Re: Gain Root Remotely plugin (command line)

[Douglas Nordwall]

On Sep 22, 2006, at 12:00 AM, Gonzalez, Matthew wrote: Hello Everyone,               I am currently taking a Network Defense and Countermeasures course for my degree. Anyway; one of our projects is to use Nessus to run a certain plugin. I am using the command-line version of Nessus on Mandriva, because some dependencies on packages for the GUI are giving me problems and time is against me so to speak. The plugin that I have to demo is the Gain Root Remotely plugin. Well, taking a look in my plugins, i don't have one named "Gain Root Remotely". however, there is a family of plugins named gain root remotely. It's more than one though :) I was wondering if there is a way to choose just that plugin through the command line or if it’s a “dangerous plugin” to enable it to be p art of the scan. This scan would be taking place on the loopback address (127.0.0.1) of the Mandriva system.   Well, i would pick a system that does have a gui and select the plugin, then save the .nessusrc file and pass that to nessus using the -c option. If you take a look at the nessusrc file, you'll see that the option to enable is merely changing a "no" to a "yes" on the plugin that you want to run - check after the part that says "begin(PLUGIN_SET)". In your case, it sounds more like you want to run a family of plugins, so it'll be a little harder, if you don't have a gui, as you'll have to dig out a lot of plugin ids. there are 245 according to my find and grep count. I was able to extract all the numbers with the following brief bash script (I apologize for the uglies): for i in `find ./ -exec grep -l "Gain root remotely" {} \;` do  grep script_id $i | awk -F\( '{print $2}' | awk -F\) '{print $1}' done that will at least get you a list of ids that are in the gain root remotely family, assuming that I didn't miss something (double check!) Also, are there any tips to make the system be able to be picked up as gaining root remotely when the scan is run? This way when I run a demonstration it will work and show in the generated report. I would appreciate all help and comments. you're scan will show that it was able to gain root remotely in the report. You might also consider tailing the nessusd.dump and nessusd.messages log files using tail -f.   Thank you,   Matthew Gonzalez Network Administration (BT) Morrisville State College Morrisville, NY     _______________________________________________ Nessus mailing list Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus Doug Nordwall Unix Administrator EMSL Computer and Network Support Unclassified Computer Security Phone: (509)372-6776; Fax: (509)376-0420 The best book on programming for the layman is "Alice in Wonderland"; but that's because it's the best book on anything for the layman.

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus