Hi,
The original NASL is a bit too ... tight for some installation (i.e. Win95,...,
Win2k, etc), this patch would make it a bit more generalized:
Index: php_apache_win32_default.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/php_apache_win32_default.nasl,v
retrieving revision 1.1
diff -r1.1 php_apache_win32_default.nasl
67a68,69
> exit(1);
> }
68a71,81
> req = string("GET /php/php.exe?c:\php\install.txt HTTP/1.1\r\n",
> "Host: ", get_host_name(), "\r\n\r\n");
> soc = open_sock_tcp(port);
> if(soc)
> {
> send(socket:soc, data:req);
> r = recv(socket:soc, length:2048);
> close(soc);
> if("PHP/Windows Installation Notes" >< r)
> security_hole(port);
> exit(1);
Thanks
Noam Rathaus
http://www.SecurITeam.com
http://www.BeyondSecurity.com
The original NASL is a bit too ... tight for some installation (i.e. Win95,...,
Win2k, etc), this patch would make it a bit more generalized:
Index: php_apache_win32_default.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/php_apache_win32_default.nasl,v
retrieving revision 1.1
diff -r1.1 php_apache_win32_default.nasl
67a68,69
> exit(1);
> }
68a71,81
> req = string("GET /php/php.exe?c:\php\install.txt HTTP/1.1\r\n",
> "Host: ", get_host_name(), "\r\n\r\n");
> soc = open_sock_tcp(port);
> if(soc)
> {
> send(socket:soc, data:req);
> r = recv(socket:soc, length:2048);
> close(soc);
> if("PHP/Windows Installation Notes" >< r)
> security_hole(port);
> exit(1);
Thanks
Noam Rathaus
http://www.SecurITeam.com
http://www.BeyondSecurity.com