一、script id
script id 的获取:将你编写的nasl脚本发送给Nessus维护者,目前是法国人 Renaud Deraison < deraison@cvs.nessus.org >,然后如果你的脚本审查通过,他会将你的脚本加入 Nessus distribution库,一旦被加入 Nessus distribution库,你的脚本就会获得一个唯一的id。
The unique ID number of this plugin. Each plugin is attributed a unique ID that that will not change over time.Traditionally, Nessus scripts use the 1xxxxx space (10000, 10001, and so on…). If you intend to develop private scripts that you do not intend to distribute, it is recommended you use the 9xxxxx ID space.
二、 CVE id
Nessus完全兼容CVE,CVE id号目前由MITRE维护,想要获得唯一的CVE id,请参考: 如果你不关心CVE id号,可不必设置它。
三、 knowledge base(KB)
NASL脚本引擎将一些脚本作用于被测试目标后所得到的有用信息,如操作祭统类型、打开的端口、端口所提供的服务等,,存放到脚本知识库中
(knowledge Base KB),供其它后续脚本使用。利用知识库中存储的信息记录,可有效地进行脚本间的信息交互,减少脚本代码的冗佘。
Here is a sum up of the keys that are set by the plugins :
参考:
-
Host/OS
Defined in : queso.nasl and nmap_wrapper.nasl
Type : string
Meaning : Remote operating system type
-
Host/dead
Defined in : ping_host.nasl and all the DoS plugins Type : boolean
Meaning : The remote host is dead. If you set this item, then nessusd will interrupt the test of the host.
-
Services/www
Defined in : find_service.nes Type : port number
Meaning : port on which a web server is running. Returns 0 if no web server has been found.
-
Services/auth
Defined in : find_service.nes Type : port number
Meaning : port on which an identd server is running. Returns 0 if no such server has been found
-
Services/echo
Defined in : find_service.nes Type : port number
Meaning : port on which 'echo' is running. Returns 0 if no such service has been found
-
Services/finger
Defined in : find_service.nes Type : port number
Meaning : port on which a finger server is running. Returns 0 if no such server has been found
-
Services/ftp
Defined in : find_service.nes Type : port number
Meaning : port on which an ftp server is running. Returns 0 if no such server has been found
-
Services/smtp
Defined in : find_service.nes Type : port number
Meaning : port on which an SMTP server is running. Returns 0 if no such server has been found
-
Services/ssh
Defined in : find_service.nes Type : port number
Meaning : port on which an SSH server is running. Returns 0 if no such server has been found
-
Services/http_proxy
Defined in : find_service.nes Type : port number
Meaning : port on which an HTTP proxy is running. Returns 0 if no such server has been found
-
Services/imap
Defined in : find_service.nes Type : port number
Meaning : port on which an imap server is running. Returns 0 if no such server has been found
-
Services/pop1
Defined in : find_service.nes Type : port number
Meaning : port on which a POP-1 server is running. Returns 0 if no such server has been found
-
Services/pop2
Defined in : find_service.nes Type : port number
Meaning : port on which a POP-2 server is running. Returns 0 if no such server has been found
-
Services/pop3
Defined in : find_service.nes Type : port number
Meaning : port on which a POP-3 server is running. Returns 0 if no such server has been found
-
Services/nntp
Defined in : find_service.nes Type : port number
Meaning : port on which an NNTP server is running. Returns 0 if no such server has been found
-
Services/linuxconf
Defined in : find_service.nes Type : port number
Meaning : port on which a linuxconf server is running. Returns 0 if no such server has been found
-
Services/swat
Defined in : find_service.nes Type : port number
Meaning : port on which a SWAT server is running. Returns 0 if no such server has been found
-
Services/wild_shell
Defined in : find_service.nes Type : port number
Meaning : port on which a shell is open to the world (usually a bad thing). Returns 0 if no such server has been found
-
Services/telnet
Defined in : find_service.nes Type : port number
Meaning : port on which a telnet server is running. Returns 0 if no such server has been found
-
Services/realserver
Defined in : find_service.nes Type : port number
Meaning : port on which a RealServer server is running. Returns 0 if no such server has been found
-
Services/netbus
Defined in : find_service.nes Type : port number
Meaning : port on which a NetBus server is running (usually not a good thing). Returns 0 if no such server has been found
-
bind/version
Defined in : bind_version.nasl Type : string
Meaning : version of the remote BIND daemon
-
rpc/bootparamd
Defined in : bootparamd.nasl Type : string
Meaning : The bootparam RPC service is running
-
Windows compatible
Defined in : ca_unicenter_file_transfer_service.nasl, ca_unicenter_transport_service.nasl, mssqlserver_detect.nasl and windows_detect.nasl Type : boolean value
Meaning : The remote host appears to be running a Windows-compatible operating system (this test is only done regarding the number of the opened-ports)
-
finger/search.**@host
Defined in : cfinger_search.nasl Type : boolean value
Meaning : The finger daemon dumps the list of users if the query .** is made
-
finger/0@host
Defined in : finger_0.nasl Type : boolean value
Meaning : The finger daemon dumps a list of users if the query 0 is made
-
finger/.@host
Defined in : finger_dot.nasl Type : boolean value
Meaning : The finger daemon dumps a list of users if the query . is made
-
finger/user@host1@host2
Defined in : finger_0.nasl Type : boolean value
Meaning : The finger daemon is vulnerable to a redirection attack
-
www/frontpage
Defined in : frontpage.nasl Type : boolean value
Meaning : The remote web server is running frontpage extensions
-
ftp/anonymous
Defined in : ftp_anonymous.nasl Type : boolean value
Meaning : The remote FTP server accepts anonymous logins
-
ftp/root_via_cwd
Defined in : ftp_cwd_root.nasl Type : boolean value
Meaning : It is possible to gain root on the remote FTP server using the CWD ~ bug (see CVE-1999-0082)
-
ftp/microsoft
Defined in : ftp_overflow.nasl Type : boolean value
Meaning : The remote server is a Microsoft FTP server, which closes the connection whenever a too long argument is issued.
-
ftp/false_ftp
Defined in : ftp_overflow.nasl Type : boolean value
Meaning : the remote FTP server is either protected by tcp wrappers or the FTP port is open but closes the connection
参考文献:
1、《Nessus Network Auditing.Second Edition》
2、
3、
阅读(3005) | 评论(0) | 转发(0) |
