Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: show details of the actual nasl script of the NVT #3437

Open
tgurr opened this issue May 19, 2022 · 0 comments
Open

Feature request: show details of the actual nasl script of the NVT #3437

tgurr opened this issue May 19, 2022 · 0 comments
Labels
feature

Comments

@tgurr
Copy link
Contributor

tgurr commented May 19, 2022
edited
Loading

Expected behavior

It often happens to us that we need to have a look at the actual nasl script to see how the actual check is done. Like for example when it mentions a registry key, or does a check on a dll file and so on. Currently just the result is displayed but often missing the specific details on how the check on the affected system is/has been done. Just an example on one of our system https://community.greenbone.net/t/microsoft-office-remote-code-execution-vulnerability-3017349-wrong-qod-type/12226 was found, but since the info in Greenbone is missing the admin didn't know as to why it was found on the affected system. It turned out to be a leftover dll file, but the defails in the GSA webinterface tells the check does a registry detection, so we had to look up the details in the actual nasl script which usually is even hard to find as GSA doesn't print the nasl filename somwhere. I used

# cd /var/lib/openvas/plugins
# find . -name *ms14-082*

on the greenbone machine to find it. (Probably searching for file content via the OID would be wiser as that information is at least available via the GSA webinterface.)

Even better would be if the GSA webinterface could show the code of the actual nasl script somewhere so the admins could help themselves. Of course if the repository would be available on e.g. GitHub one could also easily do searches, but first that currently isn't the case and second it would be really neat to have this functionality inside of Greenbone (GSA) itself.

Request 1: Show the nasl filename somwhere on the NVT details
Request 2: Be able to view the content of the nasl files (somwhere on the NVT details)

Actual behavior

Try to find out details on how a check is done on the system for which there was a finding, but find yourself unable to get any more in-depth details.

Steps to reproduce

  1. Do a scan
  2. Navigate to the results
  3. Choose a finding
  4. Navigate to the NVT details
  5. See a check was done e.g. via registry but find yourself having no information on e.g. which key was checked and where to find it.

GVM versions

gsa: Greenbone Security Assistant 21.4.4

gvm: Greenbone Vulnerability Manager 21.4.5

openvas-scanner: -bash: openvassd: Command not found.

gvm-libs: 21.4.4

Environment

Operating system:

NAME="Exherbo"
PRETTY_NAME="Exherbo Linux"
ID=exherbo
ANSI_COLOR="0;32"
HOME_URL="https://www.exherbo.org/"
SUPPORT_URL="irc://irc.libera.chat/#exherbo"
BUG_REPORT_URL="https://gitlab.exherbo.org/"

Installation method / source: packages

Logfiles

none
@tgurr tgurr added the bug label May 19, 2022
@y0urself y0urself added feature and removed bug labels May 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tgurr @y0urself