Hi Everyone,
I spent the better part of the day imersing myself in an attempt to write a
plugin to determine Windows XP screen saver settings. I need to be able to
report on whether the screen saver is enabled, how many seconds of inactivity
before it engages, and if it requires a password to be disabled. All which
are physical security concerns in our environment.
After a lot of scratching my head I realized that the function RegOpenKey() only
works with HKEY_LOCAL_MACHINE. Unfortunately, registry settings for screen
savers do not reside there. For my purposes I need to query HKEY_CURRENT_USER.
A book by Syngress called Nessus, Snort, & Ethereal Power Tools makes reference
to some NASL plugin functions that I can not find detailed information about.
The chapter that talks about it can be seen online at
http://www.securityfocus.com/excerpts/19. Here is the part I am referencing:
"To use the following lower-level functions, you need to set up a socket to the
appropriate host and log in to the remote host:
registry_open_hklm, registry_open_hkcu, registry_open_hkcr Returns the
equivalent to the MSDN’s RegConnectRegistry() when its provided with a socket,
user id, tree id, and a pipe name. The return value is suitable to be used by
registry_get_key()."
It would be a huge help if anyone knows the complete syntax to use the
registry_open_hkcu() function, knows of a plugin that already uses it, or has
examples that I can work from.
Thanks for your help,
T
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
I spent the better part of the day imersing myself in an attempt to write a
plugin to determine Windows XP screen saver settings. I need to be able to
report on whether the screen saver is enabled, how many seconds of inactivity
before it engages, and if it requires a password to be disabled. All which
are physical security concerns in our environment.
After a lot of scratching my head I realized that the function RegOpenKey() only
works with HKEY_LOCAL_MACHINE. Unfortunately, registry settings for screen
savers do not reside there. For my purposes I need to query HKEY_CURRENT_USER.
A book by Syngress called Nessus, Snort, & Ethereal Power Tools makes reference
to some NASL plugin functions that I can not find detailed information about.
The chapter that talks about it can be seen online at
http://www.securityfocus.com/excerpts/19. Here is the part I am referencing:
"To use the following lower-level functions, you need to set up a socket to the
appropriate host and log in to the remote host:
registry_open_hklm, registry_open_hkcu, registry_open_hkcr Returns the
equivalent to the MSDN’s RegConnectRegistry() when its provided with a socket,
user id, tree id, and a pipe name. The return value is suitable to be used by
registry_get_key()."
It would be a huge help if anyone knows the complete syntax to use the
registry_open_hkcu() function, knows of a plugin that already uses it, or has
examples that I can work from.
Thanks for your help,
T
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers