[Openvas-devel] Problem with qeurying registry using openvas wmi

Yanjin Ding yding at nopsec.com
Wed May 15 21:36:14 CEST 2013


Dear all,

I'm trying to query registry values that exist on target machine(I checked
manually). The function "wmi_connect_reg" succeeded, and return the handle.
Then I try to call function "wmi_reg_enum_key", "wmi_reg_get_sz",
"wmi_reg_get_dword_val", none of these work. Error message is : WMI query
failed.
The test script is attached.

I configured the target machine as follows:
1. Turned off firewall
2. Run "wmimgmt.msc" -> WMI control -> properties
    enabled "remote enable" for namespace "root", "rsop", "default', "cimv2"
3. Started service "Remote registry"
4. Run "dcomcfng" ->Component services -> computers -> my computer ->
properties -> com security ->grant remote access to "access permissions"
and "launch and activate permission."

Environment:
openvas libraries 6.0.0
wmi 1.3.14
target machine os: Windows 7 Ultimate in a domain

Does anyone know if it's a problem with the wmi functions or target machine
configuration for query registry over wmi? Any help will be very
appreciated.
*--*
*Yanjin Ding*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20130515/0a7c2e76/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wmi_reg_test.nasl
Type: application/octet-stream
Size: 1189 bytes
Desc: not available
URL: <http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20130515/0a7c2e76/attachment.obj>


More information about the Openvas-devel mailing list