Jack Polimer <packetjack@private> writes: > A relatively simple default password check. OK. Something like "check that root password is not root"? > Right, but is there some way to tie ssh into NASL so > that ssh is initiating the connection? There is no way to call an external program. I plan to implement this into "trusted scripts". However, SSH is a complex program and could be vulnerable to "reverse exploits". So this is dangerous. Maybe I should a couple of "jail" arguments to the pread() function, like "chroot", or "uid" and "gid". However, pread is not enough for your problem: we need to tie a process to a Nessus connection. >> Apart from implementing the SSH protocol in NASL, >> no. > Is that possible? Yes. The good question is; is this easy? http://www.ietf.org/html.charters/secsh-charter.html You'll probably need a couple of helper C functions, as implementing some cryptographic algorithm in NASL would be a pain in the back. I have much work currently. If you can wait until Easter, I may have more time to finish the implementation of "trusted scripts". (I also have to split find_service into small parts, so I do not garantee that I'll have time) _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2b30 : Wed Apr 07 2004 - 02:06:00 PDT