Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Nessus: plugins

Custom plugins do not work after 3.0 upgrade.

 

 

Nessus plugins RSS feed   Index | Next | Previous | View Threaded


infosecpw at yahoo

Dec 15, 2005, 1:53 PM

Post #1 of 6 (1388 views)
Permalink
Custom plugins do not work after 3.0 upgrade.

This may not be a question for this list however I will ask it since I am not sure where else to go. I have upgraded the nessus engine to the 3.0 version today on a FreeBSD 5.4 patch level 8. Nessus starts without any problems however when I connect with the WX client I get the following message in the nessusd.messages indicating that there was a problem loading my custom scripts which would load just fine under the older version. The error I get is

[Thu Dec 15 16:41:14 2005][1007] Inconsistent data: "My CUSTOM SCRIPT NAME" - not applying this plugin

Has anyone run into this and know what the problem might be. I would run a parse check with both versions of nasl utility and get no errors. I understand that the nasl v.3 is backwards compatible with the version 2. Also does anyone know if there is a NASL v.3 guide somewhere.

Any help is appreciated




---------------------------------
Yahoo! Shopping
Find Great Deals on Holiday Gifts at Yahoo! Shopping


deraison at nessus

Dec 16, 2005, 3:03 AM

Post #2 of 6 (1322 views)
Permalink
Re: Custom plugins do not work after 3.0 upgrade. [In reply to]

On Dec 15, 2005, at 22:53, Simon Prazak wrote:

> This may not be a question for this list however I will ask it
> since I am not sure where else to go. I have upgraded the nessus
> engine to the 3.0 version today on a FreeBSD 5.4 patch level 8.
> Nessus starts without any problems however when I connect with the
> WX client I get the following message in the nessusd.messages
> indicating that there was a problem loading my custom scripts which
> would load just fine under the older version. The error I get is
>
> [Thu Dec 15 16:41:14 2005][1007] Inconsistent data: "My CUSTOM
> SCRIPT NAME" - not applying this plugin
>

Your plugin does not register itself properly within nessusd -- its
either missing script_name, script_description, or a few other
mandatory calls.
_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers


infosecpw at yahoo

Dec 27, 2005, 9:08 AM

Post #3 of 6 (1300 views)
Permalink
Re: Custom plugins do not work after 3.0 upgrade. [In reply to]

Renaud,

I got a chance to revisit this issue. My script still does not register properly with nessusd 3.0 engine. When I run the script through the nasl interpreter I get the following output:

Unknown function 'kb_smb_name' (/tmp/PW_prod_3.0TEST.nasl, line 43)
Unknown function 'kb_smb_transport' (/tmp/PW_prod_3.0TEST.nasl, line 44)
Unknown function 'kb_smb_login' (/tmp/PW_prod_3.0TEST.nasl, line 46)
Unknown function 'kb_smb_password' (/tmp/PW_prod_3.0TEST.nasl, line 47)
Unknown function 'kb_smb_domain' (/tmp/PW_prod_3.0TEST.nasl, line 48)
Unknown function 'session_init' (/tmp/PW_prod_3.0TEST.nasl, line 54)
Unknown function 'NetUseAdd' (/tmp/PW_prod_3.0TEST.nasl, line 56)
Unknown function 'RegConnectRegistry' (/tmp/PW_prod_3.0TEST.nasl, line 59)
Unknown function 'NetUseDel' (/tmp/PW_prod_3.0TEST.nasl, line 62)
Unknown function 'RegOpenKey' (/tmp/PW_prod_3.0TEST.nasl, line 70)
Unknown function 'RegQueryValue' (/tmp/PW_prod_3.0TEST.nasl, line 77)
Unknown function 'RegCloseKey' (/tmp/PW_prod_3.0TEST.nasl, line 85)
Unknown function 'RegCloseKey' (/tmp/PW_prod_3.0TEST.nasl, line 88)
Unknown function 'NetUseDel' (/tmp/PW_prod_3.0TEST.nasl, line 89)

It seams that the problem is in the nessusd not finding the functions which leads me to beleive that there is some kind of problem with me having kept the two versions of the nessusd on one system. However I have followed all of the install/upgrade instructions for my particular OS. I have upgrades using the Nessus-3.1.0.0-fbsd5.tbz file as oppose to compiling the sources which I normally do. Again, any help is appreciated.

Thanks
Simon

Renaud Deraison <deraison [at] nessus> wrote:
On Dec 15, 2005, at 22:53, Simon Prazak wrote:

> This may not be a question for this list however I will ask it
> since I am not sure where else to go. I have upgraded the nessus
> engine to the 3.0 version today on a FreeBSD 5.4 patch level 8.
> Nessus starts without any problems however when I connect with the
> WX client I get the following message in the nessusd.messages
> indicating that there was a problem loading my custom scripts which
> would load just fine under the older version. The error I get is
>
> [Thu Dec 15 16:41:14 2005][1007] Inconsistent data: "My CUSTOM
> SCRIPT NAME" - not applying this plugin
>

Your plugin does not register itself properly within nessusd -- its
either missing script_name, script_description, or a few other
mandatory calls.




---------------------------------
Yahoo! DSL Something to write home about. Just $16.99/mo. or less


deraison at nessus

Dec 27, 2005, 9:14 AM

Post #4 of 6 (1313 views)
Permalink
Re: Custom plugins do not work after 3.0 upgrade. [In reply to]

On Dec 27, 2005, at 18:08, Simon Prazak wrote:

> Renaud,
>
> I got a chance to revisit this issue. My script still does not
> register properly with nessusd 3.0 engine. When I run the script
> through the nasl interpreter I get the following output:
>
> Unknown function 'kb_smb_name' (/tmp/PW_prod_3.0TEST.nasl, line 43)

You need to have your script in the same directory as the smb_*.inc
files, otherwise the includes won't work.

As for not registering properly, send me your script and I'll be able
to tell you where the problem is.

-- Renaud

_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers


infosecpw at yahoo

Dec 27, 2005, 10:48 AM

Post #5 of 6 (1309 views)
Permalink
Re: Custom plugins do not work after 3.0 upgrade. [In reply to]

Yes. I was not in the plugins directory. My mistake. Here is the copy of the script:

if(description)
{
script_id(90000);
script_version("$Revision: 1.0 $");
name["english"] = "Symantec AntiVirus Version Detection";
script_name(english:name["english"]);
desc["english"] = "
This script determines the version of the remote Norton AntiVirus as
written in the registry of the remote host. It also reports any host
where registry does not exist.

Risk Factor : None";

script_description(english:desc["english"]);
summary["english"] = "Determines the version of the remote NAV";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
family["english"] = "Custom";
script_family(english:family["english"]);
script_dependencies("smb_hotfixes.nasl");
script_require_keys("SMB/Registry/Enumerated");
script_require_ports(139, 445);
exit(0);
}

if ( get_kb_item("SMB/samba") ) exit(0);
if ( ! get_kb_item("SMB/Registry/Enumerated") ) exit(0);
include("smb_func.inc");

name = kb_smb_name();
port = kb_smb_transport();
if(!get_port_state(port)) exit(1);
login = kb_smb_login();
pass = kb_smb_password();
domain = kb_smb_domain();
soc = open_sock_tcp(port);
if(!soc) exit(0);

session_init(socket:soc, hostname:name);

r = NetUseAdd(login:login, password:pass, domain:domain, share:"IPC$");
if ( r != 1 ) exit(0);

hklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);
if ( isnull(hklm) )
{
NetUseDel();
exit(1);
}

# "Regular" edition
key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Pro
ducts\497CA84818B8A04418EA464733D75B72\InstallProperties";
item = "DisplayVersion";
key_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);

# Check for missing registry key and report
if ( isnull(key_h) )
security_hole(port:port, data:"The Symantec Norton Antivirus registry key does n
o exist.");
else
{
# Check the registry value and report it
value = RegQueryValue(handle:key_h, item:item);
if ( !isnull(value) )
{

version = value[1];
set_kb_item(name:"Symantec_Custom/Version", value:version);
security_note(port:port, data:"The remote host has Symantec Norton Antivirus ver
sion " + version + " installed.");
}

RegCloseKey(handle:key_h);
}

RegCloseKey(handle:hklm);
NetUseDel();

Also, I do not get an error in the nessusd.messages file telling me that the plugin could not be loaded upon nessusd startup using nessusd -D. I get the "Inconsistent data" error when I connect with the NessusWX client.

Thanks again.

Simon

Simon Prazak <infosecpw [at] yahoo> wrote: Renaud,

I got a chance to revisit this issue. My script still does not register properly with nessusd 3.0 engine. When I run the script through the nasl interpreter I get the following output:

Unknown function 'kb_smb_name' (/tmp/PW_prod_3.0TEST.nasl, line 43)
Unknown function 'kb_smb_transport' (/tmp/PW_prod_3.0TEST.nasl, line 44)
Unknown function 'kb_smb_login' (/tmp/PW_prod_3.0TEST.nasl, line 46)
Unknown function 'kb_smb_password' (/tmp/PW_prod_3.0TEST.nasl, line 47)
Unknown function 'kb_smb_domain' (/tmp/PW_prod_3.0TEST.nasl, line 48)
Unknown function 'session_init' (/tmp/PW_prod_3.0TEST.nasl, line 54)
Unknown function 'NetUseAdd' (/tmp/PW_prod_3.0TEST.nasl, line 56)
Unknown function 'RegConnectRegistry' (/tmp/PW_prod_3.0TEST.nasl, line 59)
Unknown function 'NetUseDel' (/tmp/PW_prod_3.0TEST.nasl, line 62)
Unknown function 'RegOpenKey' (/tmp/PW_prod_3.0TEST.nasl, line 70)
Unknown function 'RegQueryValue' (/tmp/PW_prod_3.0TEST.nasl, line 77)
Unknown function 'RegCloseKey' (/tmp/PW_prod_3.0TEST.nasl, line 85)
Unknown function 'RegCloseKey' (/tmp/PW_prod_3.0TEST.nasl, line 88)
Unknown function 'NetUseDel' (/tmp/PW_prod_3.0TEST.nasl, line 89)

It seams that the problem is in the nessusd not finding the functions which leads me to beleive that there is some kind of problem with me having kept the two versions of the nessusd on one system. However I have followed all of the install/upgrade instructions for my particular OS. I have upgrades using the Nessus-3.1.0.0-fbsd5.tbz file as oppose to compiling the sources which I normally do. Again, any help is appreciated.

Thanks
Simon

Renaud Deraison <deraison [at] nessus> wrote:
On Dec 15, 2005, at 22:53, Simon Prazak wrote:

> This may not be a question for this list however I will ask it
> since I am not sure where else to go. I have upgraded the nessus
> engine to the 3.0 version today on a FreeBSD 5.4 patch level 8.
> Nessus starts without any problems however when I connect with the
> WX client I get the following message in the nessusd.messages
> indicating that there was a problem loading my custom scripts which
> would load just fine under the older version. The error I get is
>
> [Thu Dec 15 16:41:14 2005][1007] Inconsistent data: "My CUSTOM
> SCRIPT NAME" - not applying this plugin
>

Your plugin does not register itself properly within nessusd -- its
either missing script_name, script_description, or a few other
mandatory calls.




---------------------------------
Yahoo! DSL Something to write home about. Just $16.99/mo. or less_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers



---------------------------------
Yahoo! Photos
Ring in the New Year with Photo Calendars. Add photos, events, holidays, whatever.


deraison at nessus

Dec 27, 2005, 11:18 AM

Post #6 of 6 (1324 views)
Permalink
Re: Custom plugins do not work after 3.0 upgrade. [In reply to]

On Dec 27, 2005, at 19:48, Simon Prazak wrote:

> Yes. I was not in the plugins directory. My mistake. Here is the
> copy of the script:
>
> if(description)
> {
> script_id(90000);
> script_version("$Revision: 1.0 $");
> name["english"] = "Symantec AntiVirus Version Detection";
> script_name(english:name["english"]);
> desc["english"] = "
> This script determines the version of the remote Norton AntiVirus as
> written in the registry of the remote host. It also reports any host
> where registry does not exist.
>
> Risk Factor : None";
>
> script_description(english:desc["english"]);
> summary["english"] = "Determines the version of the remote NAV";
> script_summary(english:summary["english"]);
> script_category(ACT_GATHER_INFO);
> family["english"] = "Custom";
> script_family(english:family["english"]);
> script_dependencies("smb_hotfixes.nasl");
> script_require_keys("SMB/Registry/Enumerated");
> script_require_ports(139, 445);

Add a call to script_copyright() :

script_copyright(english:"Simon Prazak");



-- Renaud

_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers

Nessus plugins RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.