Re: [Plugins-writers] Need help to write a plugin

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Need help to write a plugin"
• In reply to: George A. Theall: "Re: [Plugins-writers] Need help to write a plugin"
• Next in thread: ??(Allen): "RE: [Plugins-writers] Need help to write a plugin"
• Reply: ??(Allen): "RE: [Plugins-writers] Need help to write a plugin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Or, set nasl_no_signature_check = yes in nessusd.conf to override the 
requirement for signed plugins. Make sure you understand and accept the 
security implications of doing this.

To execute any shell command on a remote *nix system, first the system and 
nessus have to be configured for local security checks over ssh according 
to the documenation on the nessus web site. Then, it's as simple as having 
the following in a nasl script:

You probably need the following in the description section (remove 
comments):

 script_dependencies("ssh_get_info.nasl"); # this makes sure that both 
scripts don't run at the same time
 script_require_keys("Secret/SSH/login"); # where the ssh credentials are 
stored
 script_require_ports(22, "Services/ssh"); # ssh has to be running on the 
target

And you will need this at the start of your main code section:

include("ssh_func.inc"); # can't use this in a distributed script without 
permission
port = kb_ssh_transport();
sock = ssh_login_or_reuse_connection();

Finally, to actually execute the command use something like this:

buf = ssh_cmd(socket:sock, cmd:"/usr/bin/ls -a 
/path/you/want/listing/of/*");
if ( buf )
   <process the command output>

Note that you cannot distribute a script that calls ssh_func.inc without 
permission from Tenable. There should be no problems using it internally. 
I'm using about 100 scripts I've written that check contents of various 
configuration files, file permissions, etc. on Unix systems.

It would be difficult to write a plugin that would execute the "dir" DOS 
mode command on Windows, unless the system has an ssh server on it. If you 
really need to do this, there are plenty of good ssh servers for Windows. 
There are functions within smb_func.inc that can probably be used to do 
what you want. Again, you cannot distribute a script that calls 
smb_func.inc without permission from Tenable.

Jerry Heidtke

plugins-writers-bounces@private wrote on 11/29/2005 10:55:14 AM:

> On Tue, Nov 29, 2005 at 11:17:39PM +0800, ??(Allen) wrote:
> 
> > I need help to write a plugin that can call external program.
> > For example, write a plugin to execute the "dir" command under the
> > windows DOS mode or execute the "ls -a" command on the Linux ? 
> > Is it possible to do it ? 
> 
> NASL plugins that run external programs need to be signed using the
> private key corresponding to nessus_org.pem, which Renaud controls.
> 
> George
> -- 
> theall@private
> _______________________________________________
> Plugins-writers mailing list
> Plugins-writers@private
> http://mail.nessus.org/mailman/listinfo/plugins-writers

_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Need help to write a plugin"
• In reply to: George A. Theall: "Re: [Plugins-writers] Need help to write a plugin"
• Next in thread: ??(Allen): "RE: [Plugins-writers] Need help to write a plugin"
• Reply: ??(Allen): "RE: [Plugins-writers] Need help to write a plugin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Nov 29 2005 - 09:59:57 PST