[Openvas-discuss] SSH Authorization Check (OID: 1.3.6.1.4.1.25623.1.0.90022) not working after nvt update ?

Michel Pelletier michelpelletier07 at gmail.com
Wed Feb 4 21:21:02 CET 2015


Hi,

I got it working by modifying function nasl_ssh_userauth of
file openvas-libraries-7.0.7/nasl/nasl_ssh.c:

There is a call made to get_str_local_var_by_name (lexic, "password"); for
getting the password.  What is returned is not NULL as expected but an
empty string so testing the returned value as follows is wrong:

  /* First check whether any specific methods have been requested.  If
     not fall back to the default.  */
  if (password = get_str_local_var_by_name (lexic, "password"))
    ; /* Password provided - do not bother looking for a private key.  */

Instead the returned value should also be tested for an empty string as
follows:

  /* First check whether any specific methods have been requested.  If
     not fall back to the default.  */
  password = get_str_local_var_by_name (lexic, "password");
  if (password && strlen(password))
    ; /* Password provided - do not bother looking for a private key.  */

Works for me.

Best regards,

Michel Pelletier






On Wed, Feb 4, 2015 at 11:15 AM, Michael Meyer <michael.meyer at greenbone.net>
wrote:

> *** John weo wrote:
> > I use a set of ssh credentials, public/private key with pass-phrase.
> >
> > After I updated the nvt's (03.02.2015), the following test "SSH
> > Authorization Check (OID: 1.3.6.1.4.1.25623.1.0.90022)" Revision:
> > 948 is reporting that the "It was not possible to login using the
> > provided SSH credentials"
>
> We'll have a look on this...
>
> Micha
>
> --
> Michael Meyer                  OpenPGP Key: 0xAF069E9152A6EFA6
> http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
> Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>



-- 
Michel Pelletier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150204/d1503d54/attachment.html>


More information about the Openvas-discuss mailing list