[Plugins-writers] Fix for false negative in http_asn1_decoding.nasl

Previous message: Kaiser Dr., Thomas (LfStaD): "[Plugins-writers] nikto without output"
Next in thread: George A. Theall: "Re: [Plugins-writers] Fix for false negative in http_asn1_decoding.nasl"
Reply: George A. Theall: "Re: [Plugins-writers] Fix for false negative in http_asn1_decoding.nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

rich@private

Here's a patch to make http_asn1_decoding.nasl fire when you
get a base64 string that ends in an =. Such as this one:

WWW-Authenticate: Negotiate oRUwE6BECgEBoQwGCisGAQQBgjcCAgo=

Cheers

Rich.
-- 
Richard Moore, Principal Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031

*** http_asn1_decoding.nasl	Fri Aug 12 09:45:33 2005
--- rich.nasl	Thu Sep 22 15:54:34 2005
***************
*** 160,166 ****
  close(soc);
  # Vulnerable -> WWW-Authenticate: Negotiate xxxxx\r\n
  # Not vulnerable -> WWW-Authenticate: Negotiate\r\n
! if ( egrep(pattern:"WWW-Authenticate: Negotiate [a-zA-Z0-9\+/]", string:result) )
  {
   security_hole(port);
  display(result);
--- 160,166 ----
  close(soc);
  # Vulnerable -> WWW-Authenticate: Negotiate xxxxx\r\n
  # Not vulnerable -> WWW-Authenticate: Negotiate\r\n
! if ( egrep(pattern:"WWW-Authenticate: Negotiate [a-zA-Z0-9\+/]=*", string:result) )
  {
   security_hole(port);
  display(result);

_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers