On Fri, 7 Feb 2003, Norbert Kiesel wrote:
> Hi,
>
> I would like to know which attacks (i.e. attack_ids) were run against a
> target (so that I know whether i did not find a vuln because it's not
> there or because i just disabled this plugin). Is there any place where
> I can access this kind of information? Currently I hacked
> nessusd/attack.c to include the attack_id in the (three) places where it
> writes "launching ... against" or "not launching ..." into the log
> file. One drawback is that this only writes it into the log, not the
> result file (i.e. i currently stop nessusd after each scan and copy the
> logfile).
>
> Any ideas?
Right now, there is no way to output the tests run into a report.
Putting this code into one of the report sections will
print all of the tests into the report.
Format the output string as needed...
<START CODE>
struct arglist * temp = arg_get_value( Prefs, "PLUGIN_SET" );
while( temp && temp->next ) {
if( temp->value == (void *) 1 )
fprintf( file, "Plugin %s was run.\n", temp->name );
}
<END CODE>
I'm currently working on adding that and some other information
into the Nessus reports, but have temporarily been sidetracked
with adding a database-backend to the Nessus server.
Hope that helps.
>
> so long
> Norbert
>
> --
> Norbert Kiesel <[EMAIL PROTECTED]>
> TBD Networks
>
>
----------------------
William Heinbockel
Information Security Incident Response Assistant
Co-op Risk & Safety Management
Rochester Institute of Technology
E-mail: [EMAIL PROTECTED]
