There is a couple of attacks against WWW proxies & servers that need a
hostile web server.
I thought that we might implement them. But we need a web server.
Solutions :
1. the administrator sets up a web server and the hostile URL must be
entered as "Prefs". The plugin checks at startup and before run that
the URL is correct.
2. Implement a web server into Nessusd. The server is run when the
plugin starts and is shut down at the end.
Option : starts it when nessusd is first run. The port of the server
could be put into the KB.
3. Launch a simple web server like thttpd when the script starts, and
kill it at the end.
Option : starts it when nessusd is first run...
(1) is ugly: Nessus would depend upon something else.
(2) is complicated but clean. (3) is simpler.
Problem with (2) and (3) : The Nessus server should not be hacked
through the web server. "thttpd -r" (chroot) should be secure enough.
hostile web server.
I thought that we might implement them. But we need a web server.
Solutions :
1. the administrator sets up a web server and the hostile URL must be
entered as "Prefs". The plugin checks at startup and before run that
the URL is correct.
2. Implement a web server into Nessusd. The server is run when the
plugin starts and is shut down at the end.
Option : starts it when nessusd is first run. The port of the server
could be put into the KB.
3. Launch a simple web server like thttpd when the script starts, and
kill it at the end.
Option : starts it when nessusd is first run...
(1) is ugly: Nessus would depend upon something else.
(2) is complicated but clean. (3) is simpler.
Problem with (2) and (3) : The Nessus server should not be hacked
through the web server. "thttpd -r" (chroot) should be secure enough.