How to trigger get_netbios_info
George Theall
theall at tifaware.com
Thu Sep 25 10:30:50 EDT 2003
On Thu, Sep 25, 2003 at 08:42:26AM -0500, Ray Seals wrote:
> Is there a way to roll this into one scan? I have tried running 11835
> and the 10150 (get netbios info) together but that gives me info on
> every machine. I just want the netbios info on machines that are
> vulnerable to 11835.
Here's one approach:
1) Scan with both plugins and output information in NBE format.
2) Grep the NBE output to identify hosts vulnerable to 11835.
3) Grep again the NBE output and limit output to only those
hosts identified earlier.
4) If desired, use nessus client to convert output from previous step
to a different format; eg, HTML, XML, text.
And here's an *** untested *** shell script to accomplish this:
nessus --config-file=.nessusrc-11835 --batch-mode --output-type=nbe \
<nessus server> 1241 <username> <passwd> targets full.nbe
awk -F'|' '$1 == "results" && $5 == '11835' {print "|" $3 "|"}' \
full.nbe > matches
echo 'timestamps|||scan_' >> matches
fgrep -f matches full.nbe > final.nbe
nessus -i final.nbe -o final.html
I realize this isn't terribly efficient but its conceptually simple; if
efficiency is important to you, combine the filtering steps in one
using a awk/perl/python/whatever script.
George
--
theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.nessus.org/pipermail/nessus/attachments/20030925/1f97ba48/attachment.bin
More information about the Nessus
mailing list