Hi Everyone, I spent the better part of the day imersing myself in an attempt to write a plugin to determine Windows XP screen saver settings. I need to be able to report on whether the screen saver is enabled, how many seconds of inactivity before it engages, and if it requires a password to be disabled. All which are physical security concerns in our environment. After a lot of scratching my head I realized that the function RegOpenKey() only works with HKEY_LOCAL_MACHINE. Unfortunately, registry settings for screen savers do not reside there. For my purposes I need to query HKEY_CURRENT_USER. A book by Syngress called Nessus, Snort, & Ethereal Power Tools makes reference to some NASL plugin functions that I can not find detailed information about. The chapter that talks about it can be seen online at http://www.securityfocus.com/excerpts/19. Here is the part I am referencing: "To use the following lower-level functions, you need to set up a socket to the appropriate host and log in to the remote host: registry_open_hklm, registry_open_hkcu, registry_open_hkcr Returns the equivalent to the MSDN’s RegConnectRegistry() when its provided with a socket, user id, tree id, and a pipe name. The return value is suitable to be used by registry_get_key()." It would be a huge help if anyone knows the complete syntax to use the registry_open_hkcu() function, knows of a plugin that already uses it, or has examples that I can work from. Thanks for your help, T _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Sat Feb 25 2006 - 21:17:43 PST