Here's an odd problem I'd like to post to the group. The script
below, which I wrote (as a novice) with the much needed and greatly
appreciated help of kind folks on this list, worked flawlessly for
about one month. Shortly thereafter, it ceased to function and this
message appeared in the nessusd.dump file:
[11292](/usr/lib/nessus/plugins/desktopprotector_guid.nasl)
get_array_elem: requesting character after end of string r (131 >= 92)
(There are really many of these generated per attempt at running this script.)
Can any of you offer some insight as to what might have caused this?
I can be certain that the script did not change at all, though the
version of nessus may have been. The current version is at 2.0.10.
I'm in the process of installing a 2.2.2a instance for testing, but I
hate leaving things open ended.
Oh, one other thing -- it works just fine, still, from the command
line nasl tool.
if(description)
{
script_id(50002);
script_version("$Revision: 0.1 $");
name ["english"] = "Real Secure Desktop Protector GUID";
script_name(english:name["english"]);
desc["english"] = "
The purpose of this script is to determine the GUID for the
currently installed Real Secure Desktop Protector.";
script_description(english:desc["english"]);
summary["english"] = "Returns the current GUID of Desktop Protector on the remo
te host.";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"(11/09/04)");
family["english"] = "Windows";
script_family(english:family["english"]);
script_dependencies("smb_login.nasl", "smb_registry_full_access.nasl");
}
include("smb_nt.inc");
x_name = kb_smb_name();
#if(!x_name)exit(0);
_smb_port = kb_smb_transport();
if(!_smb_port)exit(0);
if(!get_port_state(_smb_port)) exit(0);
login = kb_smb_login();
pass = kb_smb_password();
domain = kb_smb_domain();
if(!login) {
login = "valid login name";
pass = "correct password";
domain = "domain";
}
soc = open_sock_tcp(_smb_port);
if(!soc) exit(0);
r = smb_session_request(soc:soc, remote:x_name);
if(!r) { close(soc); exit(0); }
prot = smb_neg_prot(soc:soc);
if(!prot){ close(soc); exit(0); }
# Log into the remote SMB server
smb_session_setup(soc:soc, login:login, password:pass, domain:domain, prot:prot)
;
if(!r){ close(soc); exit(0); }
uid = session_extract_uid(reply:r);
# Connect to IPC$
r = smb_tconx(soc:soc, name:x_name, uid:uid, share:"IPC$");
tid = tconx_extract_tid(reply:r);
if(!tid){ close(soc); exit(0); }
r = smbntcreatex(soc:soc, uid:uid, tid:tid);
if(!r){ close(soc); exit(0);}
pipe = smbntcreatex_extract_pipe(reply:r);
# Connect to IPC$\winreg
r = pipe_accessible_registry(soc:soc, uid:uid, tid:tid, pipe:pipe);
if(!r){ close(soc); exit(0); }
# Open HKLM
handle = registry_open_hklm(soc:soc, uid:uid, tid:tid, pipe:pipe);
key = "SOFTWARE\Agent";
key_h = registry_get_key(soc:soc, uid:uid, tid:tid, pipe:pipe, key:key, reply:ha
ndle);
values = registry_enum_value(soc:soc, uid:uid, tid:tid, pipe:pipe, reply:key_h);
prereport = string("RealSecure Desktop Protector GUID: ");
# Display the name->value pairs / add to string
for ( i = 0 ; values[i] ; i += 2 )
{
report = report + values[i+1];
if (values[i+2]) report = report + ", ";
display(values[i], " --> ", values[i+1], "\n");
}
security_note(port:_smb_port, data:prereport + report, proto:"tcp");
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Thu Feb 03 2005 - 07:46:23 PST