Hi,
yes this would work - kind of. Then I would get a list of all plugins
which were enabled. What would be really cool would be to get something
like:
1023:LAUNCHED
1024:DISABLED
1025:NOPORT
1026:UNSAFE
1027:NOPORT
1028:LAUNCHED
...
i.e. about the same information we currently have in the log file (with
preferences_log_whole_attack enabled), just in a better parseable format
and in the result instead of the log.
AFAICS, this result per plugin is currently not stored anywhere (i.e.
attack.c just writes it into the log file).
--nk
On Fri, 2003-02-07 at 12:52, William Heinbockel wrote:
> On Fri, 7 Feb 2003, Norbert Kiesel wrote:
>
> > Hi,
> >
> > I would like to know which attacks (i.e. attack_ids) were run against a
> > target (so that I know whether i did not find a vuln because it's not
> > there or because i just disabled this plugin). Is there any place where
> > I can access this kind of information? Currently I hacked
> > nessusd/attack.c to include the attack_id in the (three) places where it
> > writes "launching ... against" or "not launching ..." into the log
> > file. One drawback is that this only writes it into the log, not the
> > result file (i.e. i currently stop nessusd after each scan and copy the
> > logfile).
> >
> > Any ideas?
>
> Right now, there is no way to output the tests run into a report.
>
> Putting this code into one of the report sections will
> print all of the tests into the report.
>
> Format the output string as needed...
>
> <START CODE>
> struct arglist * temp = arg_get_value( Prefs, "PLUGIN_SET" );
> while( temp && temp->next ) {
> if( temp->value == (void *) 1 )
> fprintf( file, "Plugin %s was run.\n", temp->name );
> }
> <END CODE>
>
> I'm currently working on adding that and some other information
> into the Nessus reports, but have temporarily been sidetracked
> with adding a database-backend to the Nessus server.
>
> Hope that helps.
>
> >
> > so long
> > Norbert
> >
> > --
> > Norbert Kiesel <[EMAIL PROTECTED]>
> > TBD Networks
> >
> >
>
> ----------------------
> William Heinbockel
> Information Security Incident Response Assistant
> Co-op Risk & Safety Management
> Rochester Institute of Technology
> E-mail: [EMAIL PROTECTED]
--
Norbert Kiesel <[EMAIL PROTECTED]>
TBD Networks
