <48ADACD4.7060705@linux.hr> References: <48ADACD4.7060705@linux.hr> Message-ID: <200808212142.09467.jan-oliver.wagner@intevation.de> On Donnerstag, 21. August 2008, Vlatko Kosturjak wrote: > I was testing AlienVault's nessus's free feed with OpenVAS and sent the > bug report few weeks earlier. I only now learned about the existance of AlienVault. AFAIKT they did not contact OpenVAS Team so far though their aims seem pretty much similar to those of OpenVAS. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Thu Aug 21 23:48:42 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 21 Aug 2008 23:48:42 +0200 Subject: [Openvas-devel] [Fwd: Re: Nessus free feed] In-Reply-To: <200808212142.09467.jan-oliver.wagner@intevation.de> References: <48ADACD4.7060705@linux.hr> <200808212142.09467.jan-oliver.wagner@intevation.de> Message-ID: <48ADE2BA.1090801@linux.hr> Jan-Oliver Wagner wrote: > On Donnerstag, 21. August 2008, Vlatko Kosturjak wrote: >> I was testing AlienVault's nessus's free feed with OpenVAS and sent the >> bug report few weeks earlier. > I only now learned about the existance of AlienVault. > AFAIKT they did not contact OpenVAS Team so far though their > aims seem pretty much similar to those of OpenVAS. Well, in some of their documentation on the web I read they got specific OID for their feed from OpenVas team. Probably there's someone else in contact with them... Kost From jan-oliver.wagner at intevation.de Fri Aug 22 00:02:54 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 22 Aug 2008 00:02:54 +0200 Subject: [Openvas-devel] [Fwd: Re: Nessus free feed] In-Reply-To: <48ADE2BA.1090801@linux.hr> References: <48ADACD4.7060705@linux.hr> <200808212142.09467.jan-oliver.wagner@intevation.de> <48ADE2BA.1090801@linux.hr> Message-ID: <200808220002.56524.jan-oliver.wagner@intevation.de> On Donnerstag, 21. August 2008, Vlatko Kosturjak wrote: > Jan-Oliver Wagner wrote: > > On Donnerstag, 21. August 2008, Vlatko Kosturjak wrote: > >> I was testing AlienVault's nessus's free feed with OpenVAS and sent the > >> bug report few weeks earlier. > > I only now learned about the existance of AlienVault. > > AFAIKT they did not contact OpenVAS Team so far though their > > aims seem pretty much similar to those of OpenVAS. > > Well, in some of their documentation on the web I read they got specific > OID for their feed from OpenVas team. Probably there's someone else in > contact with them... I stumbled across this as well. Perhaps I missed something. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From timb at nth-dimension.org.uk Fri Aug 22 11:25:25 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Fri, 22 Aug 2008 10:25:25 +0100 Subject: [Openvas-devel] [Fwd: Re: Nessus free feed] In-Reply-To: <200808212142.09467.jan-oliver.wagner@intevation.de> References: <48ADACD4.7060705@linux.hr> <200808212142.09467.jan-oliver.wagner@intevation.de> Message-ID: <200808221025.26162.timb@nth-dimension.org.uk> On Thursday 21 August 2008 20:42:07 Jan-Oliver Wagner wrote: > On Donnerstag, 21. August 2008, Vlatko Kosturjak wrote: > > I was testing AlienVault's nessus's free feed with OpenVAS and sent the > > bug report few weeks earlier. > > I only now learned about the existance of AlienVault. > AFAIKT they did not contact OpenVAS Team so far though their > aims seem pretty much similar to those of OpenVAS. > > Best > > Jan They did. I've been discussing things with them for a while. They're the OSSIM guys and their plugins already support OpenVAS including script_oid() :). Cheers, Tim -- Tim Brown From anosek at suse.cz Tue Aug 26 08:52:27 2008 From: anosek at suse.cz (Ales Nosek) Date: Tue, 26 Aug 2008 08:52:27 +0200 Subject: [Openvas-devel] License clarification: webserver_favicon.nasl Message-ID: <48B3A82B.5090605@suse.cz> Hello, There is a statement in openvas-plugins-1.0.2/scripts/webserver_favicon.nasl: "Licensed under the GPL as available at http://www.gnu.org/licenses/gpl.html" This is ambiguous, as this website is changed with every update of the GPL. Thus, if the script comes from <= June 2007, the author would have licensed it under the GPLv2. After June 2007, it would be the GPLv3. Please, could you change that statement to something like "Licensed under the GPL v3 or later"? It would help to clarify the licensing situation considerably. Thank you Ales From jan-oliver.wagner at intevation.de Wed Aug 27 14:40:25 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 27 Aug 2008 14:40:25 +0200 Subject: [Openvas-devel] [Openvas-commits] r1226 - trunk/openvas-plugins/scripts In-Reply-To: <20080827095807.7011B406CC@pyrosoma.intevation.org> References: <20080827095807.7011B406CC@pyrosoma.intevation.org> Message-ID: <200808271440.27345.jan-oliver.wagner@intevation.de> Hello Chandra, On Mittwoch, 27. August 2008, scm-commit at wald.intevation.org wrote: > Author: chandra > Date: 2008-08-27 11:58:06 +0200 (Wed, 27 Aug 2008) > New Revision: 1226 > > Modified: > trunk/openvas-plugins/scripts/ssh_func.inc > Log: > Bug fixes > > Modified: trunk/openvas-plugins/scripts/ssh_func.inc most of the changes were renaming OpenVAS to Nessus or just adding "Nessus" notes. Is there a deeper intention behind this or was it just an accident? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Wed Aug 27 14:50:26 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 27 Aug 2008 14:50:26 +0200 Subject: [Openvas-devel] [Openvas-commits] r1227 - trunk/openvas-plugins/scripts In-Reply-To: <20080827101414.029A8406F8@pyrosoma.intevation.org> References: <20080827101414.029A8406F8@pyrosoma.intevation.org> Message-ID: <200808271450.28460.jan-oliver.wagner@intevation.de> Hello Chandra, On Mittwoch, 27. August 2008, scm-commit at wald.intevation.org wrote: > Author: chandra > Date: 2008-08-27 12:14:14 +0200 (Wed, 27 Aug 2008) > New Revision: 1227 > > Added: > trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl > Log: > Added with number of modifications from the original GPL > > Added: trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl 2008-08-27 09:58:06 UTC (rev 1226) > +++ trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl 2008-08-27 10:14:14 UTC (rev 1227) > @@ -0,0 +1,82 @@ > +# > +# This script was written by Renaud Deraison > +# > +# See the Nessus Scripts License for details it would be very good to clarfify such commits with regard to the origin of the file. Did come from the Nessus GPL feed? Date? Or was it taken from a nessus-plugins tar ball? Version? Next, the License should be explicitely named. The "Nessus Script License" has no meaning within the OpenVAS distribution. Accompanied by the rationale (at least for the commit message) from the the script was taken and why it is GPL, it make sense to add the License "GPLv2" in the header of the script. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Thu Aug 28 11:28:43 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 28 Aug 2008 14:58:43 +0530 Subject: [Openvas-devel] [Openvas-commits] r1226 -trunk/openvas-plugins/scripts In-Reply-To: <200808271440.27345.jan-oliver.wagner@intevation.de> References: <20080827095807.7011B406CC@pyrosoma.intevation.org> <200808271440.27345.jan-oliver.wagner@intevation.de> Message-ID: <001b01c908f0$79e31bf0$0201a8c0@mahesh> 'Nessus' is an accidental checkin, have reverted those now. But, there were other fixes in, 1. ssh_cmd() - A non-existing command is run, it returns 'command not found' error which has to be treated differently so that NVT's are aware. 2. ssh_reuse_connection() - when multiple NVT's are run which are querying ssh_reuse_connection, they end up getting the same local_channel and they fail. Chandra. -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner Sent: Wednesday, August 27, 2008 6:10 PM To: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits] r1226 -trunk/openvas-plugins/scripts Hello Chandra, On Mittwoch, 27. August 2008, scm-commit at wald.intevation.org wrote: > Author: chandra > Date: 2008-08-27 11:58:06 +0200 (Wed, 27 Aug 2008) > New Revision: 1226 > > Modified: > trunk/openvas-plugins/scripts/ssh_func.inc > Log: > Bug fixes > > Modified: trunk/openvas-plugins/scripts/ssh_func.inc most of the changes were renaming OpenVAS to Nessus or just adding "Nessus" notes. Is there a deeper intention behind this or was it just an accident? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From bchandra at secpod.com Thu Aug 28 11:37:11 2008 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 28 Aug 2008 15:07:11 +0530 Subject: [Openvas-devel] [Openvas-commits] r1227 -trunk/openvas-plugins/scripts In-Reply-To: <200808271450.28460.jan-oliver.wagner@intevation.de> References: <20080827101414.029A8406F8@pyrosoma.intevation.org> <200808271450.28460.jan-oliver.wagner@intevation.de> Message-ID: <001c01c908f1$a88fd9b0$0201a8c0@mahesh> This came from the 2005 GPL feed and it has been re-written completely except for reusing the script_id and NVT file name. But the "Nessus Script License" has been retained. There are many other NVT's that have this license infact and also there are NVT's that depend on smb_reg_service_pack.nasl which were broken. So, I can either retain the original license as it is GPL or introduce GPLv2. Chandra. -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner Sent: Wednesday, August 27, 2008 6:20 PM To: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] [Openvas-commits] r1227 -trunk/openvas-plugins/scripts Hello Chandra, On Mittwoch, 27. August 2008, scm-commit at wald.intevation.org wrote: > Author: chandra > Date: 2008-08-27 12:14:14 +0200 (Wed, 27 Aug 2008) > New Revision: 1227 > > Added: > trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl > Log: > Added with number of modifications from the original GPL > > Added: trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl 2008-08-27 09:58:06 UTC (rev 1226) > +++ trunk/openvas-plugins/scripts/smb_reg_service_pack.nasl 2008-08-27 10:14:14 UTC (rev 1227) > @@ -0,0 +1,82 @@ > +# > +# This script was written by Renaud Deraison > +# > +# See the Nessus Scripts License for details it would be very good to clarfify such commits with regard to the origin of the file. Did come from the Nessus GPL feed? Date? Or was it taken from a nessus-plugins tar ball? Version? Next, the License should be explicitely named. The "Nessus Script License" has no meaning within the OpenVAS distribution. Accompanied by the rationale (at least for the commit message) from the the script was taken and why it is GPL, it make sense to add the License "GPLv2" in the header of the script. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From jan-oliver.wagner at intevation.de Thu Aug 28 12:27:41 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 28 Aug 2008 12:27:41 +0200 Subject: [Openvas-devel] [Openvas-commits] r1226 -trunk/openvas-plugins/scripts In-Reply-To: <001b01c908f0$79e31bf0$0201a8c0@mahesh> References: <20080827095807.7011B406CC@pyrosoma.intevation.org> <200808271440.27345.jan-oliver.wagner@intevation.de> <001b01c908f0$79e31bf0$0201a8c0@mahesh> Message-ID: <200808281227.43656.jan-oliver.wagner@intevation.de> On Donnerstag, 28. August 2008, Chandrashekhar B wrote: > 'Nessus' is an accidental checkin, have reverted those now. But, there were > other fixes in, > 1. ssh_cmd() - A non-existing command is run, it returns 'command not found' > > error which has to be treated differently so that NVT's are aware. > 2. ssh_reuse_connection() - when multiple NVT's are run which are querying > ssh_reuse_connection, they end up getting the same local_channel and they > > fail. thanks a lot for the fixes! Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Thu Aug 28 12:30:50 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 28 Aug 2008 12:30:50 +0200 Subject: [Openvas-devel] [Openvas-commits] r1227 -trunk/openvas-plugins/scripts In-Reply-To: <001c01c908f1$a88fd9b0$0201a8c0@mahesh> References: <20080827101414.029A8406F8@pyrosoma.intevation.org> <200808271450.28460.jan-oliver.wagner@intevation.de> <001c01c908f1$a88fd9b0$0201a8c0@mahesh> Message-ID: <200808281230.52261.jan-oliver.wagner@intevation.de> On Donnerstag, 28. August 2008, Chandrashekhar B wrote: > This came from the 2005 GPL feed and it has been re-written completely > except for reusing the script_id and NVT file name. But the "Nessus Script > License" has been retained. There are many other NVT's that have this > license infact and also there are NVT's that depend on > smb_reg_service_pack.nasl which were broken. > > So, I can either retain the original license as it is GPL or introduce > GPLv2. GPLv2+ is my preference. "+" stands for "or any later version". If you have re-written it completely, then you should put your authorship and copyright into the header anyway. If you did similar works on other scripts, it would be great to clearify license, authorship and copyright as well. All the best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From c_edjenguele at yahoo.it Thu Aug 28 15:59:54 2008 From: c_edjenguele at yahoo.it (Christian Eric EDJENGUELE) Date: Thu, 28 Aug 2008 13:59:54 +0000 (GMT) Subject: [Openvas-devel] OpenVAS contest Message-ID: <753828.35883.qm@web26003.mail.ukl.yahoo.com> Hello all, I should be interedted to participate to the OpenVAS contest, I'm new in this project, so?first I have to master OpenVAS architecture and internal! howerver, I've a previous developement experience about two years in the IT security field and security checks development. I'm also comfortable in writing nasl script. so?here is a summary of my contribution: 1) Internationalisation ??? * tranlation of openvas-client?(po file) to?french, since I'm a native?speaker 2) openvas-plugins? ??? * implementation of?.nasl script for recent security alerts with fully functional exploit code ??? * implementation of new .nasl script to detect additional software ??? * implementation of? new?routines to perform?operating system?fingerprint 3) If Possible: Cross Platform OpenVAS-Client ??? * alternate user interface based on python web application framework:?cherry python ???? What do you think ? ?=== Christian Eric Edjenguele IT Security Software Developer & Researcher tel. +39 3408580513 View my linkedin profile: http://www.linkedin.com/in/edjenguele My blog: http://www.edjenguele.blogspot.com -- Management, Developers, Security Professionals ? can only result in one thing?? better security. http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th 2008 __________________________________________________ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it From jan-oliver.wagner at intevation.de Thu Aug 28 23:21:29 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 28 Aug 2008 23:21:29 +0200 Subject: [Openvas-devel] OpenVAS contest In-Reply-To: <753828.35883.qm@web26003.mail.ukl.yahoo.com> References: <753828.35883.qm@web26003.mail.ukl.yahoo.com> Message-ID: <200808282321.31999.jan-oliver.wagner@intevation.de> Hello Christian, On Thursday 28 August 2008 15:59, Christian Eric EDJENGUELE wrote: > I should be interedted to participate to the OpenVAS contest, > I'm new in this project, so?first I have to master OpenVAS architecture and > internal! howerver, I've a previous developement experience about two years > in the IT security field and security checks development. I'm also > comfortable in writing nasl script. so?here is a summary of my > contribution: welcome to OpenVAS :-) You are now registered for the contest. I just released the OpenVAS Compendium 0.2.0 (see openvas-announce mailing list) which summarizes also some developer information. Online version is here: http://www.openvas.org/compendium/openvas-compendium.html > 1) Internationalisation > ??? * tranlation of openvas-client?(po file) to?french, since I'm a > native?speaker this would be nice. French is indeed missing. However, the central focus of the contest is about NVTs. > 2) openvas-plugins > ??? * implementation of?.nasl script for recent security alerts with fully > functional exploit code > * implementation of new .nasl script to detect > additional software > * implementation of? new?routines to perform?operating > system?fingerprint Cool. Currently there is a lot going on. Best is you drop a message on openvas-plugins mailing list which specific CVE/software detection/whatever you are going to work on. > 3) If Possible: Cross Platform OpenVAS-Client > ??? * alternate user interface based on python web application > framework:?cherry python This is again not in the central focus of the Contest. However, I already moved my mind around a web application. Python came to my mind as well, not cherry though. IMHO, before we should start on a web application we should settle OTP 1.0 protocol. All the best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Thu Aug 28 23:49:55 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 28 Aug 2008 23:49:55 +0200 Subject: [Openvas-devel] OpenVAS plugins standardization Message-ID: <48B71D83.50102@linux.hr> Hello! We had small discussion on IRC regarding OpenVAS plugin standardization report. There's lot of plugins which report on nothing found (like: Clamav not found or SSH login not possible) and ones which report only on vulnerability. My suggestion is to have plugin report on vulnerability/notice only. Only if user selected verbose report, report would contain why some plugin failed/did not find vulnerability or some exception... Good example is clamav vulnerability which reports in general/ClamAV. I already moved such option in general/ClamAV few days ago on SVN. So, you can check - if normal level of report is selected, it will report on vulnerability. If verbose report is selected, then it will report the string "Clamav not found or SSH login is not possible" (which was reported by default in normal report before). I think it is important to be consistent especially if we're having contest (that we don't end up with unconsistent plugins). It is good to have good examples for future plugin writers as most of them are writting by example (including me). We can change the plugins as we agree on this mailing list. If we agree on this list, I'll take the tasks to: - to change "misbehaved" plugins how we agree on the list - to write NASL style guide in documentation I'll have some time over weekend to work on that, so let me know what you think about it. Kost From kost at linux.hr Thu Aug 28 23:58:05 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 28 Aug 2008 23:58:05 +0200 Subject: [Openvas-devel] Few ideas for development/contest Message-ID: <48B71F6D.4070007@linux.hr> Hello! Here's few ideas what we should consider for future development of OpenVAS or some ideas for someone who wants to participate in contest. I think we should expand OpenVAS to support two more plugin/scripts formats: - OVAL: http://oval.mitre.org/repository/download/index.html - NES scripts http://nmap.org/book/nse.html These we can support as builtin/native or as a script which will convert from native syntax to NASL (something like oval2nasl or nes2nasl...). Question of design and advantages/disadvantages of each solution. Also, what would give openvas a really good jump start is to have some script(s) to convert some advisories automatically to nasl (like Ubuntu advisories, Novell, etc...). Just few ideas for contest... feel free to grab my ideas and take the prize! :) Kost From kost at linux.hr Fri Aug 29 00:07:40 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 29 Aug 2008 00:07:40 +0200 Subject: [Openvas-devel] openvas plugin oid idea Message-ID: <48B721AC.5070205@linux.hr> Yet another hello and idea from me! :) It would be good to have reserved OID space for private/specific plugins. Something like you have 192.168.x and friends in IP space. Why? Because there will be always some specific plugins which people might write specific for some organization or some specific check which is not applicable somewhere else. What do you think? Also, is there any web page where we can see currently reserved OID "address space"? Kost From kost at linux.hr Fri Aug 29 00:57:54 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 29 Aug 2008 00:57:54 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B71F6D.4070007@linux.hr> References: <48B71F6D.4070007@linux.hr> Message-ID: <48B72D72.9010503@linux.hr> Hello! Just update about potential NSE implementation. > http://oval.mitre.org/repository/download/index.html > - NES scripts > http://nmap.org/book/nse.html I just started discussion on nmap-dev regarding NSE implementation possibilities: http://seclists.org/nmap-dev/2008/q3/0542.html Kost From michael.wiegand at intevation.de Fri Aug 29 08:21:39 2008 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 29 Aug 2008 08:21:39 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B71F6D.4070007@linux.hr> References: <48B71F6D.4070007@linux.hr> Message-ID: <200808290821.39279.michael.wiegand@intevation.de> Am Donnerstag, 28. August 2008 23:58:05 schrieb Vlatko Kosturjak: > I think we should expand OpenVAS to support two more plugin/scripts > formats: > - OVAL: > http://oval.mitre.org/repository/download/index.html That is a great idea; in fact, I'm working on integrating OVAL right now, as per change request #13. ;) The actual implementation will be a little different from the approach described in the CR, I found an easier solution and will update the information in the CR in the next few days. It is worth mentioning that OVAL is primarily aimed at testing local vulnerabilities, so there is only a small amount of useful data obtained from remote scans we can provide to OVAL interpreters. Nevertheless, this might change as we improved the information gathering plugins (Hint: Another contest idea!). Including new plugin formats is not as hard as it might sound; the code for this is amazingly straightforward and useful when compared to other areas of -server or -libraries. :) As always, I'll be happy to help anyone thinking about working on this, just let me know. Regards, Michael -- Michael Wiegand OpenPGP key: D7D049EC Intevation GmbH, Osnabr?ck http://www.intevation.de/ Amtsgericht Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Fri Aug 29 09:15:12 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 29 Aug 2008 09:15:12 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B71F6D.4070007@linux.hr> References: <48B71F6D.4070007@linux.hr> Message-ID: <48B7A200.4000103@linux.hr> > I think we should expand OpenVAS to support two more plugin/scripts > formats: > - OVAL: > http://oval.mitre.org/repository/download/index.html > - NES scripts > http://nmap.org/book/nse.html One more format to support: - NBIN: NBIN is compiled .nasl script which nessus started to support from version 3.x http://list.nessus.org/pipermail/nessus-devel/2008-April/000007.html (Due to unopen specificatin, this could be hard one.) Also, another idea is to integrate openvas with metasploit. For the start, it would be good to have "exploit" button in openvas client on each vulnerability in report which metasploit supports. If user presses the exploit button - metasploit would be launched to exploit the vulnerability. I took a look around possible ways of implementing this and currently there is way with msfcli: ./msfcli [mode] ...or to write another msfwrapper (msfopenvas). Another thing which must be added to support metasploit is xref's in plugins to relevant plugin in metasploit. Kost From jan-oliver.wagner at intevation.de Fri Aug 29 09:44:22 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 09:44:22 +0200 Subject: [Openvas-devel] OpenVAS plugins standardization In-Reply-To: <48B71D83.50102@linux.hr> References: <48B71D83.50102@linux.hr> Message-ID: <200808290944.27506.jan-oliver.wagner@intevation.de> Hello Kost, On Donnerstag, 28. August 2008, Vlatko Kosturjak wrote: > We had small discussion on IRC regarding OpenVAS plugin standardization > report. There's lot of plugins which report on nothing found (like: > Clamav not found or SSH login not possible) and ones which report only > on vulnerability. > > My suggestion is to have plugin report on vulnerability/notice only. > Only if user selected verbose report, report would contain why some > plugin failed/did not find vulnerability or some exception... I had some headache about this problem some months ago, too. I cam up with a different idea, though. It is mentioned as a side note in CD#12, http://www.openvas.org/openvas-cr-12.html and is about two additional report classes "LOG" and "DEBUG". IMHO information like that a tool was not found to execute should *always* be reported. Because the has requested to execute the respective NVT, he *must* be informed what is the result of the execution. I really hate the way Nessus handles it: don't report anything if nothing is found. I am confident that many many people are scanning networks and think all is OK allthough the server side logs nessusd would show that many plugins failed to execute. > We can change the plugins as we agree on this mailing list. If we agree > on this list, I'll take the tasks to: > - to change "misbehaved" plugins how we agree on the list > - to write NASL style guide in documentation > > I'll have some time over weekend to work on that, so let me know what > you think about it. hm, provided it is generally agreed to have classes "LOG" and "DEBUG", I think it is possible to simply add respecitive calls in the .nasl files (e.g. "security_log() and security_debug() analog to security_warning() allthough I think the naming of Nessus is bad.) I guess the daemon will just through an error in the log file as long as the new NASL methods are not implemented. Once the server is extended, we can report it to the client and once this one has extended the information will be available to the user. Hm, as I think about it, we can also simply introduce a better and consistent naming. How about report_hole() (perhaps better report_vulnerability) report_warning() report_note() report_debug() report_log() The old functions can stay for backward compatibility for a while. Just sketched my ideas. What do you think? Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 09:47:30 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 09:47:30 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B71F6D.4070007@linux.hr> References: <48B71F6D.4070007@linux.hr> Message-ID: <200808290947.32722.jan-oliver.wagner@intevation.de> On Donnerstag, 28. August 2008, Vlatko Kosturjak wrote: > Also, what would give openvas a really good jump start is to have some > script(s) to convert some advisories automatically to nasl (like Ubuntu > advisories, Novell, etc...). Just few ideas for contest... feel free to > grab my ideas and take the prize! :) converters are a good idea! Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 09:50:48 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 09:50:48 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B71F6D.4070007@linux.hr> References: <48B71F6D.4070007@linux.hr> Message-ID: <200808290950.51055.jan-oliver.wagner@intevation.de> On Donnerstag, 28. August 2008, Vlatko Kosturjak wrote: > - NES scripts > http://nmap.org/book/nse.html > > These we can support as builtin/native or as a script which will convert > from native syntax to NASL (something like oval2nasl or nes2nasl...). > Question of design and advantages/disadvantages of each solution. I wonder whether it might make more sense to use nmap directly and just integrate the .nse files in the OpenVAS feed , OpenVAS server (just registering internally and reading base information) and therewith bring the selection of .nse files into the OpenVAS Client. Michael is currently implementing this concept for OVAL via ovaldi. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 09:51:54 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 09:51:54 +0200 Subject: [Openvas-devel] openvas plugin oid idea In-Reply-To: <48B721AC.5070205@linux.hr> References: <48B721AC.5070205@linux.hr> Message-ID: <200808290951.56598.jan-oliver.wagner@intevation.de> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > Also, is there any web page where we can see currently reserved OID > "address space"? no, but we definitely need it soon! Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Fri Aug 29 10:03:17 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 29 Aug 2008 10:03:17 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <200808290950.51055.jan-oliver.wagner@intevation.de> References: <48B71F6D.4070007@linux.hr> <200808290950.51055.jan-oliver.wagner@intevation.de> Message-ID: <48B7AD45.6030706@linux.hr> >> These we can support as builtin/native or as a script which will convert >> from native syntax to NASL (something like oval2nasl or nes2nasl...). >> Question of design and advantages/disadvantages of each solution. > I wonder whether it might make more sense to use nmap directly > and just integrate the .nse files in the OpenVAS feed , OpenVAS server > (just registering internally and reading base information) and therewith > bring the selection of .nse files into the OpenVAS Client. I agree this is the most easiest way to do it. There is some problems regarding this and I plan to patch nmap for that for official inclusion. Most problematic one is that scripts check for some open port or service in order to run and we cannot pass the predefined set of ports. Take a look at this thread on nmap-dev: http://seclists.org/nmap-dev/2008/q3/0542.html Kost From timb at nth-dimension.org.uk Fri Aug 29 10:25:44 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Fri, 29 Aug 2008 09:25:44 +0100 Subject: [Openvas-devel] openvas plugin oid idea In-Reply-To: <200808290951.56598.jan-oliver.wagner@intevation.de> References: <48B721AC.5070205@linux.hr> <200808290951.56598.jan-oliver.wagner@intevation.de> Message-ID: <200808290925.44398.timb@nth-dimension.org.uk> On Friday 29 August 2008 08:51:54 Jan-Oliver Wagner wrote: > On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > > Also, is there any web page where we can see currently reserved OID > > "address space"? > > no, but we definitely need it soon! Actually, there is such a page, at least in SVN and public on http://www.openvas.org/allocated-oid.html. Cheers, Tim -- Tim Brown From kost at linux.hr Fri Aug 29 10:31:09 2008 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 29 Aug 2008 10:31:09 +0200 Subject: [Openvas-devel] openvas plugin oid idea In-Reply-To: <200808290925.44398.timb@nth-dimension.org.uk> References: <48B721AC.5070205@linux.hr> <200808290951.56598.jan-oliver.wagner@intevation.de> <200808290925.44398.timb@nth-dimension.org.uk> Message-ID: <48B7B3CD.3030303@linux.hr> Tim Brown wrote: > On Friday 29 August 2008 08:51:54 Jan-Oliver Wagner wrote: >> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: >>> Also, is there any web page where we can see currently reserved OID >>> "address space"? >> no, but we definitely need it soon! > Actually, there is such a page, at least in SVN and public on > http://www.openvas.org/allocated-oid.html. I don't see AlienVault's one on the web page, is it complete? What about private OID address space? Kost From timb at nth-dimension.org.uk Fri Aug 29 10:43:04 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Fri, 29 Aug 2008 09:43:04 +0100 Subject: [Openvas-devel] openvas plugin oid idea In-Reply-To: <48B7B3CD.3030303@linux.hr> References: <48B721AC.5070205@linux.hr> <200808290925.44398.timb@nth-dimension.org.uk> <48B7B3CD.3030303@linux.hr> Message-ID: <200808290943.04627.timb@nth-dimension.org.uk> On Friday 29 August 2008 09:31:09 Vlatko Kosturjak wrote: > Tim Brown wrote: > > On Friday 29 August 2008 08:51:54 Jan-Oliver Wagner wrote: > >> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > >>> Also, is there any web page where we can see currently reserved OID > >>> "address space"? > >> > >> no, but we definitely need it soon! > > > > Actually, there is such a page, at least in SVN and public on > > http://www.openvas.org/allocated-oid.html. > > I don't see AlienVault's one on the web page, is it complete? > > What about private OID address space? AlienVaults hasn't been unmasked but it's there in SVN. As for private space, we could allocate some I suppose. I'll update and resync the web site. Cheers, Tim -- Tim Brown From jan-oliver.wagner at intevation.de Fri Aug 29 12:12:43 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 12:12:43 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B7A200.4000103@linux.hr> References: <48B71F6D.4070007@linux.hr> <48B7A200.4000103@linux.hr> Message-ID: <200808291212.46525.jan-oliver.wagner@intevation.de> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > > I think we should expand OpenVAS to support two more plugin/scripts > > formats: > > - OVAL: > > http://oval.mitre.org/repository/download/index.html > > - NES scripts > > http://nmap.org/book/nse.html > > One more format to support: > - NBIN: NBIN is compiled .nasl script which nessus started to support > from version 3.x > http://list.nessus.org/pipermail/nessus-devel/2008-April/000007.html > (Due to unopen specificatin, this could be hard one.) I'd rather prefer not to implement/support this format at all. It was invented to make things opaque. OpenVAS should consequently follow the concept of transparency. Let the proprietary folks do proprietary stuff and leave their customers unclear about what the tools are doing with root grants and unclear about source code quality. We do better. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 12:15:52 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 12:15:52 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <48B7A200.4000103@linux.hr> References: <48B71F6D.4070007@linux.hr> <48B7A200.4000103@linux.hr> Message-ID: <200808291215.54327.jan-oliver.wagner@intevation.de> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > Also, another idea is to integrate openvas with metasploit. For the > start, it would be good to have "exploit" button in openvas client on > each vulnerability in report which metasploit supports. If user presses > the exploit button - metasploit would be launched to exploit the > vulnerability. > I took a look around possible ways of implementing this and currently > there is way with msfcli: > ./msfcli [mode] > > ...or to write another msfwrapper (msfopenvas). Another thing which must > ?be added to support metasploit is xref's in plugins to relevant plugin > in metasploit. hm, this would turn OpenVAS into a cracker tool. We have to be careful with this. OpenVAS should stay a analysis tool. Though it might make sense to use metasploit in some ways to report security problems rather to pop up a root shell. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 12:19:40 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 12:19:40 +0200 Subject: [Openvas-devel] openvas plugin oid idea In-Reply-To: <200808290943.04627.timb@nth-dimension.org.uk> References: <48B721AC.5070205@linux.hr> <48B7B3CD.3030303@linux.hr> <200808290943.04627.timb@nth-dimension.org.uk> Message-ID: <200808291219.43251.jan-oliver.wagner@intevation.de> On Freitag, 29. August 2008, Tim Brown wrote: > On Friday 29 August 2008 09:31:09 Vlatko Kosturjak wrote: > > Tim Brown wrote: > > > On Friday 29 August 2008 08:51:54 Jan-Oliver Wagner wrote: > > >> On Freitag, 29. August 2008, Vlatko Kosturjak wrote: > > >>> Also, is there any web page where we can see currently reserved OID > > >>> "address space"? > > >> > > >> no, but we definitely need it soon! > > > > > > Actually, there is such a page, at least in SVN and public on > > > http://www.openvas.org/allocated-oid.html. > > > > I don't see AlienVault's one on the web page, is it complete? > > > > What about private OID address space? > > AlienVaults hasn't been unmasked but it's there in SVN. As for private space, > we could allocate some I suppose. I'll update and resync the web site. The thoughts of CR#1 should be added there, too. See: http://www.openvas.org/openvas-cr-1.html I fear it already got a bit unstrucured/uncoordinated. -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From skjortan at gmail.com Fri Aug 29 12:40:26 2008 From: skjortan at gmail.com (Thomas Olofsson) Date: Fri, 29 Aug 2008 12:40:26 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: <200808291215.54327.jan-oliver.wagner@intevation.de> References: <48B71F6D.4070007@linux.hr> <48B7A200.4000103@linux.hr> <200808291215.54327.jan-oliver.wagner@intevation.de> Message-ID: First of all an introduction. My name is Thomas Olofsson (skjortan) on efnet. and has been working with network and application security for the past ten years. I did use nessus from time to time up till the 2.x release. and before then i used s.a.t.a.n. Currently i am mostly working with pure application/code security and do not do much network scans other then as a part test for some PCI compliance evaluation. I was very happy when i read about the OpenVas project and i have synced the repository and almost gotten it to build. I must say that i am very impressed with the amount of work you guys have done so far. Especially with all the licensing issues. It is really nice to see a working Open branch again. I am very much looking forward to contibute to this project that i really think is helping the both the security and the open source comunity. I was also happy to find a very active and living mailinglist that actually very openly discuss the development roadmap: Now to my thoughts on the last days discussions regarding external .sig formats. Start with .nasl and do them good. It is allways tempting to get input from other sources but the build is not even stable yet. I think we should start with a stable platform that builds on anything, with working .nasl scripts for the most obvious things (windows/smb) and major vendor network services. There is a lot of job just getting up an running, producing decent scan results. > hm, this would turn OpenVAS into a cracker tool. > We have to be careful with this. OpenVAS should > stay a analysis tool. Though it might make sense to > use metasploit in some ways to report security problems > rather to pop up a root shell. I agree to this. a security scanner should be a security scanner and a exploit framework a exploit framework. If you are a decent penetration tester you should know how to exploit your findings with metasploit. If we integrate them we risk turning this into a 'script kiddie' toolbox. And thereby taking focus from what we really should do (finding vulnerabilities). From jan-oliver.wagner at intevation.de Fri Aug 29 14:40:21 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 14:40:21 +0200 Subject: [Openvas-devel] Few ideas for development/contest In-Reply-To: References: <48B71F6D.4070007@linux.hr> <200808291215.54327.jan-oliver.wagner@intevation.de> Message-ID: <200808291440.24061.jan-oliver.wagner@intevation.de> Hello thomas, On Freitag, 29. August 2008, Thomas Olofsson wrote: > My name is Thomas Olofsson (skjortan) on efnet. and has been working > with network and application security for the past ten years. > I did use nessus from time to time up till the 2.x release. and before > then i used s.a.t.a.n. Currently i am mostly working with pure > application/code security and do not do much network scans other then > as a part test for some PCI compliance evaluation. > > I was very happy when i read about the OpenVas project and i have > synced the repository and almost gotten it to build. I must say that i > am very impressed with the amount of work you guys have done so far. > Especially with all the licensing issues. It is really nice to see a > working Open branch again. > > I am very much looking forward to contibute to this project that i > really think is helping the both the security and the open source > comunity. you are welcome! > Now to my thoughts on the last days discussions regarding external .sig formats. > > Start with .nasl and do them good. It is allways tempting to get input > from other sources but the build is not even stable yet. I think we > should start with a stable platform that builds on anything, with > working .nasl scripts for the most obvious things (windows/smb) and > major vendor network services. > > There is a lot of job just getting up an running, producing decent > scan results. Indeed! Collecting/sharing ideas is a good thing though. Also, the principle idea to not do things twice is a good one and opportunities (e.g. oval) are worth evaluating. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Fri Aug 29 16:02:12 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 29 Aug 2008 16:02:12 +0200 Subject: [Openvas-devel] OpenVAS Server/Client 1.1: strictly and only OID and OTP 1.0 ?! Message-ID: <200808291602.14732.jan-oliver.wagner@intevation.de> Hello, during our improvements to the server and working on OTP[1] and OID[2] stuff it occured that we would have to invest considerable efford into additonally supporting NTP and old ID style. Now that I consolidated the OTP documentation I'd like to make the protocol more strict (no feature selection - good feature into standard, bad features out) and thinner (no redundancies, eg. NEW_ATTACK / LONG_ATTACK). The NTP code is a mess, there is even find knowledge about the syntax in openvas-libraries :-| So, what I am planning is to make a big clean up in the trunk versions of server and client and get all things out we do not need. Of course the trunk versions should be usable in any state of development. But it will not be possible to with trunk server and 1.0 client neither with 1.0 server and trunk client. Oh and trunk client will not work with any nessus nor will any nessus client work with trunk server. I am pretty sure we need the big step now, rather than later. To summarize, the big step would be: * thin out OTP 1.0 * reduce protocol implementations in openvas-server trunk to only support OTP 1.0. * strictly use OIDs in openvas-server trunk (there is a legacy method for NASL scripts with old IDs) * reduce protocol implementation in openvas-client trunk to only support OTP 1.0 (openvas-client 1.0.x is maintained for NTP support) * strictly use OIDs in openvas-client trunk. Any concerns with doing this big step _now_? Alternatives? Best Jan [1] http://www.openvas.org/openvas-cr-12.html [2] http://www.openvas.org/openvas-cr-1.html -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr?ck Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From c_edjenguele at yahoo.it Sun Aug 31 17:51:36 2008 From: c_edjenguele at yahoo.it (Christian Eric EDJENGUELE) Date: Sun, 31 Aug 2008 15:51:36 +0000 (GMT) Subject: [Openvas-devel] Question on NVT development Message-ID: <462953.40924.qm@web26007.mail.ukl.yahoo.com> Hi all, I'm?begun writing a NVT for openvas, I want to perform multiples?HTTP GET?REQUESTS on some pages taken from list or array?using a foreach loop?or something similar. ex: list = page1, page2,... and foreach page in list get page are they some funtions to do that, or I've to implemtn them ? thanks.? ?=== Christian Eric Edjenguele IT Security Software Developer & Researcher tel. +39 3408580513 View my linkedin profile: http://www.linkedin.com/in/edjenguele My blog: http://www.edjenguele.blogspot.com --- Management, Developers, Security Professionals ? can only result in one thing?? better security. http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th 2008 __________________________________________________ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it From jan-oliver.wagner at intevation.de Sun Aug 31 20:58:00 2008 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Sun, 31 Aug 2008 20:58:00 +0200 Subject: [Openvas-devel] Question on NVT development In-Reply-To: <462953.40924.qm@web26007.mail.ukl.yahoo.com> References: <462953.40924.qm@web26007.mail.ukl.yahoo.com> Message-ID: <200808312058.06040.jan-oliver.wagner@intevation.de> On Sunday 31 August 2008 17:51, Christian Eric EDJENGUELE wrote: > I'm?begun writing a NVT for openvas, I want to perform multiples?HTTP > GET?REQUESTS on some pages taken from list or array?using a foreach loop?or > something similar. ex: > list = page1, page2,... > and foreach page in list get page > > are they some funtions to do that, or I've to implemtn them ? seems a "foreach" does exist: http://www.openvas.org/compendium/nasl-loops.html but the compendium has not yet been extended with details here. So, it is probably best to look into some other scripts for sample usage. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH Amtsgericht Osnabr?ck, HR B 18998 http://www.intevation.de/ Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From timb at nth-dimension.org.uk Sun Aug 31 21:09:03 2008 From: timb at nth-dimension.org.uk (Tim Brown) Date: Sun, 31 Aug 2008 20:09:03 +0100 Subject: [Openvas-devel] Question on NVT development In-Reply-To: <200808312058.06040.jan-oliver.wagner@intevation.de> References: <462953.40924.qm@web26007.mail.ukl.yahoo.com> <200808312058.06040.jan-oliver.wagner@intevation.de> Message-ID: <200808312009.03547.timb@nth-dimension.org.uk> On Sunday 31 August 2008 19:58:00 Jan-Oliver Wagner wrote: > On Sunday 31 August 2008 17:51, Christian Eric EDJENGUELE wrote: > > I'm?begun writing a NVT for openvas, I want to perform multiples?HTTP > > GET?REQUESTS on some pages taken from list or array?using a foreach > > loop?or something similar. ex: > > list = page1, page2,... > > and foreach page in list get page > > > > are they some funtions to do that, or I've to implemtn them ? > > seems a "foreach" does exist: > http://www.openvas.org/compendium/nasl-loops.html > > but the compendium has not yet been extended with details here. > So, it is probably best to look into some other scripts for sample usage. foreach _portcluster (split(_portrange, sep:",", keep:false)) -- Tim Brown From c_edjenguele at yahoo.it Sun Aug 31 21:50:11 2008 From: c_edjenguele at yahoo.it (Christian Eric EDJENGUELE) Date: Sun, 31 Aug 2008 19:50:11 +0000 (GMT) Subject: [Openvas-devel] Question on NVT development Message-ID: <367526.74589.qm@web26008.mail.ukl.yahoo.com> === Christian Eric Edjenguele IT Security Software Developer & Researcher tel. +39 3408580513 View my linkedin profile: http://www.linkedin.com/in/edjenguele My blog: http://www.edjenguele.blogspot.com --- Management, Developers, Security Professionals ? can only result in one thing?? better security. http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Sept 22nd-25th 2008 ----- Messaggio originale ----- Da: Tim Brown A: openvas-devel at wald.intevation.org Cc: Jan-Oliver Wagner Inviato: Domenica 31 agosto 2008, 21:09:03 Oggetto: Re: [Openvas-devel] Question on NVT development On Sunday 31 August 2008 19:58:00 Jan-Oliver Wagner wrote: > On Sunday 31 August 2008 17:51, Christian Eric EDJENGUELE wrote: > > I'm?begun writing a NVT for openvas, I want to perform multiples?HTTP > > GET?REQUESTS on some pages taken from list or array?using a foreach > > loop?or something similar. ex: > > list = page1, page2,... > > and foreach page in list get page > > > > are they some funtions to do that, or I've to implemtn them ? > > seems a "foreach" does exist: > http://www.openvas.org/compendium/nasl-loops.html > > but the compendium has not yet been extended with details here. > So, it is probably best to look into some other scripts for sample usage. foreach _portcluster (split(_portrange, sep:",", keep:false)) great -- Tim Brown _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel __________________________________________________ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it