Re: Plugin: port_shell_execution.nasl

From: John Lampe (j_lampeat_private)
Date: Tue Nov 06 2001 - 01:03:55 PST

  • Next message: John Lampe: "Re: Plugin: port_shell_execution.nasl"

    just at quick glance, do you intend for the first line of executed code to
    be "if(get_port_state(port))"
    or, should the first line of executed code be "i=0"
    
    There is also a syntax error  "retrun(1);"
    
    
    John Lampe
    https://f00dikator.hn.org/
    
    
    "In Germany, they first came for the communists, and I didn't speak up
    because I wasn't a communist. Then they came for the
    Jews, and I didn't speak up because I wasn't a Jew. Then they came for
    the trade unionists, and I didn't speak up because I
    wasn't a trade unionist. Then they came for the Catholics and I didn't
    speak up because I wasn't a Catholic. Then they came for me - and by
    that time there was nobody left to speak up."
    
    --Martin Niemvller
    
    ----- Original Message -----
    From: "Noam Rathaus" <noamrat_private>
    To: "Nessus Plugin Mailing List" <plugins-writersat_private>
    Cc: "Renaud Deraison" <deraisonat_private>
    Sent: Tuesday, November 06, 2001 6:24 AM
    Subject: Plugin: port_shell_execution.nasl
    
    
    > Hi,
    >
    > This is a general plugin, it detects the usage of insecure redirection of
    input
    > provided via the internet to a shell script. Though the plugin seems to be
    in
    > right syntax, the plugin causes a crash?
    >
    > I would be grateful if you people can help or Renaud.
    >
    > Thanks
    > Noam Rathaus
    > http://www.SecurITeam.com
    > http://www.BeyondSecurity.com
    >
    >
    



    This archive was generated by hypermail 2b30 : Tue Nov 06 2001 - 05:59:54 PST