Mailing List Archive

On Dec 6, 2008, at 11:10 AM, christopher ashby wrote:

> The 1st script (update-nessus-plugins.pl) executes properly and
> updates the plugins, creates the MD5, and archives everything
> according to plan. When this scripts executes the
> describe-nessus-plugin.pl script, it gives me an error saying that the
> ""plugin isn't available??

Is that the exact error? The string "plugin isn't available" doesn't
exist as far as I can see in either script.

One possible problem is that you've appended ".pl" to the name of each
script. Neither is distributed that way, and it's not a big deal. But
if you're going to change the name of describe-nessus-plugin, you need
to make sure you update nessus-update-plugins to use the new name
(line 352) .

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

George-

I re-downloaded the scripts this morning, and made the following
changes to update-nessus-plugins:

Updated the $ENV{PATH} with "/opt/nessus/sbin" (line 161)

Line 183 added / changed the my $plugins_dir to
"/opt/nessus/lib/nessus/plugins"

I have placed the following scripts in the directory:

"/opt/nessus/auto"

update-nessus-plugins
describe-nessus-plugin

********************

When I executed the update-nessus-plugin script with the following
command this morning:

"sudo perl -T /opt/nessus/auto/update-nessus-plugins -bps >
/home/cashby/plugin-report.txt"

I received this error:
Can't open 'W32.Sasser.Worm.nasl' - No such file or directory at
/opt/nessus/auto/update-nessus-plugins line 317

Reviewing the script it appears to fail after the plugins have been
updated and the 2nd round of MD5 hashing is taking place, with leads
me to believe that the script is having difficulties creating a new
MD5 of newly downloaded or changed plugins??? (probably way off base
here?)

Obviously the plugins are being updated because if the script runs
again I receive this message after it's completed:

"No errors found parsing new / changed plugins."

Am I possibly doing something wrong? Thanks for any assistance...

ashby



On Mon, Dec 8, 2008 at 3:58 PM, George A. Theall
<theall@tenablesecurity.com> wrote:
> On Dec 6, 2008, at 11:10 AM, christopher ashby wrote:
>
>> The 1st script (update-nessus-plugins.pl) executes properly and
>> updates the plugins, creates the MD5, and archives everything
>> according to plan. When this scripts executes the
>> describe-nessus-plugin.pl script, it gives me an error saying that the
>> ""plugin isn't available??
>
> Is that the exact error? The string "plugin isn't available" doesn't
> exist as far as I can see in either script.
>
> One possible problem is that you've appended ".pl" to the name of each
> script. Neither is distributed that way, and it's not a big deal. But
> if you're going to change the name of describe-nessus-plugin, you need
> to make sure you update nessus-update-plugins to use the new name
> (line 352) .
>
> George
> --
> theall@tenablesecurity.com
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

On Dec 9, 2008, at 1:56 PM, christopher ashby wrote:

> I received this error:
> Can't open 'W32.Sasser.Worm.nasl' - No such file or directory at
> /opt/nessus/auto/update-nessus-plugins line 317


Try running the script again please.

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

I ran the script again this morning and received the following output:

cashby@ubuntu804jeos:~$ sudo perl -T
/opt/nessus/auto/update-nessus-plugins -bps >
/home/cashby/plugin-report.txt

Can't run 'describe-nessus-plugin -f
bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
english Black_JumboDog_FTP_overflow.nasl' - No such file or directory
at /opt/nessus/auto/update-nessus-plugins line 356

Let me know your thoughts.
Chris



On Tue, Dec 9, 2008 at 4:51 PM, George A. Theall
<theall@tenablesecurity.com> wrote:
> On Dec 9, 2008, at 1:56 PM, christopher ashby wrote:
>
>> I received this error:
>> Can't open 'W32.Sasser.Worm.nasl' - No such file or directory at
>> /opt/nessus/auto/update-nessus-plugins line 317
>
>
> Try running the script again please.
>
> George
> --
> theall@tenablesecurity.com
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

I got them to work the other week, though I did get that same W32.Sasser
error that you did when I tried to update today. I re-ran the update and
it worked correctly.

I'm assuming you've installed all the necessary perl modules. You might
want to do a "cpan upgrade" just to make sure you have the latest
version of the modules. I also found it's better to just run the whole
thing as root rather than try and use sudo.

I had to modify a couple of lines as well. Here's my diff between the
original and modified forms of update-nessus-plugins:


< = original
> = updated

161c33
< $ENV{PATH} =
'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/opt/nessu
s/sbin'; # nb: also passed to nessus-update-plugins
---
> $ENV{PATH} =
'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
also passed to nessus-update-plugins
290c162
< my $cmd = 'nessus-update-plugins';
---
> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
352c224,225
< my $cmd = 'describe-nessus-plugin ' .
---
> my $cmd = 'describe-nessus-plugin ' .
> '-f ' . join(',', @info_funcs) . ' ' .
382c255
< open(NEW, $plugin) or croak "Can't read '$plugin' - $!\n";
---
> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
'$plugin' - $!\n";



I'm running RHEL as well, so I think this should work for you as well.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: nessus-bounces@list.nessus.org
>[mailto:nessus-bounces@list.nessus.org] On Behalf Of christopher ashby
>Sent: Saturday, December 06, 2008 11:10 AM
>To: nessus@list.nessus.org
>Subject: Update Nessus Plugins Script
>
>List-
>
>Has anyone successfully implemented these scripts with Nessus? I
>currently have Nessus 3.2.1 on a RH Server and use the command line to
>execute my scans. Here is what happens when I attempt to use these
>scripts:
>
>The 1st script (update-nessus-plugins.pl) executes properly and
>updates the plugins, creates the MD5, and archives everything
>according to plan. When this scripts executes the
>describe-nessus-plugin.pl script, it gives me an error saying that the
>""plugin isn't available??
>
>I have execute this in debug mode, and receive the same generic error.
> If i execute the perl script (describe-nessus-plugin.pl) on it's own,
>it properly gives me the output? I have modified the
>update-nessus-plugin.pl script adding/updating the paths (line161 &
>183) and then modifying lines 352-355 which call the
>describe-nessus-plugins.pl script. This modification was made because
>if i execute the script (describe-nessus-plugins.pl) without any
>switches it's outcome is exactly what i need.
>
>Here is the command i execute in an attempt to get the outcome desired:
>
>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>/home/cashby/plugins-report.txt
>
>i have also attempted this with the same outcome:
>
>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>/home/cashby/plugins-report.txt
>
>I have attached the scripts for anyone to view, if anyone has any
>suggestions that would be appreciated!
>
>thanks-
>Christopher Ashby
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

I have been following this thread, and I'm not sure I understand why using an extra script to download patches is necessary. Can anyone enlighten me on what you are trying to accomplish?

Thanks,

François

-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On Behalf Of Mercer, Jeff C - Raleigh, NC
Sent: December-10-08 10:15 AM
To: christopher ashby; nessus@list.nessus.org
Subject: RE: Update Nessus Plugins Script

I got them to work the other week, though I did get that same W32.Sasser
error that you did when I tried to update today. I re-ran the update and
it worked correctly.

I'm assuming you've installed all the necessary perl modules. You might
want to do a "cpan upgrade" just to make sure you have the latest
version of the modules. I also found it's better to just run the whole
thing as root rather than try and use sudo.

I had to modify a couple of lines as well. Here's my diff between the
original and modified forms of update-nessus-plugins:


< = original
> = updated

161c33
< $ENV{PATH} =
'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/opt/nessu
s/sbin'; # nb: also passed to nessus-update-plugins
---
> $ENV{PATH} =
'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
also passed to nessus-update-plugins
290c162
< my $cmd = 'nessus-update-plugins';
---
> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
352c224,225
< my $cmd = 'describe-nessus-plugin ' .
---
> my $cmd = 'describe-nessus-plugin ' .
> '-f ' . join(',', @info_funcs) . ' ' .
382c255
< open(NEW, $plugin) or croak "Can't read '$plugin' - $!\n";
---
> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
'$plugin' - $!\n";



I'm running RHEL as well, so I think this should work for you as well.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: nessus-bounces@list.nessus.org
>[mailto:nessus-bounces@list.nessus.org] On Behalf Of christopher ashby
>Sent: Saturday, December 06, 2008 11:10 AM
>To: nessus@list.nessus.org
>Subject: Update Nessus Plugins Script
>
>List-
>
>Has anyone successfully implemented these scripts with Nessus? I
>currently have Nessus 3.2.1 on a RH Server and use the command line to
>execute my scans. Here is what happens when I attempt to use these
>scripts:
>
>The 1st script (update-nessus-plugins.pl) executes properly and
>updates the plugins, creates the MD5, and archives everything
>according to plan. When this scripts executes the
>describe-nessus-plugin.pl script, it gives me an error saying that the
>""plugin isn't available??
>
>I have execute this in debug mode, and receive the same generic error.
> If i execute the perl script (describe-nessus-plugin.pl) on it's own,
>it properly gives me the output? I have modified the
>update-nessus-plugin.pl script adding/updating the paths (line161 &
>183) and then modifying lines 352-355 which call the
>describe-nessus-plugins.pl script. This modification was made because
>if i execute the script (describe-nessus-plugins.pl) without any
>switches it's outcome is exactly what i need.
>
>Here is the command i execute in an attempt to get the outcome desired:
>
>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>/home/cashby/plugins-report.txt
>
>i have also attempted this with the same outcome:
>
>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>/home/cashby/plugins-report.txt
>
>I have attached the scripts for anyone to view, if anyone has any
>suggestions that would be appreciated!
>
>thanks-
>Christopher Ashby
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

I must be doing something wrong...

I made the modification below as you describe to the
update-nessus-plugins script, and executed it as "root". I have also
verified that all the required perl modules are installed.

perl -T /opt/nessus/auto/update-nessus-plugins -bps >
/home/cashby/plugin-report.txt

When finished i didn't receive any errors and the output was written
to a txt file as configured. Below is what was recorded:

No errors found parsing new / changed plugins.
Backup of '/opt/nessus/lib/nessus/plugins' available as
'/tmp/plugins-pre-20081210-120950.tar.gz'.
*******

This has happened before, as the plugins have been successfully
updated. I will run this script later tonight, tomorrow morning
hoping for some new plugins to be available. Hopefully all the issues
are worked out and i can get a report generated...

thanks for all your help

ashby



On Wed, Dec 10, 2008 at 11:14 AM, Mercer, Jeff C - Raleigh, NC
<Jeff.C.Mercer@usps.gov> wrote:
> I got them to work the other week, though I did get that same W32.Sasser
> error that you did when I tried to update today. I re-ran the update and
> it worked correctly.
>
> I'm assuming you've installed all the necessary perl modules. You might
> want to do a "cpan upgrade" just to make sure you have the latest
> version of the modules. I also found it's better to just run the whole
> thing as root rather than try and use sudo.
>
> I had to modify a couple of lines as well. Here's my diff between the
> original and modified forms of update-nessus-plugins:
>
>
> < = original
>> = updated
>
> 161c33
> < $ENV{PATH} =
> '/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/opt/nessu
> s/sbin'; # nb: also passed to nessus-update-plugins
> ---
>> $ENV{PATH} =
> '/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
> also passed to nessus-update-plugins
> 290c162
> < my $cmd = 'nessus-update-plugins';
> ---
>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
> 352c224,225
> < my $cmd = 'describe-nessus-plugin ' .
> ---
>> my $cmd = 'describe-nessus-plugin ' .
>> '-f ' . join(',', @info_funcs) . ' ' .
> 382c255
> < open(NEW, $plugin) or croak "Can't read '$plugin' - $!\n";
> ---
>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
> '$plugin' - $!\n";
>
>
>
> I'm running RHEL as well, so I think this should work for you as well.
>
> --------
> Jeff Mercer - CISO - Security Vulnerability Assessments
>
>
>>-----Original Message-----
>>From: nessus-bounces@list.nessus.org
>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of christopher ashby
>>Sent: Saturday, December 06, 2008 11:10 AM
>>To: nessus@list.nessus.org
>>Subject: Update Nessus Plugins Script
>>
>>List-
>>
>>Has anyone successfully implemented these scripts with Nessus? I
>>currently have Nessus 3.2.1 on a RH Server and use the command line to
>>execute my scans. Here is what happens when I attempt to use these
>>scripts:
>>
>>The 1st script (update-nessus-plugins.pl) executes properly and
>>updates the plugins, creates the MD5, and archives everything
>>according to plan. When this scripts executes the
>>describe-nessus-plugin.pl script, it gives me an error saying that the
>>""plugin isn't available??
>>
>>I have execute this in debug mode, and receive the same generic error.
>> If i execute the perl script (describe-nessus-plugin.pl) on it's own,
>>it properly gives me the output? I have modified the
>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>183) and then modifying lines 352-355 which call the
>>describe-nessus-plugins.pl script. This modification was made because
>>if i execute the script (describe-nessus-plugins.pl) without any
>>switches it's outcome is exactly what i need.
>>
>>Here is the command i execute in an attempt to get the outcome desired:
>>
>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>/home/cashby/plugins-report.txt
>>
>>i have also attempted this with the same outcome:
>>
>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>/home/cashby/plugins-report.txt
>>
>>I have attached the scripts for anyone to view, if anyone has any
>>suggestions that would be appreciated!
>>
>>thanks-
>>Christopher Ashby
>>
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Yeah, if the plugins were just recently updated, it won't do much. :)

You can try moving your plugins directory aside and extracting the older
plugins backup file, see if you get results then.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: christopher ashby [mailto:christopheraashby@gmail.com]
>Sent: Wednesday, December 10, 2008 12:20 PM
>To: Mercer, Jeff C - Raleigh, NC
>Cc: nessus@list.nessus.org; George A. Theall
>Subject: Re: Update Nessus Plugins Script
>
>I must be doing something wrong...
>
>I made the modification below as you describe to the
>update-nessus-plugins script, and executed it as "root". I have also
>verified that all the required perl modules are installed.
>
> perl -T /opt/nessus/auto/update-nessus-plugins -bps >
>/home/cashby/plugin-report.txt
>
>When finished i didn't receive any errors and the output was written
>to a txt file as configured. Below is what was recorded:
>
>No errors found parsing new / changed plugins.
>Backup of '/opt/nessus/lib/nessus/plugins' available as
>'/tmp/plugins-pre-20081210-120950.tar.gz'.
>*******
>
>This has happened before, as the plugins have been successfully
>updated. I will run this script later tonight, tomorrow morning
>hoping for some new plugins to be available. Hopefully all the issues
>are worked out and i can get a report generated...
>
>thanks for all your help
>
>ashby
>
>
>
>On Wed, Dec 10, 2008 at 11:14 AM, Mercer, Jeff C - Raleigh, NC
><Jeff.C.Mercer@usps.gov> wrote:
>> I got them to work the other week, though I did get that
>same W32.Sasser
>> error that you did when I tried to update today. I re-ran
>the update and
>> it worked correctly.
>>
>> I'm assuming you've installed all the necessary perl
>modules. You might
>> want to do a "cpan upgrade" just to make sure you have the latest
>> version of the modules. I also found it's better to just run
>the whole
>> thing as root rather than try and use sudo.
>>
>> I had to modify a couple of lines as well. Here's my diff between the
>> original and modified forms of update-nessus-plugins:
>>
>>
>> < = original
>>> = updated
>>
>> 161c33
>> < $ENV{PATH} =
>>
>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>opt/nessu
>> s/sbin'; # nb: also passed to nessus-update-plugins
>> ---
>>> $ENV{PATH} =
>>
>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
>> also passed to nessus-update-plugins
>> 290c162
>> < my $cmd = 'nessus-update-plugins';
>> ---
>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>> 352c224,225
>> < my $cmd = 'describe-nessus-plugin ' .
>> ---
>>> my $cmd = 'describe-nessus-plugin ' .
>>> '-f ' . join(',', @info_funcs) . ' ' .
>> 382c255
>> < open(NEW, $plugin) or croak "Can't read
>'$plugin' - $!\n";
>> ---
>>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>> '$plugin' - $!\n";
>>
>>
>>
>> I'm running RHEL as well, so I think this should work for
>you as well.
>>
>> --------
>> Jeff Mercer - CISO - Security Vulnerability Assessments
>>
>>
>>>-----Original Message-----
>>>From: nessus-bounces@list.nessus.org
>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of
>christopher ashby
>>>Sent: Saturday, December 06, 2008 11:10 AM
>>>To: nessus@list.nessus.org
>>>Subject: Update Nessus Plugins Script
>>>
>>>List-
>>>
>>>Has anyone successfully implemented these scripts with Nessus? I
>>>currently have Nessus 3.2.1 on a RH Server and use the
>command line to
>>>execute my scans. Here is what happens when I attempt to use these
>>>scripts:
>>>
>>>The 1st script (update-nessus-plugins.pl) executes properly and
>>>updates the plugins, creates the MD5, and archives everything
>>>according to plan. When this scripts executes the
>>>describe-nessus-plugin.pl script, it gives me an error
>saying that the
>>>""plugin isn't available??
>>>
>>>I have execute this in debug mode, and receive the same
>generic error.
>>> If i execute the perl script (describe-nessus-plugin.pl) on
>it's own,
>>>it properly gives me the output? I have modified the
>>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>>183) and then modifying lines 352-355 which call the
>>>describe-nessus-plugins.pl script. This modification was
>made because
>>>if i execute the script (describe-nessus-plugins.pl) without any
>>>switches it's outcome is exactly what i need.
>>>
>>>Here is the command i execute in an attempt to get the
>outcome desired:
>>>
>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>>/home/cashby/plugins-report.txt
>>>
>>>i have also attempted this with the same outcome:
>>>
>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>>/home/cashby/plugins-report.txt
>>>
>>>I have attached the scripts for anyone to view, if anyone has any
>>>suggestions that would be appreciated!
>>>
>>>thanks-
>>>Christopher Ashby
>>>
>>
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

It is not necessary for normal operation of Nessus.

It's just a useful little script that will make a backup copy of the existing plugins before updating, and can optionally report on all the plugins that have been changed.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: nessus-bounces@list.nessus.org
>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Lachance, François
>Sent: Wednesday, December 10, 2008 12:15 PM
>To: nessus@list.nessus.org
>Subject: RE: Update Nessus Plugins Script
>
>I have been following this thread, and I'm not sure I
>understand why using an extra script to download patches is
>necessary. Can anyone enlighten me on what you are trying to
>accomplish?
>
>Thanks,
>
>François
>
>-----Original Message-----
>From: nessus-bounces@list.nessus.org
>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Mercer,
>Jeff C - Raleigh, NC
>Sent: December-10-08 10:15 AM
>To: christopher ashby; nessus@list.nessus.org
>Subject: RE: Update Nessus Plugins Script
>
>I got them to work the other week, though I did get that same
>W32.Sasser
>error that you did when I tried to update today. I re-ran the
>update and
>it worked correctly.
>
>I'm assuming you've installed all the necessary perl modules. You might
>want to do a "cpan upgrade" just to make sure you have the latest
>version of the modules. I also found it's better to just run the whole
>thing as root rather than try and use sudo.
>
>I had to modify a couple of lines as well. Here's my diff between the
>original and modified forms of update-nessus-plugins:
>
>
>< = original
>> = updated
>
>161c33
>< $ENV{PATH} =
>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>opt/nessu
>s/sbin'; # nb: also passed to nessus-update-plugins
>---
>> $ENV{PATH} =
>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
>also passed to nessus-update-plugins
>290c162
>< my $cmd = 'nessus-update-plugins';
>---
>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>352c224,225
>< my $cmd = 'describe-nessus-plugin ' .
>---
>> my $cmd = 'describe-nessus-plugin ' .
>> '-f ' . join(',', @info_funcs) . ' ' .
>382c255
>< open(NEW, $plugin) or croak "Can't read
>'$plugin' - $!\n";
>---
>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>'$plugin' - $!\n";
>
>
>
>I'm running RHEL as well, so I think this should work for you as well.
>
>--------
>Jeff Mercer - CISO - Security Vulnerability Assessments
>
>
>>-----Original Message-----
>>From: nessus-bounces@list.nessus.org
>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of christopher ashby
>>Sent: Saturday, December 06, 2008 11:10 AM
>>To: nessus@list.nessus.org
>>Subject: Update Nessus Plugins Script
>>
>>List-
>>
>>Has anyone successfully implemented these scripts with Nessus? I
>>currently have Nessus 3.2.1 on a RH Server and use the command line to
>>execute my scans. Here is what happens when I attempt to use these
>>scripts:
>>
>>The 1st script (update-nessus-plugins.pl) executes properly and
>>updates the plugins, creates the MD5, and archives everything
>>according to plan. When this scripts executes the
>>describe-nessus-plugin.pl script, it gives me an error saying that the
>>""plugin isn't available??
>>
>>I have execute this in debug mode, and receive the same generic error.
>> If i execute the perl script (describe-nessus-plugin.pl) on it's own,
>>it properly gives me the output? I have modified the
>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>183) and then modifying lines 352-355 which call the
>>describe-nessus-plugins.pl script. This modification was made because
>>if i execute the script (describe-nessus-plugins.pl) without any
>>switches it's outcome is exactly what i need.
>>
>>Here is the command i execute in an attempt to get the
>outcome desired:
>>
>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>/home/cashby/plugins-report.txt
>>
>>i have also attempted this with the same outcome:
>>
>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>/home/cashby/plugins-report.txt
>>
>>I have attached the scripts for anyone to view, if anyone has any
>>suggestions that would be appreciated!
>>
>>thanks-
>>Christopher Ashby
>>
>_______________________________________________
>Nessus mailing list
>Nessus@list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
>_______________________________________________
>Nessus mailing list
>Nessus@list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

This is interesting...

Noticing some new plugin published, I attempted to execute this script
again as root:

root@ubuntu804jeos:/home/cashby# perl -T
/opt/nessus/auto/update-nessus-plugins -bps >
/home/cashby/plugin-report.txt

this is the error received:
Can't run 'describe-nessus-plugin -f
bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
english powerdns_malformed_query.nasl' - No such file or directory at
/opt/nessus/auto/update-nessus-plugins line 356

I decided to run the script manually to determine if any issued existed:

root@ubuntu804jeos:/home/cashby# perl -T
/opt/nessus/auto/describe-nessus-plugin -f
bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl

I received the following error:

/opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
Insecure dependency in sprintf while running with -T switch at
/opt/nessus/auto/describe-nessus-plugin line 510.

Is it possible to remove the -T switch from the first line of this
code, and still have it properly execute?

ashby



On Wed, Dec 10, 2008 at 1:16 PM, Mercer, Jeff C - Raleigh, NC
<Jeff.C.Mercer@usps.gov> wrote:
> It is not necessary for normal operation of Nessus.
>
> It's just a useful little script that will make a backup copy of the existing plugins before updating, and can optionally report on all the plugins that have been changed.
>
> --------
> Jeff Mercer - CISO - Security Vulnerability Assessments
>
>
>>-----Original Message-----
>>From: nessus-bounces@list.nessus.org
>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Lachance, François
>>Sent: Wednesday, December 10, 2008 12:15 PM
>>To: nessus@list.nessus.org
>>Subject: RE: Update Nessus Plugins Script
>>
>>I have been following this thread, and I'm not sure I
>>understand why using an extra script to download patches is
>>necessary. Can anyone enlighten me on what you are trying to
>>accomplish?
>>
>>Thanks,
>>
>>François
>>
>>-----Original Message-----
>>From: nessus-bounces@list.nessus.org
>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Mercer,
>>Jeff C - Raleigh, NC
>>Sent: December-10-08 10:15 AM
>>To: christopher ashby; nessus@list.nessus.org
>>Subject: RE: Update Nessus Plugins Script
>>
>>I got them to work the other week, though I did get that same
>>W32.Sasser
>>error that you did when I tried to update today. I re-ran the
>>update and
>>it worked correctly.
>>
>>I'm assuming you've installed all the necessary perl modules. You might
>>want to do a "cpan upgrade" just to make sure you have the latest
>>version of the modules. I also found it's better to just run the whole
>>thing as root rather than try and use sudo.
>>
>>I had to modify a couple of lines as well. Here's my diff between the
>>original and modified forms of update-nessus-plugins:
>>
>>
>>< = original
>>> = updated
>>
>>161c33
>>< $ENV{PATH} =
>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>>opt/nessu
>>s/sbin'; # nb: also passed to nessus-update-plugins
>>---
>>> $ENV{PATH} =
>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin'; # nb:
>>also passed to nessus-update-plugins
>>290c162
>>< my $cmd = 'nessus-update-plugins';
>>---
>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>>352c224,225
>>< my $cmd = 'describe-nessus-plugin ' .
>>---
>>> my $cmd = 'describe-nessus-plugin ' .
>>> '-f ' . join(',', @info_funcs) . ' ' .
>>382c255
>>< open(NEW, $plugin) or croak "Can't read
>>'$plugin' - $!\n";
>>---
>>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>>'$plugin' - $!\n";
>>
>>
>>
>>I'm running RHEL as well, so I think this should work for you as well.
>>
>>--------
>>Jeff Mercer - CISO - Security Vulnerability Assessments
>>
>>
>>>-----Original Message-----
>>>From: nessus-bounces@list.nessus.org
>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of christopher ashby
>>>Sent: Saturday, December 06, 2008 11:10 AM
>>>To: nessus@list.nessus.org
>>>Subject: Update Nessus Plugins Script
>>>
>>>List-
>>>
>>>Has anyone successfully implemented these scripts with Nessus? I
>>>currently have Nessus 3.2.1 on a RH Server and use the command line to
>>>execute my scans. Here is what happens when I attempt to use these
>>>scripts:
>>>
>>>The 1st script (update-nessus-plugins.pl) executes properly and
>>>updates the plugins, creates the MD5, and archives everything
>>>according to plan. When this scripts executes the
>>>describe-nessus-plugin.pl script, it gives me an error saying that the
>>>""plugin isn't available??
>>>
>>>I have execute this in debug mode, and receive the same generic error.
>>> If i execute the perl script (describe-nessus-plugin.pl) on it's own,
>>>it properly gives me the output? I have modified the
>>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>>183) and then modifying lines 352-355 which call the
>>>describe-nessus-plugins.pl script. This modification was made because
>>>if i execute the script (describe-nessus-plugins.pl) without any
>>>switches it's outcome is exactly what i need.
>>>
>>>Here is the command i execute in an attempt to get the
>>outcome desired:
>>>
>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>>/home/cashby/plugins-report.txt
>>>
>>>i have also attempted this with the same outcome:
>>>
>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>>/home/cashby/plugins-report.txt
>>>
>>>I have attached the scripts for anyone to view, if anyone has any
>>>suggestions that would be appreciated!
>>>
>>>thanks-
>>>Christopher Ashby
>>>
>>_______________________________________________
>>Nessus mailing list
>>Nessus@list.nessus.org
>>http://mail.nessus.org/mailman/listinfo/nessus
>>_______________________________________________
>>Nessus mailing list
>>Nessus@list.nessus.org
>>http://mail.nessus.org/mailman/listinfo/nessus
>>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Hey Chris. I haven't tried it with -T, I just ran the script directly. I'm assuming you are using -T because you want this to be run setuid.

It might be better to just have it run as a cron job under root. YMMV.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: christopher ashby [mailto:christopheraashby@gmail.com]
>Sent: Wednesday, December 10, 2008 2:35 PM
>To: Mercer, Jeff C - Raleigh, NC
>Cc: Lachance, François; nessus@list.nessus.org
>Subject: Re: Update Nessus Plugins Script
>
>This is interesting...
>
>Noticing some new plugin published, I attempted to execute this script
>again as root:
>
>root@ubuntu804jeos:/home/cashby# perl -T
>/opt/nessus/auto/update-nessus-plugins -bps >
>/home/cashby/plugin-report.txt
>
>this is the error received:
>Can't run 'describe-nessus-plugin -f
>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>english powerdns_malformed_query.nasl' - No such file or directory at
>/opt/nessus/auto/update-nessus-plugins line 356
>
>I decided to run the script manually to determine if any
>issued existed:
>
>root@ubuntu804jeos:/home/cashby# perl -T
>/opt/nessus/auto/describe-nessus-plugin -f
>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>
>I received the following error:
>
>/opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>Insecure dependency in sprintf while running with -T switch at
>/opt/nessus/auto/describe-nessus-plugin line 510.
>
>Is it possible to remove the -T switch from the first line of this
>code, and still have it properly execute?
>
>ashby
>
>
>
>On Wed, Dec 10, 2008 at 1:16 PM, Mercer, Jeff C - Raleigh, NC
><Jeff.C.Mercer@usps.gov> wrote:
>> It is not necessary for normal operation of Nessus.
>>
>> It's just a useful little script that will make a backup
>copy of the existing plugins before updating, and can
>optionally report on all the plugins that have been changed.
>>
>> --------
>> Jeff Mercer - CISO - Security Vulnerability Assessments
>>
>>
>>>-----Original Message-----
>>>From: nessus-bounces@list.nessus.org
>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of
>Lachance, François
>>>Sent: Wednesday, December 10, 2008 12:15 PM
>>>To: nessus@list.nessus.org
>>>Subject: RE: Update Nessus Plugins Script
>>>
>>>I have been following this thread, and I'm not sure I
>>>understand why using an extra script to download patches is
>>>necessary. Can anyone enlighten me on what you are trying to
>>>accomplish?
>>>
>>>Thanks,
>>>
>>>François
>>>
>>>-----Original Message-----
>>>From: nessus-bounces@list.nessus.org
>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Mercer,
>>>Jeff C - Raleigh, NC
>>>Sent: December-10-08 10:15 AM
>>>To: christopher ashby; nessus@list.nessus.org
>>>Subject: RE: Update Nessus Plugins Script
>>>
>>>I got them to work the other week, though I did get that same
>>>W32.Sasser
>>>error that you did when I tried to update today. I re-ran the
>>>update and
>>>it worked correctly.
>>>
>>>I'm assuming you've installed all the necessary perl
>modules. You might
>>>want to do a "cpan upgrade" just to make sure you have the latest
>>>version of the modules. I also found it's better to just run
>the whole
>>>thing as root rather than try and use sudo.
>>>
>>>I had to modify a couple of lines as well. Here's my diff between the
>>>original and modified forms of update-nessus-plugins:
>>>
>>>
>>>< = original
>>>> = updated
>>>
>>>161c33
>>>< $ENV{PATH} =
>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>>>opt/nessu
>>>s/sbin'; # nb: also passed to nessus-update-plugins
>>>---
>>>> $ENV{PATH} =
>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin
>'; # nb:
>>>also passed to nessus-update-plugins
>>>290c162
>>>< my $cmd = 'nessus-update-plugins';
>>>---
>>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>>>352c224,225
>>>< my $cmd = 'describe-nessus-plugin ' .
>>>---
>>>> my $cmd = 'describe-nessus-plugin ' .
>>>> '-f ' . join(',', @info_funcs) . ' ' .
>>>382c255
>>>< open(NEW, $plugin) or croak "Can't read
>>>'$plugin' - $!\n";
>>>---
>>>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>>>'$plugin' - $!\n";
>>>
>>>
>>>
>>>I'm running RHEL as well, so I think this should work for
>you as well.
>>>
>>>--------
>>>Jeff Mercer - CISO - Security Vulnerability Assessments
>>>
>>>
>>>>-----Original Message-----
>>>>From: nessus-bounces@list.nessus.org
>>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of
>christopher ashby
>>>>Sent: Saturday, December 06, 2008 11:10 AM
>>>>To: nessus@list.nessus.org
>>>>Subject: Update Nessus Plugins Script
>>>>
>>>>List-
>>>>
>>>>Has anyone successfully implemented these scripts with Nessus? I
>>>>currently have Nessus 3.2.1 on a RH Server and use the
>command line to
>>>>execute my scans. Here is what happens when I attempt to use these
>>>>scripts:
>>>>
>>>>The 1st script (update-nessus-plugins.pl) executes properly and
>>>>updates the plugins, creates the MD5, and archives everything
>>>>according to plan. When this scripts executes the
>>>>describe-nessus-plugin.pl script, it gives me an error
>saying that the
>>>>""plugin isn't available??
>>>>
>>>>I have execute this in debug mode, and receive the same
>generic error.
>>>> If i execute the perl script (describe-nessus-plugin.pl)
>on it's own,
>>>>it properly gives me the output? I have modified the
>>>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>>>183) and then modifying lines 352-355 which call the
>>>>describe-nessus-plugins.pl script. This modification was
>made because
>>>>if i execute the script (describe-nessus-plugins.pl) without any
>>>>switches it's outcome is exactly what i need.
>>>>
>>>>Here is the command i execute in an attempt to get the
>>>outcome desired:
>>>>
>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>>>/home/cashby/plugins-report.txt
>>>>
>>>>i have also attempted this with the same outcome:
>>>>
>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>>>/home/cashby/plugins-report.txt
>>>>
>>>>I have attached the scripts for anyone to view, if anyone has any
>>>>suggestions that would be appreciated!
>>>>
>>>>thanks-
>>>>Christopher Ashby
>>>>
>>>_______________________________________________
>>>Nessus mailing list
>>>Nessus@list.nessus.org
>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>_______________________________________________
>>>Nessus mailing list
>>>Nessus@list.nessus.org
>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>
>> _______________________________________________
>> Nessus mailing list
>> Nessus@list.nessus.org
>> http://mail.nessus.org/mailman/listinfo/nessus
>>
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

I removed the "wT" from the first line in each of the scripts. Still
isn't working...
ashby



On Wed, Dec 10, 2008 at 2:51 PM, Mercer, Jeff C - Raleigh, NC
<Jeff.C.Mercer@usps.gov> wrote:
> Hey Chris. I haven't tried it with -T, I just ran the script directly. I'm assuming you are using -T because you want this to be run setuid.
>
> It might be better to just have it run as a cron job under root. YMMV.
>
> --------
> Jeff Mercer - CISO - Security Vulnerability Assessments
>
>
>>-----Original Message-----
>>From: christopher ashby [mailto:christopheraashby@gmail.com]
>>Sent: Wednesday, December 10, 2008 2:35 PM
>>To: Mercer, Jeff C - Raleigh, NC
>>Cc: Lachance, François; nessus@list.nessus.org
>>Subject: Re: Update Nessus Plugins Script
>>
>>This is interesting...
>>
>>Noticing some new plugin published, I attempted to execute this script
>>again as root:
>>
>>root@ubuntu804jeos:/home/cashby# perl -T
>>/opt/nessus/auto/update-nessus-plugins -bps >
>>/home/cashby/plugin-report.txt
>>
>>this is the error received:
>>Can't run 'describe-nessus-plugin -f
>>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>>english powerdns_malformed_query.nasl' - No such file or directory at
>>/opt/nessus/auto/update-nessus-plugins line 356
>>
>>I decided to run the script manually to determine if any
>>issued existed:
>>
>>root@ubuntu804jeos:/home/cashby# perl -T
>>/opt/nessus/auto/describe-nessus-plugin -f
>>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>>english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>>
>>I received the following error:
>>
>>/opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>>Insecure dependency in sprintf while running with -T switch at
>>/opt/nessus/auto/describe-nessus-plugin line 510.
>>
>>Is it possible to remove the -T switch from the first line of this
>>code, and still have it properly execute?
>>
>>ashby
>>
>>
>>
>>On Wed, Dec 10, 2008 at 1:16 PM, Mercer, Jeff C - Raleigh, NC
>><Jeff.C.Mercer@usps.gov> wrote:
>>> It is not necessary for normal operation of Nessus.
>>>
>>> It's just a useful little script that will make a backup
>>copy of the existing plugins before updating, and can
>>optionally report on all the plugins that have been changed.
>>>
>>> --------
>>> Jeff Mercer - CISO - Security Vulnerability Assessments
>>>
>>>
>>>>-----Original Message-----
>>>>From: nessus-bounces@list.nessus.org
>>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of
>>Lachance, François
>>>>Sent: Wednesday, December 10, 2008 12:15 PM
>>>>To: nessus@list.nessus.org
>>>>Subject: RE: Update Nessus Plugins Script
>>>>
>>>>I have been following this thread, and I'm not sure I
>>>>understand why using an extra script to download patches is
>>>>necessary. Can anyone enlighten me on what you are trying to
>>>>accomplish?
>>>>
>>>>Thanks,
>>>>
>>>>François
>>>>
>>>>-----Original Message-----
>>>>From: nessus-bounces@list.nessus.org
>>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Mercer,
>>>>Jeff C - Raleigh, NC
>>>>Sent: December-10-08 10:15 AM
>>>>To: christopher ashby; nessus@list.nessus.org
>>>>Subject: RE: Update Nessus Plugins Script
>>>>
>>>>I got them to work the other week, though I did get that same
>>>>W32.Sasser
>>>>error that you did when I tried to update today. I re-ran the
>>>>update and
>>>>it worked correctly.
>>>>
>>>>I'm assuming you've installed all the necessary perl
>>modules. You might
>>>>want to do a "cpan upgrade" just to make sure you have the latest
>>>>version of the modules. I also found it's better to just run
>>the whole
>>>>thing as root rather than try and use sudo.
>>>>
>>>>I had to modify a couple of lines as well. Here's my diff between the
>>>>original and modified forms of update-nessus-plugins:
>>>>
>>>>
>>>>< = original
>>>>> = updated
>>>>
>>>>161c33
>>>>< $ENV{PATH} =
>>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>>>>opt/nessu
>>>>s/sbin'; # nb: also passed to nessus-update-plugins
>>>>---
>>>>> $ENV{PATH} =
>>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin
>>'; # nb:
>>>>also passed to nessus-update-plugins
>>>>290c162
>>>>< my $cmd = 'nessus-update-plugins';
>>>>---
>>>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>>>>352c224,225
>>>>< my $cmd = 'describe-nessus-plugin ' .
>>>>---
>>>>> my $cmd = 'describe-nessus-plugin ' .
>>>>> '-f ' . join(',', @info_funcs) . ' ' .
>>>>382c255
>>>>< open(NEW, $plugin) or croak "Can't read
>>>>'$plugin' - $!\n";
>>>>---
>>>>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>>>>'$plugin' - $!\n";
>>>>
>>>>
>>>>
>>>>I'm running RHEL as well, so I think this should work for
>>you as well.
>>>>
>>>>--------
>>>>Jeff Mercer - CISO - Security Vulnerability Assessments
>>>>
>>>>
>>>>>-----Original Message-----
>>>>>From: nessus-bounces@list.nessus.org
>>>>>[mailto:nessus-bounces@list.nessus.org] On Behalf Of
>>christopher ashby
>>>>>Sent: Saturday, December 06, 2008 11:10 AM
>>>>>To: nessus@list.nessus.org
>>>>>Subject: Update Nessus Plugins Script
>>>>>
>>>>>List-
>>>>>
>>>>>Has anyone successfully implemented these scripts with Nessus? I
>>>>>currently have Nessus 3.2.1 on a RH Server and use the
>>command line to
>>>>>execute my scans. Here is what happens when I attempt to use these
>>>>>scripts:
>>>>>
>>>>>The 1st script (update-nessus-plugins.pl) executes properly and
>>>>>updates the plugins, creates the MD5, and archives everything
>>>>>according to plan. When this scripts executes the
>>>>>describe-nessus-plugin.pl script, it gives me an error
>>saying that the
>>>>>""plugin isn't available??
>>>>>
>>>>>I have execute this in debug mode, and receive the same
>>generic error.
>>>>> If i execute the perl script (describe-nessus-plugin.pl)
>>on it's own,
>>>>>it properly gives me the output? I have modified the
>>>>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>>>>183) and then modifying lines 352-355 which call the
>>>>>describe-nessus-plugins.pl script. This modification was
>>made because
>>>>>if i execute the script (describe-nessus-plugins.pl) without any
>>>>>switches it's outcome is exactly what i need.
>>>>>
>>>>>Here is the command i execute in an attempt to get the
>>>>outcome desired:
>>>>>
>>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>>>>/home/cashby/plugins-report.txt
>>>>>
>>>>>i have also attempted this with the same outcome:
>>>>>
>>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>>>>/home/cashby/plugins-report.txt
>>>>>
>>>>>I have attached the scripts for anyone to view, if anyone has any
>>>>>suggestions that would be appreciated!
>>>>>
>>>>>thanks-
>>>>>Christopher Ashby
>>>>>
>>>>_______________________________________________
>>>>Nessus mailing list
>>>>Nessus@list.nessus.org
>>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>>_______________________________________________
>>>>Nessus mailing list
>>>>Nessus@list.nessus.org
>>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>>
>>> _______________________________________________
>>> Nessus mailing list
>>> Nessus@list.nessus.org
>>> http://mail.nessus.org/mailman/listinfo/nessus
>>>
>>
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

On Dec 10, 2008, at 2:34 PM, christopher ashby wrote:

> Noticing some new plugin published, I attempted to execute this script
> again as root:
>
> root@ubuntu804jeos:/home/cashby# perl -T
> /opt/nessus/auto/update-nessus-plugins -bps >
> /home/cashby/plugin-report.txt
>
> this is the error received:
> Can't run 'describe-nessus-plugin -f

If I've been following along correctly, you put describe-nessus-plugin
in /opt/nessus/auto but didn't add that to the PATH environment
variable in update-nessus-plugins.

> root@ubuntu804jeos:/home/cashby# perl -T
> /opt/nessus/auto/describe-nessus-plugin -f
> bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
> english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>
> I received the following error:
>
> /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
> Insecure dependency in sprintf while running with -T switch at
> /opt/nessus/auto/describe-nessus-plugin line 510.
>
> Is it possible to remove the -T switch from the first line of this
> code, and still have it properly execute?

That wouldn't be a good idea. Taint mode helps ensure that malicious
input doesn't get used when invoking a subshell or to modify files and
the like.

Which version of Perl are you using (eg, "perl -V")? And what
modifications if any have you made to describe-nessus-plugins?

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

George-

I have re-downloaded the scripts from your site. Here is what i have
completed, and changed and the results of which:

executed as sudo chmod +x <script names>

then the following changes were made to update-nessus-plugins
line 161 added additional paths below is the exact line:

$ENV{PATH} = '/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/opt/nessus/sbin';
# nb: also passed to nessus-update-plugins

(i tried adding the "/opt/nessus/auto" to this but after which
received the following error, i'm not so concerned with this error):

Insecure directory in $ENV{PATH} while running with -T switch at
./update-nessus-plugins line 291.

Line 183 changed the nessus plugin path, below is the exact line:

my $plugins_dir = '/opt/nessus/lib/nessus/plugins'; # where plugins are stored.

no other changes have been made to this script, or the
describe-nessus-plugin script.

I have the plugins located in /opt/nessus/auto and have been using the
following command after changing into that directory to execute:

./update-nessus-plugins -bps > plugin-report.txt

the scripts execute and the plugins are updated, however (i've been
watching the RSS for new or updated plugins) and when i re-run the
script (knowing that new or updated plugins are available) the scripts
throws a generic error indicating that W32.Sassor nasl isn't
available, i rerun the same command and everything works like expected
and the output is recorded to the txt file as indicated.

Is there a different file that can be modified or purged to stop the
W32.Sassor errors, or the other funky .nasl plugins that don't exist?
I'm sure everything is correct in my syntax and what not. I'm also
running perl 5.8.8 and all modules have been double checked and are
installed.

Let me know your thoughts on this...
Thanks

christopher ashby



On Wed, Dec 10, 2008 at 3:48 PM, George A. Theall
<theall@tenablesecurity.com> wrote:
> On Dec 10, 2008, at 2:34 PM, christopher ashby wrote:
>
>> Noticing some new plugin published, I attempted to execute this script
>> again as root:
>>
>> root@ubuntu804jeos:/home/cashby# perl -T
>> /opt/nessus/auto/update-nessus-plugins -bps >
>> /home/cashby/plugin-report.txt
>>
>> this is the error received:
>> Can't run 'describe-nessus-plugin -f
>
> If I've been following along correctly, you put describe-nessus-plugin
> in /opt/nessus/auto but didn't add that to the PATH environment
> variable in update-nessus-plugins.
>
>> root@ubuntu804jeos:/home/cashby# perl -T
>> /opt/nessus/auto/describe-nessus-plugin -f
>> bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>> english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>>
>> I received the following error:
>>
>> /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>> Insecure dependency in sprintf while running with -T switch at
>> /opt/nessus/auto/describe-nessus-plugin line 510.
>>
>> Is it possible to remove the -T switch from the first line of this
>> code, and still have it properly execute?
>
> That wouldn't be a good idea. Taint mode helps ensure that malicious
> input doesn't get used when invoking a subshell or to modify files and
> the like.
>
> Which version of Perl are you using (eg, "perl -V")? And what
> modifications if any have you made to describe-nessus-plugins?
>
> George
> --
> theall@tenablesecurity.com
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

On Dec 11, 2008, at 4:01 PM, christopher ashby wrote:

> (i tried adding the "/opt/nessus/auto" to this but after which
> received the following error, i'm not so concerned with this error):
>
> Insecure directory in $ENV{PATH} while running with -T switch at
> ./update-nessus-plugins line 291.

This means /opt/nessus/auto is world-writable! You probably want to
fix that.

> the scripts execute and the plugins are updated, however (i've been
> watching the RSS for new or updated plugins) and when i re-run the
> script (knowing that new or updated plugins are available) the scripts
> throws a generic error indicating that W32.Sassor nasl isn't
> available,

I have released a new version of the script; one of the changes it to
not abort if a plugin such as this isn't available - <http://www.tifaware.com/perl/update-nessus-plugins/
>.

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus