[Openvas-devel] Call for Vote: CR #49 / Network Level Scan Phase

Michael Wiegand michael.wiegand at greenbone.net
Fri Nov 5 12:16:11 CET 2010


Hello,

since my Call for Vote for OpenVAS Change Request #49 (see 
http://www.openvas.org/openvas-cr-49.html) seems to have been too well hidden 
in the patch discussion thread, let me remind you that the voting is still 
open and currently at +2.

I'd like to encourage everybody to vote and to vote until next Tuesday so the 
feature can make it's way into openvas-libraries soon if there is a positive 
vote.

By popular (especially Jan's) demand, I have attached a cleaned up version of 
my patch, now with complete with ChangeLog so you can get a better idea of 
what I had to change without digging too deep into the code.

Feel free to ask any questions you may have about this feature or the patch.

Have a great weekend,

Michael

-- 
Michael Wiegand |  Greenbone Networks GmbH  |  http://www.greenbone.net/
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

-------------- next part --------------
#
# This script was written by Michel Arboi <arboi at alussinan.org>
# Slight changes by Vlatko Kosturjak <kost at linux.hr>
# Used for nmap network level scanning prototype by Michael Wiegand <michael.wiegand at greenbone.net>
# GPL
#
#
# Nmap can be found at :
# <http://www.insecure.org/nmap/>
#

if(description)
{
 script_id(714259);
 script_version ("1.19");
 script_tag(name:"risk_factor", value:"High");
 name = "Nmap NETWORK (NASL wrapper)";
 script_name(name);

 desc = "
This plugin runs nmap(1) on a network level to find open ports.

";

 script_description(desc);

 summary = "Performs NETWORK portscan / RPC scan";
 script_summary(summary);

 script_category(ACT_SCANNER);

 script_copyright("This script is Copyright (C) 2004 Michel Arboi");
 family = "Port scanners";
 script_family(family);

 exit(0);
}

function on_exit()
{
  if (tmpfile && file_stat(tmpfile)) unlink(tmpfile);
}

tmpfile = NULL;

s = scan_phase ();

if (s == 1) {
 netmask = network_netmask ();

 i = 0;
 argv[i++] = "nmap";
 argv[i++] = "-sT";
 argv[i++] = "-T5";
 argv[i++] = "-oG";
 tmpdir = get_tmp_dir();
 if (tmpdir && strlen(tmpdir)) {
   tmpfile = strcat(tmpdir, "nmap-network-", rand() );
   fwrite(data:" ",file:tmpfile); # make sure that tmpfile could be created. Then we can check that tmpfile exist with file_stat().
 }

 if (tmpfile && file_stat(tmpfile))
  argv[i++] = tmpfile;
 else
  argv[i++] = "-";

 argv[i++] = netmask;

 scanner_status(current: 0, total: 65535);

 res = pread(cmd: "nmap", argv: argv, cd: 1);
 if (tmpfile && file_stat(tmpfile))
  res = fread(tmpfile);
 if (! res) exit(0);	# error

 lines = split (res, sep: '\n', keep: FALSE);
 foreach blob (lines)
  {
    c = split(blob,sep:"Ports: ", keep: FALSE);
    d = split(c[0],sep:" ", keep: FALSE);
    e = split(c[1],sep:", ", keep: FALSE);
    if (! isnull (e)) {
      foreach f (e) {
        g = split (f, sep:"/", keep: FALSE);
        security_hole(port: 0, data: d[1] + "/Ports/tcp/" + g[0]);
        set_kb_item(name: d[1] + "/Ports/tcp/" + g[0], value: 1);
      }
  }
  }
 scanner_status(current: 65535, total: 65535);
}

exit (0);



-------------- next part --------------
A non-text attachment was scrubbed...
Name: openvas-libraries-network-scan.patch
Type: text/x-diff
Size: 2992 bytes
Desc: not available
Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20101105/89bfd3d8/openvas-libraries-network-scan.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openvas-scanner-network-scan.patch
Type: text/x-diff
Size: 17353 bytes
Desc: not available
Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20101105/89bfd3d8/openvas-scanner-network-scan.bin


More information about the Openvas-devel mailing list