So I started messing with the tips you gave me from my initial
question and I am still running into difficulty...
Below is a segment of code from the plugin... it should send a string
of data to any "unknown" port and check the response for an indication
that a proprietary service is running. When I look at a pcap of the
exchange, it only appears to be connecting to each port but is not
actually sending the request to any of the ports:
script_dependencies("find_service.nes");
script_require_ports("Services/unknown");
}
include("global_settings.inc");
port = get_kb_item("Services/unknown");
if (!get_tcp_port_state(port))
exit(0);
open_port = open_sock_tcp(port);
if (!open_port)
exit(0);
req1 = string("string to send\r\n");
send(socket: open_port, data: req1);
response1 = recv(socket:open_port, length:500);
Am I missing something obvious?
Thanks again!
Shawn
On 7/19/06, George A. Theall <theall@tenablesecurity.com> wrote:
> On Wed, Jul 19, 2006 at 02:29:57PM -0400, Shawn Duffy wrote:
>
> > I need to write a plugin that will detect a proprietary service that
> > may be listening on any port. I can write the code that I need in
> > order to check if the service is listening on a given port but I'm not
> > sure of the best way to write it so that it checks any open port for
> > that service.
>
> For a TCP-based service, I tend to declare a script dependency on
> find_service.nes and then do something like :
>
> include("global_settings.inc");
>
> if (thorough_tests)
> {
> port = get_kb_item("Services/unknown");
> if (!port) port = 123;
> }
> else port = 123;
> if (!get_tcp_port_state(port)) exit(0);
>
>
> Essentially, this causes the plugin to iterate over ports with unknown
> services if thorough_tests is enabled or the default port (123 in this
> case) otherwise. Since get_kb_item() spawns a new instance of the plugin
> for each port returned, you don't have to worry about explicitly
> iterating over each port.
>
> If the service doesn't have a well-known port, then just do something like :
>
> port = get_kb_item("Services/unknown");
> if (!get_tcp_port_state(port)) exit(0);
>
>
> George
> --
> theall@tenablesecurity.com
> _______________________________________________
> Plugins-writers mailing list
> Plugins-writers@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/plugins-writers
>
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers