I've attached a patch that at least makes this plugin *attempt* to run. I think it's so badly broken that it may not be rescueable but...
1) It has a dependency on nmap_tcp_connect.nes that was not mentioned. Running this
plugin without nmap means that the KB Ports/tcp/* was empty so it did nothing.
2) It bailed out if more than 4 ports were open - changed to 8.
3) The foreach loop was looking at the values of the keys not the names of the keys -
the values are always 1, the keys have the port number in them.
4) The "else if" clause that checks for ports 21 etc. currently makes the script bail
out if any port except those listed is open. It seems from my tests that each time I
run a scan against a printer, it adds a new port in the range 5121+ and the presence
of this port (due to the scan) is enough to make the plugin bail out! Catch22 anyone.
I do not know how to solve this one - perhaps the test should be reversed and the host
marked dead if any of the listed ports are open and unlisted ports should be ignored?
The other thing that worries me slightly is that from previous discussions on this
list of the 'printer prints blank pages during a scan' problem, I always thought it
was the nmap scan when run with -sS that caused it not the scan itself. If this is
true then the dependency that I just added will probably make the problem worse not
better :-(
--- dont_scan_printers.old Mon Dec 1 19:17:48 2003
+++ dont_scan_printers.nasl Wed Dec 10 17:07:34 2003
@@ -32,6 +32,7 @@
script_copyright(english:"This script is Copyright (C) 2003 by Michel Arboi");
family["english"] = "Settings"; # Or maybe a "scan option" family?
script_family(english:family["english"]);
+ script_dependencie("nmap_tcp_connect.nes");
exit(0);
}
@@ -62,13 +63,13 @@
ports = get_kb_list("Ports/tcp/*");
# Host is dead, or all ports closed, or unscanned => cannot decide
if (isnull(ports)) exit(0);
-# Ever seen a printer with more than 4 open ports?
-if (max_index(ports) > 4) exit(0);
+# Ever seen a printer with more than 8 open ports?
+if (max_index(ports) > 8) exit(0);
# Test if open ports are seen on a printer
# http://www.lprng.com/LPRng-HOWTO-Multipart/x4981.htm
appsocket = 0;
-foreach p (ports)
+foreach p (keys(ports))
{
p = int(p - "Ports/tcp/");
if ( p == 35 # AppSocket for QMS
<<dsp.diff>>
Trevor Hemsley,
Security Specialist,
Atos Origin Ltd,
Whyteleafe,
+44-(0)1883-628139
[This e-mail and the documents attached are confidential and intended solely for the
addressee ; it may also be privileged . If you receive this e-mail in error, please
notify the sender immediately and destroy it. As its integrity cannot be secured on
internet, the Atos Origin group liability cannot be triggered for the message content.
Although the sender endeavours to maintain a computer virus-free network, the sender
does not warrant that this transmission is virus-free and will not be liable for any
damages resulting from any virus transmitted.]
dsp.diff
Description: dsp.diff
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
