John T. Hoffoss wrote: > <plugin-writing-newb> > > Hi all, longtime uesr, first time [attempted] writer. I'll try to keep > it short. I'm looking for a way to enumerate password policy on > Windows hosts: > * lockout policy > * min password age > * max password age > * min password length > * password complexity (if possible; I don't think this one can be > gotten remotely w/o credentials) > * last login > * last password change > > All of this can be acquired with nbtenum, enum, superscan, among > others. I want a way to pull that info into a Nessus report though. > > After this, I want to try a quick password-guessing plugin that will > try the username, password, and a configurable guess or two. I'd > further want this to limit the guesses to one less than the lockout > setting (if available). This could possibly be used to trigger a Hydra > run as well, should lockout be set to zero. > > What I need: a starting point. I know there was a posting or two over > a year ago about the same topic, but it didn't appear that anything > came of it. Can anyone give me a clue as to what plugins to start > looking at? I know these two will be rather complicated starter > plugins, but I'm up for giving it a shot. > You can look at smb_users_lastpwchange.nasl, smb_net_usergetinfo.nasl and all related nasl functions/scripts for policy based plugins. smb_login.nasl/smb_nt.inc are the right place to look for the login functions/calls. Current nasl SMB api is a bit difficult to use. So if you don't want to spend too much time on writing such plugins maybe you could wait for the next version of the API wich should be easier to use. However I can't give you a release date because I have no idea when it will be finished (or started ;) . > </newb> > > Unrelated question: when Nessus runs NMap or Hydra, what version is > used? Is the version installed on the system used, or is it included > in Nessus somewhere? Nessus use the version installed on the system. Nasl scripts just run nmap and hydra command line. Regards, Nicolas _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Tue Jan 11 2005 - 09:29:26 PST