I've written a few plugins that check if they can successfully login via
SSH - checks return value of ssh_open_connection(), empty
username/password/sudo knowledgebase items etc.
Anyway, rather than having a security note for each plugin that fails,
is there a way I can stop the scan (or just skip my plugins but continue
vulns/ports) after one plugin failure?
I guess I could set a kb_item and check it in every plugin and silently
fail after the first one.
The Nessus built-in plugins seem to have this facility, as you get the
"local security checks have failed, cannot login with the supplied
credentials" message, which appears to come from
hostlevel_check_failed.nasl but how do I call that from my own plugin,
or is there a knowledgebase item I have to set
(HostLevelChecks/failure?) as it doesn't seem to do it automatically if
I only have my plugins enabled.
I dunno, I just don't want to go re-inventing the wheel my own way when
there appears to be this kind of functionality already.
Is there a NASL "best practice" guide at all - or just the NASL2 reference?
Regards.
--
Simon John
nessus at the-jedi.co.uk
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
SSH - checks return value of ssh_open_connection(), empty
username/password/sudo knowledgebase items etc.
Anyway, rather than having a security note for each plugin that fails,
is there a way I can stop the scan (or just skip my plugins but continue
vulns/ports) after one plugin failure?
I guess I could set a kb_item and check it in every plugin and silently
fail after the first one.
The Nessus built-in plugins seem to have this facility, as you get the
"local security checks have failed, cannot login with the supplied
credentials" message, which appears to come from
hostlevel_check_failed.nasl but how do I call that from my own plugin,
or is there a knowledgebase item I have to set
(HostLevelChecks/failure?) as it doesn't seem to do it automatically if
I only have my plugins enabled.
I dunno, I just don't want to go re-inventing the wheel my own way when
there appears to be this kind of functionality already.
Is there a NASL "best practice" guide at all - or just the NASL2 reference?
Regards.
--
Simon John
nessus at the-jedi.co.uk
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers