[Openvas-discuss] debugging an nasl plugin ?

Sylvain Faivre sylvain.faivre at reservit.com
Tue Dec 30 17:41:02 CET 2014


On 12/30/2014 05:16 PM, Michael Meyer wrote:
>
>> The site listens on port 443, so I tried to change this line in the
>> script, as I found no way to set this value on the command line :
>> #port = get_http_port( default:80 );
>> port = get_http_port( default:443 );
>
> This will not work on cli. Use the following:
>
> replace_kb_item(name: "Transports/TCP/443", value:2); # (¹)
> port = get_http_port( default:443 );
>

Using these instructions, I can now confirm that the current plugin 
version works as expected, i.e.  :

Cookies :
Set-Cookie: PHPSESSID=555a45f4669d94b6cbd7a8ee6eb2f982; path=/; secure; 
HttpOnly
Set-Cookie: cookie_test=1419961191

Report :
The cookies:

Set-Cookie: cookie_test=1419961191

are missing the httpOnly attribute.


Thanks !



More information about the Openvas-discuss mailing list