Mailing List Archive: Backup and or Configuration Files

Backup and or Configuration Files

Oct 22, 2008, 11:28 AM

Post #1 of 4 (4399 views)

List-

Does anyone off the top of there head know the plugin # that finds old
backup files, or config files that may
reside on web servers? I'm traveling so internet is limited.

thanks-

--
ashby
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: Backup and or Configuration Files [ In reply to ]

theall at tenablesecurity

Oct 22, 2008, 11:44 AM

Post #2 of 4 (4275 views)

Permalink

On Oct 22, 2008, at 2:28 PM, christopher ashby wrote:

> Does anyone off the top of there head know the plugin # that finds old
> backup files, or config files that may
> reside on web servers?

Plugin #11411 (bakfiles.nasl) is probably what you're looking for.

George
--
theall@tenablesecurity.com

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: Backup and or Configuration Files [ In reply to ]

christopheraashby at gmail

Oct 23, 2008, 8:02 AM

Post #3 of 4 (4261 views)

Permalink

Thanks for the reply George this is exactly what i was looking for.
One quick question regarding this plugin # 11411.

When i'm on the local nessus host (nessus 3.2.1 / redhat es4) and i
issues the following command:

sudo /opt/nessus/bin/nessuscmd -p default -sT -sP -i 11411 -V -U -v tagethost

i receive no output. i have placed a file named "index.jsp~" on my
webserver in / and can use both the browser and wget to retrieve and
view the contents. why won't this plugin find the file?

i also took it a step further and issued the following cmd:

sudo /opt/nessus/bin/nessuscmd -p default -sT -sP -i 10662 -i 11411 -V
-U -v targethost

the webmirror.nasl plugin found and reported on discovered cgi, but
still the backfile.nasl (11411) found nothing.

any help is appreciated.

thanks
ashby

On Wed, Oct 22, 2008 at 2:44 PM, George A. Theall
<theall@tenablesecurity.com> wrote:
> On Oct 22, 2008, at 2:28 PM, christopher ashby wrote:
>
>> Does anyone off the top of there head know the plugin # that finds old
>> backup files, or config files that may
>> reside on web servers?
>
> Plugin #11411 (bakfiles.nasl) is probably what you're looking for.
>
> George
> --
> theall@tenablesecurity.com
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>

--
ashby
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: Backup and or Configuration Files [ In reply to ]

theall at tenablesecurity

Oct 23, 2008, 12:48 PM

Post #4 of 4 (4260 views)

Permalink

On Oct 23, 2008, at 11:02 AM, christopher ashby wrote:

> sudo /opt/nessus/bin/nessuscmd -p default -sT -sP -i 11411 -V -U -v
> tagethost
>
> i receive no output. i have placed a file named "index.jsp~" on my
> webserver in / and can use both the browser and wget to retrieve and
> view the contents. why won't this plugin find the file?

I don't know off-hand. Do you have access to the web server's logs and
do you see anything there? Does the server respond with 404 codes when
you request an non-existent file?

If you could rerun the scan from the Nessus server directly and send
me privately the associated KB / pcap from the scan, I investigate
further.

George
--
theall@tenablesecurity.com

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus