Mailing List Archive

I have been working on a new report format that uses a template,
similar to what you mentioned to me before. The code is almost complete,
there are just a few small bugs to iron out, and some documentation
to do.
As template is parsed through, certain keywords are replaced
with their value. There are also keywords to control the start
and end of the Hosts, Ports, and Vulnerabilities loop. Each level
has its own particular keywords that can be used, as well as the
keywords from the levels before it.

Would you and the rest of the Nessus community be interested in
something like this so that you can customize your own reports?
I will hopefully release a rough draft of this soon.

Renaud, the only downside to this is, that a lot of functionality
that I added involves some changes to the client code. I modified
the backend to parse out the scan times and host scan times, added
about 10 more functions to the report_utils, and I have added an
arglist to store the vulnerabilities by risk level (the original
way of storing them by "warning", "note", and "hole" was left to
maintain backwards compatibility). I believe that this is more useful
than the original way.
Also, a slight change was made to NTP. Instead of sending the timestamp
as asctime( localtime( time(...))) or ctime( time(...)), it is sent
across as digits YYYYmmDD HH:MM:SS, so that the tm struct could be
easily rebuilt on the client side (to tell the difference in time).

----------------------
William Heinbockel
Information Security Incident Response Assistant
Co-op Risk & Safety Management
Rochester Institute of Technology
E-mail: wjh3710@rit.edu


On Wed, 12 Feb 2003, Renaud Deraison wrote:

>
>
> I'd like to "feature-freeze" the 1.3.x tree really soon (ie: by the end
> of the week), and probably call it Nessus 2.0 (due to all the changes
> that occured internally).
>
> On my TODO list for this release, I only have to implement a new NASL
> function called "get_kb_list()" which will return an array of KB items
> matching a given expression (ie: get_kb_list("TCP/*") will return all
> the open tcp ports).
>
> At this stage, everything else will probably be postponed to the next
> release (2.1.x), whose developement will probably start as soon as
> Nessus 2.0 is released.
>
> My question is : which features are not implemented in 1.3.x yet and
> that you'd like to see implemented before I release Nessus 2.0 ?
>
>
>
> -- Renaud
>

On Thu, Feb 13, 2003 at 10:03:04AM -0500, William Heinbockel wrote:
> I have been working on a new report format that uses a template,
> similar to what you mentioned to me before. The code is almost complete,
> there are just a few small bugs to iron out, and some documentation
> to do.
> As template is parsed through, certain keywords are replaced
> with their value. There are also keywords to control the start
> and end of the Hosts, Ports, and Vulnerabilities loop. Each level
> has its own particular keywords that can be used, as well as the
> keywords from the levels before it.
>
> Would you and the rest of the Nessus community be interested in
> something like this so that you can customize your own reports?
> I will hopefully release a rough draft of this soon.

Feel free to send it to me, and I'll be happy to see how it can be
re-inserted in the original source tree without using arglists or things
like that (having a linked list of the report is unpractical if the
report is question deals with thousands of hosts).


-- Renaud

Here's a small patch that adds a new switch to the command line nasl
tool that lets you use the command line nasl tool to run scripts with
safe_checks enabled (useful when vetting results).

Cheers

Rich.




Index: nasl.c
===================================================================
RCS file: /usr/local/cvs/libnasl/nasl/nasl.c,v
retrieving revision 1.26.6.2
diff -u -r1.26.6.2 nasl.c
--- nasl.c 14 Dec 2002 14:13:45 -0000 1.26.6.2
+++ nasl.c 13 Feb 2003 16:23:13 -0000
@@ -38,6 +38,7 @@
harglst * Globals;
extern int execute_instruction(struct arglist *, char *);
void exit_nasl(struct arglist *, int);
+extern int safe_checks_only;

static struct arglist *
init_hostinfos(globals, hostname, ip)
@@ -91,6 +92,7 @@
printf("Usage : nasl [-vh] [ -t target ] script_file ...\n");
printf("\t-h : shows this help screen\n");
printf("\t-t [target] : Execute the scripts against the target(s) host\n");
+ printf("\t-s : specifies that the script should be run with 'safe checks'\n");
printf("\t-v : shows the version number\n");
}

@@ -110,7 +112,7 @@
Command-line options
---------------------------------------------*/

- while((i = getopt(argc, argv, "hvt:k:"))!=EOF)
+ while((i = getopt(argc, argv, "hvst:k:"))!=EOF)
switch(i)
{
case 't' :
@@ -137,7 +139,9 @@
printf("See the license for details\n\n\n");
exit(0);
break;
-
+ case 's' :
+ safe_checks_only = 1;
+ break;
}


@@ -166,6 +170,7 @@
while((target = hg_next_host(hg_globals, &ip)))
{
globals = init(target, ip);
+
n = start;
while(argv[n])
{
Index: nessus_extensions.c
===================================================================
RCS file: /usr/local/cvs/libnasl/nasl/Attic/nessus_extensions.c,v
retrieving revision 1.162.2.6
diff -u -r1.162.2.6 nessus_extensions.c
--- nessus_extensions.c 27 Dec 2002 21:43:14 -0000 1.162.2.6
+++ nessus_extensions.c 13 Feb 2003 16:23:15 -0000
@@ -53,7 +53,7 @@
struct arglist script_see_also(harglst *, struct arglist *);

struct arglist safe_checks(harglst *, struct arglist *);
-
+int safe_checks_only=0;

struct arglist get_hostname(harglst*, struct arglist *);
struct arglist get_host_ip(harglst*, struct arglist *);
@@ -538,7 +538,8 @@

bzero(&rt, sizeof(rt));
value = arg_get_value(prefs, "safe_checks");
- if((value && !strcmp(value, "yes")))
+
+ if((value && !strcmp(value, "yes")) || safe_checks_only)
{
rt.value = nasl_strdup(globals, "1");
rt.length = 1;