Discussion:
[Openvas-plugins] https port 443
margaus M.
2017-05-04 09:44:37 UTC
Permalink
Hello!

Could you help me with the analisys of port 443 to make assessments via
HTTPS? I don't know which function use. Via HTTP is port =
get_http_port(default: 80); but via HTTPS I have no idea.

Thank you very much
Antu Sanadi
2017-05-04 10:14:59 UTC
Permalink
Hi,

All HTTP functions will work for HTTPS as well.

Thanks,
Antu Sanadi
Post by margaus M.
Hello!
Could you help me with the analisys of port 443 to make assessments
via HTTPS? I don't know which function use. Via HTTP is port =
get_http_port(default: 80); but via HTTPS I have no idea.
Thank you very much
_______________________________________________
Openvas-plugins mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
Antu Sanadi
2017-05-04 10:15:09 UTC
Permalink
Hi,

All HTTP functions will work for HTTPS as well.

Thanks,
Antu Sanadi
Post by margaus M.
Hello!
Could you help me with the analisys of port 443 to make assessments
via HTTPS? I don't know which function use. Via HTTP is port =
get_http_port(default: 80); but via HTTPS I have no idea.
Thank you very much
_______________________________________________
Openvas-plugins mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
margaus M.
2017-05-05 12:29:22 UTC
Permalink
*Hello Team,*

*I have a S7-1500 with a CP1543-1. I enabled the web server in the CPU and
configured it to be able to access through the CP and only via HTTPS. I
launched nmap and everything seems to be ok: only port 443 open.*

[image: Imágenes integradas 1]

*Now I try out with my NVT and it doesn't work for 443:*

include("http_func.inc");
include("http_keepalive.inc");
include("global_settings.inc");

url = '/Portal/Portal.mwsl?intro_enter_button=ENTRAR&PriNav=
Start&coming_from_intro=true';
req = http_get(item:url, port:443);
res = http_keepalive_send_recv(port:443, data:req);
display(res);

if ('Siemens'><res && 'CPU 15'><res) {
display ("Se ha detectado un PLC modelo S7-1500 de Siemens", "\n");
}




*Result:*

set key www/443/keepalive -> no


*I tried it with the explorer and it works.*


*I also tried it with port 80 (previously configured web server to be able
to connect via HTTP) and it works perfectly.*


*Any idea?*

*Thank you*
Antu Sanadi
2017-05-05 12:49:10 UTC
Permalink
Hi,

Looks like you are trying it from command line, try
openvas-nasl -X --kb "Transports/TCP/443=3" --kb "Services/www=443" -tX
IP_ ADDRESS NVT_NAME.

and it should work from GSA without any changes.

Thanks,
Antu Sanadi
Post by margaus M.
*Hello Team,*
*
*
*I have a S7-1500 with a CP1543-1. I enabled the web server in the CPU
and configured it to be able to access through the CP and only via
HTTPS. I launched nmap and everything seems to be ok: only port 443 open.*
Imágenes integradas 1
*Now I try out with my NVT and it doesn't work for 443:*
include("http_func.inc");
include("http_keepalive.inc");
include("global_settings.inc");
url =
'/Portal/Portal.mwsl?intro_enter_button=ENTRAR&PriNav=Start&coming_from_intro=true';
req = http_get(item:url, port:443);
res = http_keepalive_send_recv(port:443, data:req);
display(res);
if ('Siemens'><res && 'CPU 15'><res) {
display ("Se ha detectado un PLC modelo S7-1500 de Siemens", "\n");
}
*
*
*
*
*
*
*Result:*
set key www/443/keepalive -> no
*I tried it with the explorer and it works.*
*
*
*I also tried it with port 80 (previously configured web server to be
able to connect via HTTP) and it works perfectly.
*
*
*
*
*
*Any idea?*
*
*
*Thank you*
_______________________________________________
Openvas-plugins mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
margaus M.
2017-05-10 11:35:17 UTC
Permalink
Hi,

I always try openvas-nasl -X -d NVTS_DEPENDENCIES NVT_NAME -t IP_ADDR
I tried openvas-nasl -X --kb "Transports/TCP/443=3" --kb "Services/www=443"
-tX IP_ ADDRESS NVT_NAME. and resuls that "Unknown option --kb". Could
you explain me how this sentence works so I could understand it?

I don't use greenbone.

Thanks!
Christian Fischer
2017-05-12 10:31:58 UTC
Permalink
Hi,
Post by margaus M.
Hi,
I always try openvas-nasl -X -d NVTS_DEPENDENCIES NVT_NAME -t IP_ADDR
I tried openvas-nasl -X --kb "Transports/TCP/443=3" --kb "Services/www=443"
-tX IP_ ADDRESS NVT_NAME. and resuls that "Unknown option --kb". Could
you explain me how this sentence works so I could understand it?
I don't use greenbone.
Thanks!
the --kb parameter is available since OpenVAS 9. Calling:

openvas-nasl --help

on this version explains what the parameter is doing.

Regards,
--
Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
Loading...