Mailing List Archive

WILLIAM HEINBOCKEL wrote:

>I am currently updating the nessus reports with a
>report of the plugin number and name to be associated
>with its message (as well of a list of all plugins that
>were run during the scan).
>
>In the html report, I am cross-referencing the plugin
>number to its information on http://cgi.nessus.org/plugins
>and noticed that a plugin with ID number 10336 was run,
>but there is no reference to it anywhere.
>
>
(...)

>Is it part of Plugin #10337 - QueSo, that attempts to find
>the remote OS type by its TCP fingerprints?
>
>
No.

>Could anyone shed any more light on this?
>
>
Yes, the plugins you don't see referenced at
http://cgi.nessus.org/plugins are plugins that are not NASL scripts, but
have been pre-compiled into Nessus. These plugins are not listed in the
page but are, of course, present in Nessus. See:
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/nessus-plugins/plugins/

Maybe this helps:

$ grep plug_set_id */*.c
3com_hub/3com_hub.c: plug_set_id(desc, 11025);
accounts/accounts.c: plug_set_id(desc, 10328);
find_service/find_service.c: plug_set_id(desc, 10330);
ftp_bounce_scan/ftp_bounce_scan.c: plug_set_id(desc, 10331);
ftp_write_dirs/ftp_write_dirs.c: plug_set_id(desc, 10332);
hydra/hydra4nessus.c: plug_set_id(desc, 10909);
linux_tftp/linux_tftp.c: plug_set_id(desc, 10333);
nikto_wrapper/nikto_wrapper.c: plug_set_id(desc, 10864);
nmap_tcp_connect/nmap_tcp_connect.c: plug_set_id(desc, 10335);
nmap_wrapper/nmap_wrapper.c: plug_set_id(desc, 10336);
objectserver/objectserver.c: plug_set_id(desc, 10384);
queso/queso.c: plug_set_id(desc, 10337);
smad/smad.c: plug_set_id(desc, 10338);
snmp_portscan/snmp_portscan.c: plug_set_id(desc, 10841);
ssl_ciphers/ssl_ciphers.c: plug_set_id(desc, 10863);
tftp_grab_file/tftp_grab_file.c: plug_set_id(desc, 10339);
whisker_wrapper/whisker_wrapper.c: plug_set_id(desc, 10845);


Regards

Javi