[Openvas-nvts-commits] r558 - / scripts

scm-commit at wald.intevation.org scm-commit at wald.intevation.org
Fri Jul 11 11:49:31 CEST 2014


Author: antu123
Date: 2014-07-11 11:49:31 +0200 (Fri, 11 Jul 2014)
New Revision: 558

Modified:
   ChangeLog
   scripts/gb_nuance_pdf_reader_detect_win.nasl
   scripts/gb_thunderbird_detect_win.nasl
   scripts/secpod_libre_office_detect_win.nasl
   scripts/secpod_openoffice_detect_win.nasl
   scripts/secpod_pidgin_detect_win.nasl
   scripts/secpod_powerzip_detect.nasl
   scripts/secpod_putty_version.nasl
Log:
Updated to support 32 and 64 bit application and newest detection method.

Modified: ChangeLog
===================================================================
--- ChangeLog	2014-07-11 05:18:59 UTC (rev 557)
+++ ChangeLog	2014-07-11 09:49:31 UTC (rev 558)
@@ -1,5 +1,17 @@
 2014-07-11 Antu Sanadi <santu at secpod.com>
 
+	* scripts/gb_nuance_pdf_reader_detect_win.nasl,
+	scripts/gb_thunderbird_detect_win.nasl,
+	scripts/secpod_libre_office_detect_win.nasl,
+	scripts/secpod_openoffice_detect_win.nasl,
+	scripts/secpod_pidgin_detect_win.nasl,
+	scripts/secpod_powerzip_detect.nasl,
+	scripts/secpod_putty_version.nasl:
+	Updated to support 32 and 64 bit application and
+	newest detection method.
+
+2014-07-11 Antu Sanadi <santu at secpod.com>
+
 	* scripts/2014/deb_2976.nasl,
 	  scripts/2014/deb_2973.nasl,
 	  scripts/2014/deb_2975.nasl,

Modified: scripts/gb_nuance_pdf_reader_detect_win.nasl
===================================================================
--- scripts/gb_nuance_pdf_reader_detect_win.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/gb_nuance_pdf_reader_detect_win.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -7,6 +7,9 @@
 # Authors:
 # Arun Kallavi <karun at secpod.com>
 #
+# Updated By: Shakeel <bshakeel at secpod.com> on 2014-07-08
+# According to CR57 and to support 32 and 64 bit.
+#
 # Copyright:
 # Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net
 #
@@ -26,15 +29,13 @@
 
 include("revisions-lib.inc");
 
-SCRIPT_OID = "1.3.6.1.4.1.25623.1.0.803328";
-
 if(description)
 {
-  script_oid(SCRIPT_OID);
+  script_oid("1.3.6.1.4.1.25623.1.0.803328");
   script_version("$Revision$");
   script_tag(name:"cvss_base", value:"0.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
   script_tag(name:"risk_factor", value:"None");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2013-03-11 15:20:19 +0530 (Mon, 11 Mar 2013)");
   script_tag(name:"detection", value:"registry version check");
@@ -59,8 +60,9 @@
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2013 Greenbone Networks GmbH");
   script_family("Product detection");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_mandatory_keys("SMB/WindowsVersion");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
+  script_require_ports(139, 445);
   exit(0);
 }
 
@@ -71,48 +73,67 @@
 include("secpod_smb_func.inc");
 
 ## Variable Initialization
+os_arch = "";
+key_list = "";
 ReaderName = "";
 ReaderPath = "";
 ReaderVer = "";
 cpe = "";
 key = "";
 
-key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
-if(!registry_key_exists(key:key)){
+# Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
+}
+
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key_list = make_list("SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\");
+}
+
+## Check for 64 bit platform, Currently only 32-bit application is available
+else if("x64" >< os_arch){
+  key_list =  make_list("SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\");
+}
+
+if(isnull(key_list)){
   exit(0);
 }
 
-foreach item (registry_enum_keys(key:key))
+foreach key (key_list)
 {
-  ## Check for the Application
-  ReaderName = registry_get_sz(key:key + item, item:"DisplayName");
-  if("Nuance PDF Reader" >< ReaderName)
+  foreach item (registry_enum_keys(key:key))
   {
-    ## Check for the install path
-    ReaderPath =registry_get_sz(key:key + item, item:"InstallLocation");
-    if(!ReaderPath){
-      ReaderPath = "Could not find the install Location";
-    }
-
-    ## Check for the version
-    ReaderVer = registry_get_sz(key:key + item, item:"DisplayVersion");
-    if(ReaderVer)
+    ## Check for the Application
+    ReaderName = registry_get_sz(key:key + item, item:"DisplayName");
+    if("Nuance PDF Reader" >< ReaderName)
     {
-      set_kb_item(name:"Nuance/PDFReader/Win/Ver", value:ReaderVer);
+      ## Check for the install path
+      ReaderPath =registry_get_sz(key:key + item, item:"InstallLocation");
+      if(!ReaderPath){
+        ReaderPath = "Could not find the install Location";
+      }
 
-      ## Build cpe
-      cpe = build_cpe(value:ReaderVer, exp:"^([0-9.]+)",
-                      base:"cpe:/a:nuance:pdf_reader:");
-      if(isnull(cpe))
-        cpe = "cpe:/a:nuance:pdf_reader";
+      ## Check for the version
+      ReaderVer = registry_get_sz(key:key + item, item:"DisplayVersion");
+      if(ReaderVer)
+      {
+        set_kb_item(name:"Nuance/PDFReader/Win/Ver", value:ReaderVer);
 
-      register_product(cpe:cpe, location:ReaderPath, nvt:SCRIPT_OID);
-      log_message(data: build_detection_report(app:"Nuance PDF Reader",
+        ## Build cpe
+        cpe = build_cpe(value:ReaderVer, exp:"^([0-9.]+)", base:"cpe:/a:nuance:pdf_reader:");
+        if(isnull(cpe))
+          cpe = "cpe:/a:nuance:pdf_reader";
+
+        register_product(cpe:cpe, location:ReaderPath);
+        log_message(data: build_detection_report(app:"Nuance PDF Reader",
                                                version:ReaderVer,
                                                install:ReaderPath,
                                                cpe:cpe,
                                                concluded:ReaderVer));
-      exit(0);
+      }
     }
   }
 }

Modified: scripts/gb_thunderbird_detect_win.nasl
===================================================================
--- scripts/gb_thunderbird_detect_win.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/gb_thunderbird_detect_win.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -16,6 +16,9 @@
 # Update By:  Thanga Prakash S <tprakash at secpod.com> on 2013-09-23
 # According to new style script_tags and Fixed issue in identifying ESR.
 #
+# Updated By: Thanga Prakash S <tprakash at secpod.com> on 2014-07-08
+# Updated to support 32 and 64 bit
+#
 # Copyright:
 # Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net
 #
@@ -35,11 +38,9 @@
 
 include("revisions-lib.inc");
 
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.800015";
-
 if(description)
 {
-  script_oid(SCRIPT_OID);
+  script_oid("1.3.6.1.4.1.25623.1.0.800015");
   script_version("$Revision$");
   script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
@@ -68,8 +69,9 @@
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2008 Greenbone Networks GmbH");
   script_family("Product detection");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_mandatory_keys("SMB/WindowsVersion");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
+  script_require_ports(139, 445);
   exit(0);
 }
 
@@ -79,7 +81,6 @@
 include("cpe.inc");
 include("host_details.inc");
 
-
 ## Variable Initialization
 tbirdVer = "";
 appPath = "";
@@ -87,7 +88,25 @@
 path = "";
 cpe = "";
 
-foreach regKey (make_list("SOFTWARE\Mozilla", "SOFTWARE\mozilla.org"))
+## Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
+}
+
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key = "SOFTWARE";
+}
+
+## Presently 64bit application is not available
+## Check for 32 bit App on 64 bit platform
+else if("x64" >< os_arch){
+  key =  "SOFTWARE\Wow6432Node";
+}
+
+foreach regKey (make_list( key + "\Mozilla", key + "\mozilla.org"))
 {
   if(registry_key_exists(key: regKey))
   {
@@ -116,7 +135,7 @@
       }
 
       # Check for ESR installation
-      path = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\",
+      path = registry_get_sz(key: key + "\Microsoft\Windows\CurrentVersion\",
                              item:"ProgramFilesDir");
       if(!path) exit(0);
 
@@ -152,11 +171,10 @@
         appName = 'Mozilla ThunderBird';
       }
 
-      register_product(cpe:cpe, location:appPath, nvt:SCRIPT_OID);
+      register_product(cpe:cpe, location:appPath);
 
       log_message(data: build_detection_report(app: appName, version: tbirdVer,
                                                install: appPath, cpe:cpe, concluded:tbirdVer));
-      exit(0);
     }
   }
 }


Property changes on: scripts/gb_thunderbird_detect_win.nasl
___________________________________________________________________
Modified: svn:keywords
   - Id Revision Date
   + Author Revision Date Id

Modified: scripts/secpod_libre_office_detect_win.nasl
===================================================================
--- scripts/secpod_libre_office_detect_win.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/secpod_libre_office_detect_win.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -10,6 +10,9 @@
 # Copyright:
 # Copyright (c) 2011 SecPod, http://www.secpod.com
 #
+# Updated By: Thanga Prakash S <tprakash at secpod.com> on 2014-07-08
+# Updated to support 32 and 64 bit
+#
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2
 # (or any later version), as published by the Free Software Foundation.
@@ -25,33 +28,41 @@
 ###############################################################################
 
 include("revisions-lib.inc");
-tag_summary = "This script detects the installed version of LibreOffice and sets
-  the result in KB.";
 
 if(description)
 {
-  script_id(902398);
+  script_oid("1.3.6.1.4.1.25623.1.0.902398");
+  script_version("$Revision$");
+  script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
- script_version("$Revision$");
+  script_tag(name:"risk_factor", value:"None");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2011-07-27 09:16:39 +0200 (Wed, 27 Jul 2011)");
+  script_tag(name:"detection", value:"registry version check");
   script_name("LibreOffice Version Detection (Windows)");
-  script_tag(name:"cvss_base", value:"0.0");
-  script_tag(name:"risk_factor", value:"None");
+
+  tag_summary =
+"Detection of installed version of LibreOffice on Windows.
+
+The script logs in via smb, searches for LibreOffice in the registry
+and gets the version from registry.";
+
   desc = "
   Summary:
   " + tag_summary;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
+    script_tag(name : "summary" , value : tag_summary);
+  }
+
   script_description(desc);
   script_summary("Set KB for the version of LibreOffice");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2011 SecPod");
-  script_family("Service detection");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_require_keys("SMB/WindowsVersion");
+  script_family("Product detection");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
   script_require_ports(139, 445);
-  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
-    script_tag(name : "summary" , value : tag_summary);
-  }
   exit(0);
 }
 
@@ -61,24 +72,40 @@
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.902398";
-SCRIPT_DESC = "LibreOffice Version Detection (Windows)";
+## Variable Initialization
+officeName = "";
+officePath = "";
+officeVer = "";
 
-if(!get_kb_item("SMB/WindowsVersion")){
-  exit(0);
+if(!registry_key_exists(key:"SOFTWARE\LibreOffice"))
+{
+  if(!registry_key_exists(key:"SOFTWARE\Wow6432Node\LibreOffice")){
+    exit(0);
+  }
 }
 
-if(!registry_key_exists(key:"SOFTWARE\LibreOffice")){
-  exit(0);
+## Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
 }
 
-key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+}
 
-if(!registry_key_exists(key:key)) {
-    exit(0);
+## Presently 64bit application is not available
+## Check for 32 bit App on 64 bit platform
+else if("x64" >< os_arch){
+  key =  "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\";
 }
 
+if(!registry_key_exists(key:key)){
+  exit(0);
+}
+
 foreach item (registry_enum_keys(key:key))
 {
   officeName = registry_get_sz(key:key + item, item:"DisplayName");
@@ -90,16 +117,21 @@
     officeVer = registry_get_sz(key:key + item, item:"DisplayVersion");
     if (officeVer != NULL)
     {
+      officePath = registry_get_sz(key:key + item, item:"InstallLocation");
+      if(!officePath){
+        officePath = "Could not able to get the install location";
+      }
+
       ## Set the KB item
       set_kb_item(name:"LibreOffice/Win/Ver", value:officeVer);
-      security_note(data:"LibreOffice version " + officeVer +
-                         " was detected on the host");
-      
+
       ## build cpe and store it as host_detail
       cpe = build_cpe(value:officeVer, exp:"^([0-9.]+)", base:"cpe:/a:libreoffice:libreoffice:");
-      if(!isnull(cpe))
-         register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+      if(isnull(cpe))
+        cpe = "cpe:/a:libreoffice:libreoffice";
 
+      log_message(data: build_detection_report(app: officeName, version: officeVer,
+                                               install: officePath, cpe:cpe, concluded:officeVer));
     }
   }
 }


Property changes on: scripts/secpod_libre_office_detect_win.nasl
___________________________________________________________________
Modified: svn:keywords
   - Id Revision Date
   + Author Revision Date Id

Modified: scripts/secpod_openoffice_detect_win.nasl
===================================================================
--- scripts/secpod_openoffice_detect_win.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/secpod_openoffice_detect_win.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -25,35 +25,41 @@
 ###############################################################################
 
 include("revisions-lib.inc");
-tag_summary = "The script detects the version of OpenOffice and sets the
-  result in KB.";
 
-
 if(description)
 {
-  script_id(900072);
+  script_oid("1.3.6.1.4.1.25623.1.0.900072");
+  script_version("$Revision$");
+  script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
- script_version("$Revision$");
+  script_tag(name:"risk_factor", value:"None");
   script_tag(name:"last_modification", value:"$Date$");
-  script_tag(name:"creation_date", value:"2009-01-29 15:16:47 +0100 (Thu, 29 Jan 2009)");
-  script_tag(name:"cvss_base", value:"0.0");
-  script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"creation_date", value:"2011-04-11 14:40:00 +0200 (Mon, 11 Apr 2011)");
+  script_tag(name:"detection", value:"registry version check");
   script_name("OpenOffice Version Detection (Win)");
+
+ tag_summary =
+"Detection of installed version of OpenOffice on Windows.
+
+The script logs in via smb, searches for OpenOffice in the registry,
+gets the from registry.";
+
   desc = "
-
   Summary:
   " + tag_summary;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
+    script_tag(name : "summary" , value : tag_summary);
+  }
+
   script_description(desc);
-  script_summary("Set the KB for the version of OpenOffice");
+  script_summary("Detection of installed version of OpenOffice");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("General");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_require_keys("SMB/WindowsVersion");
+  script_family("Product detection");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
   script_require_ports(139, 445);
-  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
-    script_tag(name : "summary" , value : tag_summary);
-  }
   exit(0);
 }
 
@@ -64,37 +70,85 @@
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900072";
-SCRIPT_DESC = "OpenOffice Version Detection (Win)";
+## Function to Register Product and Build report
+function build_report(app, ver, cpe, insloc)
+{
+  register_product(cpe:cpe, location:insloc);
+  log_message(data: build_detection_report(app: app,
+                                           version: ver,
+                                           install: insloc,
+                                           cpe: cpe,
+                                           concluded: ver));
+}
 
-if(!get_kb_item("SMB/WindowsVersion")){
-  exit(0);
+osArch = "";
+key_list = "";
+gsName = "";
+gsVer = "";
+path = "";
+
+osArch = get_kb_item("SMB/Windows/Arch");
+if(!osArch)
+{
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
 }
 
-if(!registry_key_exists(key:"SOFTWARE\OpenOffice.org")){
+#Check if Adobe Application is installed
+if(!registry_key_exists(key:"SOFTWARE\OpenOffice.org") &&
+   !registry_key_exists(key:"SOFTWARE\Wow6432Node\OpenOffice.org")){
   exit(0);
 }
 
-key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
-keys = registry_enum_keys(key);
+## if os is 32 bit iterate over comman path
+if("x86" >< osArch){
+  key_list = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+}
 
-foreach item (keys)
+## Check for 64 bit platform
+else if("x64" >< osArch){
+ key_list = make_list("SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\",
+                      "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\");
+}
+
+foreach key (key_list)
 {
-  if("OpenOffice.org" >< registry_get_sz(key:key + item, item:"DisplayName"))
+  foreach item (registry_enum_keys(key:key))
   {
-    openVer = registry_get_sz(key:key + item, item:"DisplayVersion");
-    if(openVer){
-      set_kb_item(name:"OpenOffice/Win/Ver", value:openVer);
-      security_note(data:"OpenOffice version " + openVer +
-                         " was detected on the host");
-   
-      ## build cpe and store it as host_detail
-      cpe = build_cpe(value:openVer, exp:"^([0-9.]+)", base:"cpe:/a:openoffice:openoffice.org:");
-      if(!isnull(cpe))
-         register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+    gsName = registry_get_sz(key:key + item, item:"DisplayName");
+    if("OpenOffice.org" >< gsName)
+    {
+      gsVer = registry_get_sz(key:key + item, item:"DisplayVersion");
+      if(gsVer)
+      {
+        path = registry_get_sz(key:key + item , item:"InstallLocation");
+        if(!path){
+          path = "Could not find the install location from registry";
+        }
 
+        set_kb_item(name:"OpenOffice/Win/Ver", value:gsVer);
+
+        ## Build CPE
+        cpe = build_cpe(value:gsVer, exp:"^([0-9.]+)", base:"cpe:/a:openoffice:openoffice.org:");
+        if(isnull(cpe))
+          cpe = 'cpe:/a:openoffice:openoffice.org';
+
+        ## Register Product and Build Report
+        build_report(app: "OpenOffice", ver:gsVer, cpe:cpe, insloc:path);
+
+        if("x64" >< osArch && "Wow6432Node" >!< key)
+        {
+          set_kb_item(name:"OpenOffice64/Win/Ver", value:gsVer);
+
+          ## Build CPE
+          cpe = build_cpe(value:gsVer, exp:"^([0-9.]+)", base:"cpe:/a:openoffice:openoffice.org:x64:");
+          if(isnull(cpe))
+            cpe = 'cpe:/a:openoffice:openoffice.org:x64';
+
+          ## Register Product and Build Report
+          build_report(app: "OpenOffice", ver:gsVer, cpe:cpe, insloc:path);
+        }
+      }
     }
-    exit(0);
   }
 }


Property changes on: scripts/secpod_openoffice_detect_win.nasl
___________________________________________________________________
Modified: svn:keywords
   - Id Revision Date
   + Author Revision Date Id

Modified: scripts/secpod_pidgin_detect_win.nasl
===================================================================
--- scripts/secpod_pidgin_detect_win.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/secpod_pidgin_detect_win.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -10,8 +10,11 @@
 # Update By:  Shakeel <bshakeel at secpod.com> on 2014-02-21
 # According to cr57 and new style script_tags.
 #
+# Updated By: Shakeel <bshakeel at secpod.com> on 2014-07-08
+# To support 32 and 64 bit.
+#
 # Copyright:
-# Copyright (c) 2009 SecPod, http://www.secpod.com
+# Copyright (C) 2009 SecPod, http://www.secpod.com
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2
@@ -29,11 +32,9 @@
 
 include("revisions-lib.inc");
 
-SCRIPT_OID = "1.3.6.1.4.1.25623.1.0.900662";
-
 if(description)
 {
-  script_oid(SCRIPT_OID);
+  script_oid("1.3.6.1.4.1.25623.1.0.900662");
   script_version("$Revision$");
   script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
@@ -62,8 +63,8 @@
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
   script_family("Product detection");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_mandatory_keys("SMB/WindowsVersion");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
   script_require_ports(139, 445);
   exit(0);
 }
@@ -75,51 +76,76 @@
 include("host_details.inc");
 
 ## Variable Initialization
+os_arch = "";
+key_list = "";
 key="";
 pidginName="";
 pidginPath="";
 pidginVer="";
 
+## Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
+}
 
-if(!get_kb_item("SMB/WindowsVersion")){
-  exit(0);
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key_list = make_list("SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin\");
 }
 
-key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin\";
-if(!registry_key_exists(key:key)){
+## Check for 64 bit platform, Currently only 32-bit application is available
+else if("x64" >< os_arch){
+  key_list =  make_list("SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin\");
+}
+
+if(isnull(key_list)){
   exit(0);
 }
 
-pidginName = registry_get_sz(key:key, item:"DisplayName");
-
-## Confirm for Pidgin
-if("Pidgin" >< pidginName)
+## Confirm Application
+if(!registry_key_exists(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin\"))
 {
-  ##Get Pidgin install Path
-  pidginPath = registry_get_sz(key:key,item:"UninstallString");
-  if(!pidginPath){
-    pidginPath = "Could not find the install location from registry";
-  } else {
-    pidginPath = pidginPath - "pidgin-uninst.exe" ;
+  if(!registry_key_exists(key:"SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pidgin\"))
+  {
+    exit(0);
   }
+}
 
-  ## Get Pidgin Version
-  pidginVer = registry_get_sz(key:key, item:"DisplayVersion");
-  if(pidginVer)
+foreach key (key_list)
+{
+  pidginName = registry_get_sz(key:key, item:"DisplayName");
+
+  ## Confirm for Pidgin
+  if("Pidgin" >< pidginName)
   {
-    set_kb_item(name:"Pidgin/Win/Ver", value:pidginVer);
+    ##Get Pidgin install Path
+    pidginPath = registry_get_sz(key:key,item:"UninstallString");
+    if(!pidginPath){
+      pidginPath = "Could not find the install location from registry";
+    } else {
+      pidginPath = pidginPath - "pidgin-uninst.exe" ;
+    }
 
-    ##build cpe and register
-    cpe = build_cpe(value:pidginVer, exp:"^([0-9.]+)", base:"cpe:/a:pidgin:pidgin:");
-    if(isnull(cpe))
-      cpe = "cpe:/a:pidgin:pidgin";
+    ## Get Pidgin Version
+    pidginVer = registry_get_sz(key:key, item:"DisplayVersion");
+    if(pidginVer)
+    {
+      set_kb_item(name:"Pidgin/Win/Ver", value:pidginVer);
 
-    register_product(cpe: cpe, location: pidginPath, nvt: SCRIPT_OID);
+      ##build cpe and register
+      cpe = build_cpe(value:pidginVer, exp:"^([0-9.]+)", base:"cpe:/a:pidgin:pidgin:");
+      if(isnull(cpe))
+        cpe = "cpe:/a:pidgin:pidgin";
 
-    log_message(data: build_detection_report(app: "Pidgin",
-                                          version: pidginVer,
-                                          install: pidginPath,
-                                          cpe: cpe,
-                                          concluded: pidginVer));
+      register_product(cpe: cpe, location: pidginPath, nvt: SCRIPT_OID);
+
+      log_message(data: build_detection_report(app: "Pidgin",
+                                            version: pidginVer,
+                                            install: pidginPath,
+                                            cpe: cpe,
+                                            concluded: pidginVer));
+    }
   }
 }

Modified: scripts/secpod_powerzip_detect.nasl
===================================================================
--- scripts/secpod_powerzip_detect.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/secpod_powerzip_detect.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -7,8 +7,11 @@
 # Authors:
 # Sujit Ghosal <sghosal at secpod.com>
 #
+# Updated By: Shakeel <bshakeel at secpod.com> on 2014-07-08
+# According to CR57 and to support 32 and 64 bit.
+#
 # Copyright:
-# Copyright (c) 2009 SecPod, http://www.secpod.com
+# Copyright (C) 2009 SecPod, http://www.secpod.com
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2
@@ -25,100 +28,140 @@
 ###############################################################################
 
 include("revisions-lib.inc");
-tag_summary = "This script finds the installed version of PowerZip and
-  saves the version in KB.";
 
 if(description)
 {
-  script_id(900490);
+  script_oid("1.3.6.1.4.1.25623.1.0.900490");
+  script_version("$Revision$");
+  script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
- script_version("$Revision$");
+  script_tag(name:"risk_factor", value:"None");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-03-31 07:06:59 +0200 (Tue, 31 Mar 2009)");
-  script_tag(name:"cvss_base", value:"0.0");
-  script_tag(name:"risk_factor", value:"None");
+  script_tag(name:"detection", value:"registry version check");
   script_name("PowerZip Version Detection");
+
+  tag_summary =
+"This script finds the installed version of PowerZip and saves the version
+in KB.
+
+The script logs in via smb, searches for PowerZip in the registry and gets the
+path and version from registry.";
+
   desc = "
   Summary:
   " + tag_summary;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
+    script_tag(name : "summary" , value : tag_summary);
+  }
+
   script_description(desc);
   script_summary("Set Version of PowerZip in KB");
   script_category(ACT_GATHER_INFO);
   script_copyright("Copyright (C) 2009 SecPod");
-  script_family("General");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_require_keys("SMB/WindowsVersion");
+  script_family("Product detection");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
   script_require_ports(139, 445);
-  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0) {
-    script_tag(name : "summary" , value : tag_summary);
-  }
   exit(0);
 }
 
+
 include("smb_nt.inc");
 include("secpod_smb_func.inc");
 include("cpe.inc");
 include("host_details.inc");
 
-## Constant values
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900490";
-SCRIPT_DESC = "PowerZip Version Detection";
 
-## functions for script
-function register_cpe(tmpVers, tmpExpr, tmpBase){
+## Function to Register Product and Build report
+function build_report(app, ver, cpe, insloc)
+{
+  register_product(cpe:cpe, location:insloc);
+  log_message(data: build_detection_report(app: app,
+                                           version: ver,
+                                           install: insloc,
+                                           cpe: cpe,
+                                           concluded: ver));
+}
 
-   local_var cpe;
-   ## build cpe and store it as host_detail
-   cpe = build_cpe(value:tmpVers, exp:tmpExpr, base:tmpBase);
-   if(!isnull(cpe))
-      register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID, desc:SCRIPT_DESC);
+
+## Variable Initialization
+os_arch = "";
+key_list = "";
+key="";
+zipName="";
+zipPath="";
+zipVer="";
+
+## Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
 }
 
-## start script
-if(!get_kb_item("SMB/WindowsVersion")){
-  exit(0);
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key_list = make_list("SOFTWARE\Trident Software\PowerZip\");
 }
 
-key = "SOFTWARE\Trident Software\PowerZip\";
-if(!registry_key_exists(key:key)){
+## Check for 64 bit platform, Currently only 32-bit application is available
+else if("x64" >< os_arch){
+  key_list =  make_list("SOFTWARE\Wow6432Node\Trident Software\PowerZip\");
+}
+
+if(isnull(key_list)){
   exit(0);
 }
 
-# Method 1
-zipName = registry_get_sz(key:key, item:"Name");
-if("PowerZip" >< zipName)
-{
-  zipVer = registry_get_sz(key:key, item:"Version");
-  if(zipVer != NULL)
-  {
-    set_kb_item(name:"PowerZip/Ver", value:zipVer);
-    security_note(data:"PowerZip version " + zipVer +
-                       " was detected on the host");
-
-    ## build cpe and store it as host_detail
-    register_cpe(tmpVers:zipVer, tmpExpr:"^([0-9.]+)", tmpBase:"cpe:/a:powerzip:powerzip:");
-
+## Confirm Application
+if(!registry_key_exists(key:"SOFTWARE\Trident Software\PowerZip\")){
+  if(!registry_key_exists(key:"SOFTWARE\Wow6432Node\Trident Software\PowerZip\")){
     exit(0);
   }
 }
 
-# Method 2
-key2 = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
-foreach item (registry_enum_keys(key:key2))
+foreach key (key_list)
 {
-  zipName = registry_get_sz(key:key2 + item, item:"DisplayName");
+  zipName = registry_get_sz(key:key, item:"Name");
   if("PowerZip" >< zipName)
   {
-    zipVer = registry_get_sz(key:key2 + item, item:"DisplayVersion");
-    if(zipVer != NULL){
+    zipVer = registry_get_sz(key:key, item:"Version");
+    zipPath = registry_get_sz(key:key, item:"Path");
+    if(!zipPath){
+      zipPath = "Could not determine Install Location";
+    }
+    if(!zipVer)
+    {
+      if("Wow6432Node" >< key){
+        unKey = "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\";
+      } else {
+        unKey = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+      }
+
+      foreach item (registry_enum_keys(key:unKey))
+      {
+        zipName = registry_get_sz(key:unKey + item, item:"DisplayName");
+        if("PowerZip" >< zipName)
+        {
+          zipVer = registry_get_sz(key:unKey + item, item:"DisplayVersion");
+          zipPath = registry_get_sz(key:unKey + item, item:"InstallLocation");
+        }
+      }
+    }
+    if(zipVer != NULL)
+    {
       set_kb_item(name:"PowerZip/Ver", value:zipVer);
-      security_note(data:"PowerZip version " + zipVer +
-                         " was detected on the host");
 
       ## build cpe and store it as host_detail
-      register_cpe(tmpVers:zipVer, tmpExpr:"^([0-9.]+)", tmpBase:"cpe:/a:powerzip:powerzip:");
+      cpe = build_cpe(value:zipVer, exp:"^([0-9.]+)", base:"cpe:/a:powerzip:powerzip:");
+      if(isnull(cpe))
+        cpe = "cpe:/a:powerzip:powerzip";
 
+      ## Register Product and Build Report
+      build_report(app: "Powerzip", ver:zipVer , cpe:cpe, insloc:zipPath);
+
     }
-    exit(0);
   }
 }


Property changes on: scripts/secpod_powerzip_detect.nasl
___________________________________________________________________
Modified: svn:keywords
   - Id Revision Date
   + Author Revision Date Id

Modified: scripts/secpod_putty_version.nasl
===================================================================
--- scripts/secpod_putty_version.nasl	2014-07-11 05:18:59 UTC (rev 557)
+++ scripts/secpod_putty_version.nasl	2014-07-11 09:49:31 UTC (rev 558)
@@ -10,6 +10,9 @@
 # Copyright:
 # Copyright (c) 2009 SecPod, http://www.secpod.com
 #
+# Updated By: Thanga Prakash S <tprakash at secpod.com> on 2014-07-08
+# Updated to support 32 and 64 bit
+#
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2
 # (or any later version), as published by the Free Software Foundation.
@@ -26,11 +29,9 @@
 
 include("revisions-lib.inc");
 
-SCRIPT_OID  = "1.3.6.1.4.1.25623.1.0.900618";
-
 if(description)
 {
-  script_oid(SCRIPT_OID);
+  script_oid("1.3.6.1.4.1.25623.1.0.900618");
   script_version("$Revision$");
   script_tag(name:"cvss_base", value:"0.0");
   script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
@@ -59,8 +60,8 @@
   script_category(ACT_GATHER_INFO);
   script_family("Product detection");
   script_copyright("Copyright (C) 2009 SecPod.");
-  script_dependencies("secpod_reg_enum.nasl");
-  script_mandatory_keys("SMB/WindowsVersion");
+  script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
+  script_mandatory_keys("SMB/WindowsVersion", "SMB/Windows/Arch");
   script_require_ports(139, 445);
   exit(0);
 }
@@ -72,36 +73,58 @@
 include("cpe.inc");
 include("host_details.inc");
 
-path = "";
+## Variable Initialization
+appName = "";
 insloc = "";
-version = "";
+appVer = "";
 
+## Get OS Architecture
+os_arch = get_kb_item("SMB/Windows/Arch");
+if(!os_arch){
+  error_message(data:"Failed to get the OS architecture");
+  exit(-1);
+}
 
-path = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PuTTY_is1",item:"DisplayName");
-if(!path){
+## Check for 32 bit platform
+if("x86" >< os_arch){
+  key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PuTTY_is1";
+}
+
+## Presently 64bit application is not available
+## Check for 32 bit App on 64 bit platform
+else if("x64" >< os_arch){
+  key =  "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PuTTY_is1";
+}
+
+if(!registry_key_exists(key:key)){
   exit(0);
 }
 
-insloc = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PuTTY_is1",item:"InstallLocation");
+appName = registry_get_sz(key:key,item:"DisplayName");
+if(!appName){
+  exit(0);
+}
+
+insloc = registry_get_sz(key:key,item:"InstallLocation");
 if(!insloc){
   insloc = "Could not find the install location from registry";
 }
 
-version = eregmatch(pattern:"[0-9.]+", string:path);
-if(version[0])
+appVer = eregmatch(pattern:"[0-9.]+", string:appName);
+if(appVer[0])
 {
-  set_kb_item(name:"PuTTY/Version", value:version[0]);
+  set_kb_item(name:"PuTTY/Version", value:appVer[0]);
 
   ## build cpe and store it as host_detail
-  cpe = build_cpe(value:version[0], exp:"^([0-9.]+)", base:"cpe:/a:putty:putty:");
+  cpe = build_cpe(value:appVer[0], exp:"^([0-9.]+)", base:"cpe:/a:putty:putty:");
   if(isnull(cpe))
     cpe = "cpe:/a:putty:putty";
 
-  register_product(cpe:cpe, location:insloc, nvt:SCRIPT_OID);
+  register_product(cpe:cpe, location:insloc);
 
   log_message(data: build_detection_report(app: "PuTTY",
-                                           version: version[0],
+                                           version: appVer[0],
                                            install: insloc,
                                            cpe: cpe,
-                                           concluded: version[0]));
+                                           concluded: appVer[0]));
 }


Property changes on: scripts/secpod_putty_version.nasl
___________________________________________________________________
Modified: svn:keywords
   - Id Revision Date
   + Author Revision Date Id



More information about the Openvas-nvts-commits mailing list