Re: [Plugins-writers] False negative for linksys_ap_default_password?

Previous message: Michael Scheidell: "[Plugins-writers] Need someone with an nt box to check something"
In reply to: Erik Stephens: "[Plugins-writers] False negative for linksys_ap_default_password?"
Next in thread: Erik Stephens: "Re: [Plugins-writers] False negative for linksys_ap_default_password?"
Reply: Erik Stephens: "Re: [Plugins-writers] False negative for linksys_ap_default_password?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

deraison@private

On Sat, Mar 06, 2004 at 03:07:49AM -0700, Erik Stephens wrote:
> Using this plugin against a linksys router with the default password
> set does not successfully identify the hole.  Attached is a patch that
> I *think* would handle it better.  Here is the raw output:
[...]
> --- linksys_ap_default_password.nasl	2004-02-18 02:07:07.000000000 -0700
> +++ linksys_ap_default_password.nasl.new	2004-03-06 02:54:32.000000000 -0700
> @@ -53,4 +53,4 @@
>  res = http_keepalive_send_recv(port:port, data:req);
>  if (res == NULL ) exit(0);
> -if("HTTP/1.1 200 OK" >< res && "WANConnectionSel" >< res && "linksys" >< res)security_hole(port);
> +if ("401 Unauthorized" >!< res) security_hole(port);

This would false positive on any web server not password protected, but
I've commited a fix along those lines, thanks.
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers