Mailing List Archive: NMAP scan engine replacement question

For Nessus 1.2.6

I need to "turn off" the nmap_wrapper.nes plugin and replace it with our
own scan engine replacement.

From what I can tell of the code, is the correct way to delete the
nmap_wrapper.nes shared library, build our own wrapper that has the same
catagory of ACT_SCANNER and the same family of "Port scanners". Not
sure what the family is for.

plug_set_category(desc, ACT_SCANNER)
plug_set_family(desc, "Port scanners", NULL);

It looks like the plugins are sorted and ran ACT_SETTINGS followed by
ACT_SCANNER.

But, question, what about all the scripts that have an entry like

script_dependencie("nmap_wrapper.nes", "queso.nes");

They are hard coded as having a nmap_wrapper.nes dependency. Is there a
way to auto-configure (./configure ??) the default scanner and turn off
the nmap_wrapper dependencies?

ThanX in advance

Erik

Erik Anderson <eanders@pobox.com> writes:

> I need to "turn off" the nmap_wrapper.nes plugin and replace it with
> our own scan engine replacement.

Well, if you can launch your port scanner first and then Nessus, it
would be simpler to convert the output of your scanner to nmap
format.

> From what I can tell of the code, is the correct way to delete the
> nmap_wrapper.nes shared library, build our own wrapper that has the
> same catagory of ACT_SCANNER and the same family of "Port
> scanners".

*And* the same name, because of the dependencies.

> Not sure what the family is for.

Not really important for scanners.

> It looks like the plugins are sorted and ran ACT_SETTINGS followed by
> ACT_SCANNER.

No. Since 1.2.6, scanners are run first.

> They are hard coded as having a nmap_wrapper.nes dependency. Is there
> a way to auto-configure (./configure ??) the default scanner

No.

> and turn off the nmap_wrapper dependencies?

If you do not select "optimize the tests" or "enable dependencies at
run time", this will have no effect.