xxx.nasl does'nt work on international version of Windows (one more time)

From: Georges Dagousset (georges.dagoussetat_private)
Date: Wed Dec 05 2001 - 01:02:37 PST

  • Next message: Georges Dagousset: "xxx.nasl does'nt work on international version of Windows (one more time)"

    Hello all,
    I just download the last plugin alchemy_eye_http.nasl, and
    install Alchemy Eye.
    The plugin don't alert me, because there is 2 problems:
    1/ My SystemRoot is "C:\WINDOWS" and not "C:\WINNT"
    and the plugin test only WINNT/system32/ipconfig.exe
    2/ My Windows is a french one, so the output for ipconfig.exe is:
    Configuration IP de Windows 2000
    Ethernet carte Connexion au réseau local :
            Suffixe DNS spéc. à la connexion. :
            Adresse IP. . . . . . . . . . . . :
            Masque de sous-réseau . . . . . . :
            Passerelle par défaut . . . . . . :
    and the plugin parse the output and checks for "IP Configuration"
    My proposals:
    1/ always test the dirs WINDOWS and WINNT
    2/ always use a command giving the same result whatever the system language.
    The "cmd.exe" should be nice if nessus checks for the "Microsoft Corp."
    I suggest to choose ONE command (and the parse string) and to use it
    in all new plugins.
    Comments and suggestions are welcome!
    So for this plugin, my change are:
    pat = "IP Configuration"; #string returned by webserver if it's vulnerable
    pat = "Microsoft Corp."; #string returned by webserver if it's vulnerable
     url = string("/cgi-bin", dir[d],
     url = string("/cgi-bin", dir[d],
     url = string("/cgi-bin", dir[d],
    Georges Dagousset

    This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 01:08:02 PST