Re: [Plugins-writers] Dynamic Descriptions in Plugins

From: Renaud Deraison (deraison@private)
Date: Sun Dec 19 2004 - 04:53:07 PST

On Sat, Dec 18, 2004 at 05:02:59PM -0700, Erik Stephens wrote:
> Ideally, it would have both the general commentary plus the dynamic 
> version piece in the note's description.  What's the best way to do 
> that?  I'd like to do something like:
>     security_note(port:port, data:string(get_desc(), '\n\n', ver))

Ideally, I'd rather have an 'extra' field to security_XXX(). 

	security_note(port:port, extra:"The remote host is running " + ver);

which would produce the following report (in the example above) :


"The Patch level (Service Pack) of the remote IIS server appears to be
lower than the current IIS service pack level. As each service pack typically
contains many security patches, the server may be at risk.

Caveat: This test makes assumptions of the remote patch level based on static 
return values (Content-Length) within the IIS Servers 404 error message.
As such, the test can not be totally reliable and should be manually

Solution: Ensure that the server is running the latest stable Service Pack 
Risk factor : High

In addition, the scanner reported the following information :

	The remote host is running Microsoft IIS 5 - SP0 or SP1"


If I can find a very elegant way to implement this, we could even
factorize the calls to security_XXX(), so that :

	security_note(port:port, extra:"foo");
	security_note(port:port, extra:"bar");

Would actually produce only ONE entry for the port in question, with two
lines of "extra" output.


				-- Renaud
Plugins-writers mailing list

This archive was generated by hypermail 2.1.3 : Sun Dec 19 2004 - 04:55:01 PST