[Openvas-devel] [Openvas-commits] r4805 -trunk/openvas-plugins/scripts
Christian Eric Edjenguele
christian.edjenguele at owasp.org
Wed Sep 2 08:26:27 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chandrashekhar B wrote:
> Hello Christian,
>
> I have added socket functions inside if(soc) which resolves the dump errors.
> Before calling the functions such as send(), close(), there should always be
> a check soc either,
>
> If(soc) or if(!soc) exit(0)
>
> Also there are few more problems in the plugin,
>
> In ln 114, you are constructing a complete HTTP GET request and then calling
> http_get() function, http_get itself will do all these, just need to pass
> the URL. In this case http_get() is returning a wrong HTTP request.
yes you're right.
thanks.
>
> Thanks,
> Chandra.
>
>
> -----Original Message-----
> From: openvas-devel-bounces at wald.intevation.org
> [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Christian
> Eric Edjenguele
> Sent: Tuesday, September 01, 2009 9:52 PM
> To: openvas-devel at wald.intevation.org
> Subject: Re: [Openvas-devel] [Openvas-commits] r4805
> -trunk/openvas-plugins/scripts
>
> Hi Chandra, I'm not certain about changes in this code, Jan told me
> about some errors, but does identation solves the problem ?
>
> thanks.
>
> scm-commit at wald.intevation.org wrote:
>> Author: chandra
>> Date: 2009-09-01 12:58:12 +0200 (Tue, 01 Sep 2009)
>> New Revision: 4805
>
>> Modified:
>> trunk/openvas-plugins/scripts/remote-MS04-017.nasl
>> Log:
>> Updated to resolve the issue in dump messages
>
>> Modified: trunk/openvas-plugins/scripts/remote-MS04-017.nasl
>> ===================================================================
>> --- trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01
> 09:22:54 UTC (rev 4804)
>> +++ trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01
> 10:58:12 UTC (rev 4805)
>> @@ -108,19 +108,22 @@
>> foreach page (pages)
>> {
>> soc = open_sock_tcp(port);
>> - # build the malicious request
>> - request = page +
> '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini'
> ;
>> + if(soc)
>> + {
>> + # build the malicious request
>> + request = page +
> '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini'
> ;
>
>> - qry = string('GET ' + request + ' HTTP/1.0\r\n',
>> - 'Host: ' + h_ip + ':' + port + '\r\n\r\n');
>> + qry = string('GET ' + request + ' HTTP/1.0\r\n',
>> + 'Host: ' + h_ip + ':' + port + '\r\n\r\n');
>
>> - req = http_get(item:qry, port:port);
>> - send(socket:soc, data: req);
>> + req = http_get(item:qry, port:port);
>> + send(socket:soc, data: req);
>
>> - # Get back the response
>> - reply = recv(socket:soc, length:4096);
>> + # Get back the response
>> + reply = recv(socket:soc, length:4096);
>
>> - close(soc);
>> + close(soc);
>> + }
>
>> if(reply)
>> {
>
>> _______________________________________________
>> Openvas-commits mailing list
>> Openvas-commits at wald.intevation.org
>> http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
>
>
_______________________________________________
Openvas-devel mailing list
Openvas-devel at wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
- --
Christian Eric Edjenguele
IT Security Engineer
PGP KeyID: 0xB1654498
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJKnhANAAoJENETScWxZUSY4sEIAK/RTa/g3QHLiIj8E+IC8Qcm
9AxIXsYRxRHX2j4vy8jjWWeTj2c3sY5Vfe+qJFbbNTSj6cHNQzssYY8F8ltb/r3G
wJkHSpfPyIJxRZ7ULbl6wHuAlmIikUvGKu+T51u3w6RTabTF3QQPafmLQMLh6jKd
c9QYxA+mLHrr2e/tIOBfrvK5Cu8/VLbKqv9ox8G1VQLDwWxswozc9DXc0pn4rSCk
/g5RyDQpsq/izqvJ9BnjrnY+JxsWc/rqqB3a5ndkBQNhayvmufqN+UJa6tC+Ocv1
ASdtbhMygvyCl1mPFfPGvkZ7f0MY5UbDWSYxhQYYFL24oG8y6BM3tIFZxDTzuoc=
=U5ET
-----END PGP SIGNATURE-----
More information about the Openvas-devel
mailing list