Installing Your Own Plug-in
The previous topics addressed the NASL API, and you have seen how to use NASL to write scripts to check for specific vulnerabilities. This section shows you how to write a simple plug-in from scratch, and how to install the plug-in.
For the purposes of this exercise, let’s assume the
plug-in aims to discover the following vulnerability: a home-grown
web application is known to serve a file,
/src/passwd.inc
, when the web
browser requests it via a URL such as http://host/src/passwd.inc.
Let’s also assume the
passwd.inc
file contains
usernames and passwords. To check for our vulnerability, we simply
need to call is_cgi_installed()
to test for the presence of
/src/passwd.inc. Here is the appropriate NASL
script to do so:
if (description) { script_id(99999); script_version ("$Revision: 1.2 $"); script_name(english:"Checks for /src/passwd.inc"); desc["english"]="/src/passwd.inc is usually installed by XYZ web application and contains username and password information in clear text. Solution: Configure your web browser to not serve .inc files. Risk factor: High"; script_description(english:desc["english"]); script_summary(english:"Checks for the existence of /src/passwd.inc"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (c)2004 Nitesh Dhanjani"); script_family(english:"CGI abuses"); script_require_ports("Services/www",80); exit(0); } include ("http_func.inc"); port=get_http_port(default:80); if(is_cgi_installed(item:"/src/passwd.inc",port:port)) ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.