From goran.licina at lss.hr Tue Sep 8 13:47:26 2009 From: goran.licina at lss.hr (=?iso-8859-2?Q?Goran_Li=E8ina?=) Date: Tue, 8 Sep 2009 13:47:26 +0200 Subject: [Openvas-plugins] Work on missing deps References: <8A02A3DF683DEE42BE73187F4CA4444C0EE345@vlasta.lss-net.lss.hr> Message-ID: <8A02A3DF683DEE42BE73187F4CA4444C0EE764@vlasta.lss-net.lss.hr> Hello, following plugins are finished (in attachment): webapp_detect.nasl smb_nativelanman.nasl Please review them and send us your comments. Best regards, Goran Licina -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb > -----Original Message----- > From: openvas-plugins-bounces at wald.intevation.org [mailto:openvas- > plugins-bounces at wald.intevation.org] On Behalf Of Goran Li?ina > Sent: Sunday, August 02, 2009 3:26 PM > To: openvas-plugins at wald.intevation.org > Subject: [Openvas-plugins] Work on missing deps > > Hi! > > Just for info, we are working on following plugins: > > ms_telnet_overflow.nasl > xoops_detect.nasl > photopost_detect.nasl > > These are resolving unmet dependencies for: > > xoops_myheader_url_xss.nasl > xoops_viewtopic_xss.nasl > photopost_sql_injection.nasl > > Please inform us if someone is already working on these, > or functionalities these plugins provide are already > done in some other plugin we didn't notice. > > Thanks. > > Goran Licina > -- > Laboratory for Systems and Signals > Department of Electronic Systems and Information Processing > Faculty of Electrical Engineering and Computing > University of Zagreb > _______________________________________________ > Openvas-plugins mailing list > Openvas-plugins at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins -------------- next part -------------- A non-text attachment was scrubbed... Name: webapp_detect.nasl Type: application/octet-stream Size: 2853 bytes Desc: webapp_detect.nasl Url : http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090908/28a70e72/webapp_detect.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: smb_nativelanman.nasl Type: application/octet-stream Size: 3001 bytes Desc: smb_nativelanman.nasl Url : http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090908/28a70e72/smb_nativelanman.obj From goran.licina at lss.hr Tue Sep 8 13:38:36 2009 From: goran.licina at lss.hr (=?iso-8859-2?Q?Goran_Li=E8ina?=) Date: Tue, 8 Sep 2009 13:38:36 +0200 Subject: [Openvas-plugins] macosx_version.nasl References: <8A02A3DF683DEE42BE73187F4CA4444C0EE31D@vlasta.lss-net.lss.hr><4A735AE3.80106@securityspace.com> <8A02A3DF683DEE42BE73187F4CA4444C0EE343@vlasta.lss-net.lss.hr> <8A02A3DF683DEE42BE73187F4CA4444C0EE39E@vlasta.lss-net.lss.hr> <4A7CA56F.6030809@securityspace.com> Message-ID: <8A02A3DF683DEE42BE73187F4CA4444C0EE75F@vlasta.lss-net.lss.hr> Hi! It seems to me I forgot to provide patch for this change. Patch is in attachment, so as macosx_version plugin. Can someone please review these and commit if everything seems ok? Regards Goran Licina -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb > -----Original Message----- > From: Thomas Reinke [mailto:lists at securityspace.com] > Sent: Saturday, August 08, 2009 12:07 AM > To: Goran Li?ina > Cc: openvas-plugins at wald.intevation.org > Subject: Re: [Openvas-plugins] macosx_version.nasl > > Sorry for the non-responsiveness. I've taken a look at some > old macosx tests we have access to and how the updates are > applicable to different release numbers. What you have > here is fine. > > Thomas > > Goran Li?ina wrote: > >> Thanks for you suggestions. > >> > >> We think we should support version format 10.X.Y for our plugins (at > >> least > >> macosx_version.nasl plugin uses this format) where X is major > release > >> and > >> Y are minor releases. Here is our solution: > >> > >> if ("Darwin" >< uname) > >> { > >> rls = ssh_cmd(socket:sock, cmd:"cat -v -t /System/Library/ > >> CoreServices/SystemVersion.plist | egrep '10' | tail -n 1 | sed > >> s/'\^I'// | sed s/'<\/string>'//"); > >> if (eregmatch(string:rls, pattern:"10\.[0-9]+\.[0-9]+", > icase:1) > >> == TRUE) { > >> rls = "Mac OS X "+rls; > >> set_kb_item(name: "ssh/login/release", value:rls); > >> security_note(data:string("We are able to login and detect > that > >> you are running ", rls)); > >> } > >> exit(0); > >> } > >> > >> Any comments? > >> > >> Regards, > >> > >> Goran > > > > Hi! > > > > We didn't get any feedback on this subject. Is there anything more we > should correct > > or is this solution fine? > > > > Best regards, > > > > Goran Licina > > -- > > Laboratory for Systems and Signals > > Department of Electronic Systems and Information Processing > > Faculty of Electrical Engineering and Computing > > University of Zagreb > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: gather-package-list-macosx.patch Type: application/octet-stream Size: 982 bytes Desc: gather-package-list-macosx.patch Url : http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090908/1d5f2936/gather-package-list-macosx-0001.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: macosx_version.nasl Type: application/octet-stream Size: 38183 bytes Desc: macosx_version.nasl Url : http://lists.wald.intevation.org/pipermail/openvas-plugins/attachments/20090908/1d5f2936/macosx_version-0001.obj From felix.wolfsteller at intevation.de Fri Sep 11 09:38:35 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 11 Sep 2009 09:38:35 +0200 Subject: [Openvas-plugins] Work on missing deps In-Reply-To: <8A02A3DF683DEE42BE73187F4CA4444C0EE764@vlasta.lss-net.lss.hr> References: <8A02A3DF683DEE42BE73187F4CA4444C0EE345@vlasta.lss-net.lss.hr> <8A02A3DF683DEE42BE73187F4CA4444C0EE764@vlasta.lss-net.lss.hr> Message-ID: <200909110938.35228.felix.wolfsteller@intevation.de> Hi, just one general comment; should be discussed. I'd prefer to have $Revision$ as version number and set the corresponding svn:keyword property of the file. The effect is that the version will equal the revision number of the last change. The developers do not have to maintain that once its done. I'd actually prefer to have this in ALL NVTs. I could imagine a manual version numbering only in cases where the developer still feels a need to work on a it, but wants to publish the current state (then with a version number <1.0). Other than that (indication of "in-progress") I do not see any advantage of more semantic version numbers like 1.2, 2.0.2 etc for NVTs. -- felix On Tuesday 08 September 2009 13:47:26 Goran Li?ina wrote: > Hello, > > following plugins are finished (in attachment): > > webapp_detect.nasl > smb_nativelanman.nasl > > Please review them and send us your comments. > > Best regards, > > Goran Licina > -- > Laboratory for Systems and Signals > Department of Electronic Systems and Information Processing > Faculty of Electrical Engineering and Computing > University of Zagreb > > > -----Original Message----- > > From: openvas-plugins-bounces at wald.intevation.org [mailto:openvas- > > plugins-bounces at wald.intevation.org] On Behalf Of Goran Li?ina > > Sent: Sunday, August 02, 2009 3:26 PM > > To: openvas-plugins at wald.intevation.org > > Subject: [Openvas-plugins] Work on missing deps > > > > Hi! > > > > Just for info, we are working on following plugins: > > > > ms_telnet_overflow.nasl > > xoops_detect.nasl > > photopost_detect.nasl > > > > These are resolving unmet dependencies for: > > > > xoops_myheader_url_xss.nasl > > xoops_viewtopic_xss.nasl > > photopost_sql_injection.nasl > > > > Please inform us if someone is already working on these, > > or functionalities these plugins provide are already > > done in some other plugin we didn't notice. > > > > Thanks. > > > > Goran Licina > > -- > > Laboratory for Systems and Signals > > Department of Electronic Systems and Information Processing > > Faculty of Electrical Engineering and Computing > > University of Zagreb > > _______________________________________________ > > Openvas-plugins mailing list > > Openvas-plugins at wald.intevation.org > > http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Fri Sep 18 16:03:44 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Fri, 18 Sep 2009 19:33:44 +0530 Subject: [Openvas-plugins] Work on missing deps In-Reply-To: <8A02A3DF683DEE42BE73187F4CA4444C0EE764@vlasta.lss-net.lss.hr> References: <8A02A3DF683DEE42BE73187F4CA4444C0EE345@vlasta.lss-net.lss.hr> <8A02A3DF683DEE42BE73187F4CA4444C0EE764@vlasta.lss-net.lss.hr> Message-ID: <78CDD4EAB5134BFAB0E706C14BCC4AA1@bchandra> Hi Goran! Sorry, couldn't get to this. Both look good, am committing now. smb_nativelanman.nasl: If NTLMv2 is enforced, this may not work but for now, it is limited by lack of support in smb_nt.inc for v2 support, this could be enhanced later when we support NTLMv2. Thanks, Chandra. -----Original Message----- From: openvas-plugins-bounces at wald.intevation.org [mailto:openvas-plugins-bounces at wald.intevation.org] On Behalf Of Goran Licina Sent: Tuesday, September 08, 2009 5:17 PM To: openvas-plugins at wald.intevation.org Subject: Re: [Openvas-plugins] Work on missing deps Hello, following plugins are finished (in attachment): webapp_detect.nasl smb_nativelanman.nasl Please review them and send us your comments. Best regards, Goran Licina -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb > -----Original Message----- > From: openvas-plugins-bounces at wald.intevation.org [mailto:openvas- > plugins-bounces at wald.intevation.org] On Behalf Of Goran Li?ina > Sent: Sunday, August 02, 2009 3:26 PM > To: openvas-plugins at wald.intevation.org > Subject: [Openvas-plugins] Work on missing deps > > Hi! > > Just for info, we are working on following plugins: > > ms_telnet_overflow.nasl > xoops_detect.nasl > photopost_detect.nasl > > These are resolving unmet dependencies for: > > xoops_myheader_url_xss.nasl > xoops_viewtopic_xss.nasl > photopost_sql_injection.nasl > > Please inform us if someone is already working on these, > or functionalities these plugins provide are already > done in some other plugin we didn't notice. > > Thanks. > > Goran Licina > -- > Laboratory for Systems and Signals > Department of Electronic Systems and Information Processing > Faculty of Electrical Engineering and Computing > University of Zagreb > _______________________________________________ > Openvas-plugins mailing list > Openvas-plugins at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins From felix.wolfsteller at intevation.de Tue Sep 29 09:33:31 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Tue, 29 Sep 2009 09:33:31 +0200 Subject: [Openvas-plugins] Version numbering strategy for NVTs Message-ID: <200909290933.32038.felix.wolfsteller@intevation.de> Hi all I propose that we antiquate manual version numbering for NVTs that are in the repository. Imho the solution is simple: instead of a 'script_version ("1.2.0-patch2");' one can use 'script_version ("$Revision");' Then, by calling 'svn propset svn:keywords "Revision" ' one can ensure that the string $Revision will always be replaced with the revision number of the last commit that affected the file in question. No maintenance effort after that. Opinions? -- Felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From christian.edjenguele at owasp.org Tue Sep 29 09:50:43 2009 From: christian.edjenguele at owasp.org (Christian Eric Edjenguele) Date: Tue, 29 Sep 2009 09:50:43 +0200 Subject: [Openvas-plugins] Version numbering strategy for NVTs In-Reply-To: <200909290933.32038.felix.wolfsteller@intevation.de> References: <200909290933.32038.felix.wolfsteller@intevation.de> Message-ID: <4AC1BC53.4060401@owasp.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Felix Wolfsteller wrote: > Hi all > > I propose that we antiquate manual version numbering for NVTs that are in the > repository. > > Imho the solution is simple: > > instead of a > 'script_version ("1.2.0-patch2");' > one can use > 'script_version ("$Revision");' > > Then, by calling > 'svn propset svn:keywords "Revision" ' > one can ensure that the string $Revision will always be replaced with the > revision number of the last commit that affected the file in question. > No maintenance effort after that. > > Opinions? Yes, this is a good idea, or maybe: 'script_version ("1.2.0-$Revision");' > > -- Felix > - -- Christian Eric Edjenguele IT Security Engineer PGP KeyID: 0xB1654498 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJKwbxOAAoJENETScWxZUSY9mcH/1ilwCfpy7T8DAcYJak87thB i/YFCAQVxjGWDYURTtXw1KfM1Z5Ty3Nsq/GnrIS9lGxnTGJunTEr1hwympUeva2V ufrS4ErlsC0hC+GFzlHx7xN4ohJftIn9bz83g7fDzf7zkWVnJnvOtPM4VzD457+a NOM9w/I/nhoUwHX+xJtGSu9NCamNqrL3aUlFFQ5whRNzZfZu4Zmf8DkHW2es0K3Y LoADoOcwl5F00ou70QdvQxA6kYlZt3HbTBYEfY0lC3JRjJSmQulqxA4GpQSnTVcS GThJt/tjfo8jSG7H3f4TwfbbQME5N5jLr9b2L7UMXvzKj54oE/U4SAI5E+LnEx4= =8pgM -----END PGP SIGNATURE----- From michael.meyer at intevation.de Wed Sep 30 15:44:37 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 30 Sep 2009 15:44:37 +0200 Subject: [Openvas-plugins] Version numbering strategy for NVTs In-Reply-To: <200909290933.32038.felix.wolfsteller@intevation.de> References: <200909290933.32038.felix.wolfsteller@intevation.de> Message-ID: <20090930134437.GA13031@komma-nix.de> Hi, *** Felix Wolfsteller wrote: > I propose that we antiquate manual version numbering for NVTs that are in the > repository. > > Imho the solution is simple: > > instead of a > 'script_version ("1.2.0-patch2");' > one can use > 'script_version ("$Revision");' It has to be 'script_version ("$Revision$");' > Then, by calling > 'svn propset svn:keywords "Revision" ' To automate this: ,---[ ~/.subversion/config ] | [miscellany] | enable-auto-props = yes | | [auto-props] | *.nasl = svn:keywords=Id Revision; `---| > Opinions? Very good idea! Micha -- Michael Meyer http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner