📄 nasl_nessusd_glue.c
字号:
/* Nessus Attack Scripting Language * * Copyright (C) 2002 - 2004 Tenable Network Security * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * */ /* * This file contains all the function that make the "glue" between * as NASL script and nessusd. * (script_*(), *kb*(), scanner_*()) */ #include <includes.h>#include "strutils.h"#include "nasl_tree.h"#include "nasl_global_ctxt.h"#include "nasl_func.h"#include "nasl_var.h"#include "nasl_lex_ctxt.h"#include "exec.h" #include "nasl_debug.h"#include "nasl_nessusd_glue.h"#ifndef NASL_DEBUG#define NASL_DEBUG 0#endif/*------------------- Private utilities ---------------------------------*/static int isalldigit(char * str, int len){ int i ; char buf[1024]; for (i = 0; i < len; i ++) { if(!isdigit(str[i]))return 0; } snprintf(buf, sizeof(buf), "%d", atoi(str)); if ( strcmp(buf, str) != 0 ) return 0; else return 1;}/*-------------------[ script_*() functions ]----------------------------*/ /* * These functions are used when the script registers itself to nessusd */tree_cell *script_timeout(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; int to = get_int_var_by_num(lexic, 0, -65535); if(to == -65535) return FAKE_CELL; plug_set_timeout(script_infos, to ? to : -1 ); return FAKE_CELL;}tree_cell* script_id(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; int id; id = get_int_var_by_num(lexic, 0, -1); if(id > 0) plug_set_id(script_infos, id); return FAKE_CELL;}/* * TODO: support multiple CVE entries */tree_cell* script_cve_id(lex_ctxt* lexic){ struct arglist * script_infos = lexic->script_infos; char * cve = get_str_var_by_num(lexic, 0); int i; for (i = 0; cve != NULL ; i ++) { plug_set_cve_id(script_infos, cve); cve = get_str_var_by_num(lexic, i + 1); } return FAKE_CELL;}/* * TODO: support multiple bugtraq entries */tree_cell* script_bugtraq_id(lex_ctxt* lexic){ struct arglist * script_infos = lexic->script_infos; char * bid = get_str_var_by_num(lexic, 0); int i; for (i = 0; bid != NULL ; i ++) { plug_set_bugtraq_id(script_infos, bid); bid = get_str_var_by_num(lexic, i + 1); } return FAKE_CELL;}tree_cell* script_xref(lex_ctxt* lexic){ struct arglist * script_infos = lexic->script_infos; char * name = get_str_var_by_name(lexic, "name"); char * value = get_str_var_by_name(lexic, "value"); if( value == NULL || name == NULL ) { fprintf(stderr, "script_xref() syntax error - should be script_xref(name:<name>, value:<value>)\n"); return FAKE_CELL; } plug_set_xref(script_infos, name, value); return FAKE_CELL;}/* UNUSED */tree_cell* script_see_also(lex_ctxt* lexic){ nasl_perror(lexic, "Error - script_see_also() called\n"); return FAKE_CELL;}typedef void(*script_register_func_t)(struct arglist*, const char *, const char*);static tree_cell * script_elem(lex_ctxt* lexic, script_register_func_t script_register_func){ struct arglist * script_infos = lexic->script_infos; char * lang = NULL; char * str; char * dfl = "english"; if( lang == NULL ) lang = dfl; str = get_str_local_var_by_name(lexic, lang); if(str == NULL){ str = get_str_local_var_by_name(lexic, "english"); if( str == NULL ){ str = get_str_var_by_num(lexic, 0); if( str == NULL ) return FAKE_CELL; } } script_register_func(script_infos, str, NULL); return FAKE_CELL;}tree_cell * script_name(lex_ctxt * lexic){ return(script_elem(lexic, plug_set_name));}tree_cell * script_version(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; char * version = get_str_var_by_num(lexic, 0); if(version == NULL){ nasl_perror(lexic, "Argument error in function script_version()\n"); nasl_perror(lexic, "Function usage is : script_version(<name>)\n"); nasl_perror(lexic, "Where <name> is the name of another script\n"); } else plug_set_version(script_infos, version); return FAKE_CELL; }tree_cell * script_description(lex_ctxt * lexic){ return(script_elem(lexic, plug_set_description));}tree_cell * script_copyright(lex_ctxt * lexic){ return(script_elem(lexic, plug_set_copyright));}tree_cell * script_summary(lex_ctxt * lexic){ return(script_elem(lexic, plug_set_summary));}tree_cell * script_category(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; int category = get_int_var_by_num(lexic, 0, -1); if(category < 0){ nasl_perror(lexic, "Argument error in function script_category()\n"); nasl_perror(lexic, "Function usage is : script_category(<category>)\n"); return FAKE_CELL; } plug_set_category(script_infos, category); return FAKE_CELL;}tree_cell * script_family(lex_ctxt * lexic){ return(script_elem(lexic, plug_set_family));}tree_cell * script_dependencie(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; char * dep = get_str_var_by_num(lexic, 0); int i; if(dep == NULL){ nasl_perror(lexic, "Argument error in function script_dependencie()\n"); nasl_perror(lexic, "Function usage is : script_dependencie(<name>)\n"); nasl_perror(lexic, "Where <name> is the name of another script\n"); return FAKE_CELL; } for(i=0;dep != NULL;i++) { dep = get_str_var_by_num(lexic, i); if(dep != NULL) plug_set_dep(script_infos, dep); } return FAKE_CELL;}tree_cell * script_require_keys(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; char * keys = get_str_var_by_num(lexic, 0); int i; if(keys == NULL){ nasl_perror(lexic, "Argument error in function script_require_keys()\n"); nasl_perror(lexic, "Function usage is : script_require_keys(<name>)\n"); nasl_perror(lexic, "Where <name> is the name of a key\n"); return FAKE_CELL; } for(i=0; keys != NULL;i++) { keys = get_str_var_by_num(lexic, i); if(keys != NULL) plug_require_key(script_infos, keys); } return FAKE_CELL;}tree_cell * script_exclude_keys(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; int i; char * keys = get_str_var_by_num(lexic, 0); for(i=0;keys != NULL;i++) { keys = get_str_var_by_num(lexic, i); if(keys != NULL) { plug_exclude_key(script_infos, keys); } } return FAKE_CELL;}tree_cell * script_require_ports(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; char * port; int i; for (i=0;;i++) { port = get_str_var_by_num(lexic, i); if(port != NULL) plug_require_port(script_infos, port); else break; } return FAKE_CELL;}tree_cell * script_require_udp_ports(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; int i; char * port; for ( i = 0; ; i ++) { port = get_str_var_by_num(lexic, i); if(port != NULL) plug_require_udp_port(script_infos, port); else break; } return FAKE_CELL;}tree_cell * script_add_preference(lex_ctxt * lexic){ char* name = get_str_local_var_by_name(lexic, "name"); char* type = get_str_local_var_by_name(lexic, "type"); char* value = get_str_local_var_by_name(lexic, "value"); struct arglist * script_infos = lexic->script_infos; if(name == NULL || type == NULL || value == NULL) nasl_perror(lexic, "Argument error in the call to script_add_preference()\n"); else add_plugin_preference(script_infos, name, type, value); return FAKE_CELL;}tree_cell * script_get_preference(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; tree_cell * retc; char * pref = get_str_var_by_num(lexic, 0); char * value; if(pref == NULL){ nasl_perror(lexic, "Argument error in the function script_get_preference()\n"); nasl_perror(lexic, "Function usage is : pref = script_get_preference(<name>)\n"); return FAKE_CELL; } value = get_plugin_preference(script_infos, pref); if(value != NULL) { retc = alloc_tree_cell(0, NULL); if(isalldigit(value, strlen(value))) { retc->type = CONST_INT; retc->x.i_val = atoi(value); } else { retc->type = CONST_DATA; retc->size = strlen(value); retc->x.str_val = estrdup(value); } return retc; } else return FAKE_CELL;}tree_cell * script_get_preference_file_content(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; tree_cell * retc; char * pref = get_str_var_by_num(lexic, 0); char * value; int fd, n; struct stat st; char * buffer; /* * Only signed scripts can access files uploaded by the user */ if (check_authenticated(lexic) < 0) { nasl_perror(lexic, "script_get_preference_file_content: script is not authenticated!\n"); return NULL; } if(pref == NULL){ nasl_perror(lexic, "Argument error in the function script_get_preference()\n"); nasl_perror(lexic, "Function usage is : pref = script_get_preference_file_content(<name>)\n"); return NULL; } value = get_plugin_preference(script_infos, pref); if(value == NULL) return NULL; value = (char*)get_plugin_preference_fname(script_infos, value); if ( value == NULL ) return FAKE_CELL; fd = open(value, O_RDONLY); if (fd < 0) { nasl_perror(lexic, "script_get_preference_file_content: open(%s): %s\n", value, strerror(errno)); return NULL; } if (fstat(fd, &st) < 0) { nasl_perror(lexic, "script_get_preference_file_content: fstat(%s): %s\n", value, strerror(errno)); return NULL; } buffer = emalloc ( st.st_size ); n = 0; while ( n < (int)st.st_size ) { int e; errno = 0; e = read(fd, buffer + n , (int)st.st_size - n); if (e > 0) n+= e; else if (e == 0) /* EOF */ { nasl_perror(lexic, "script_get_preference_file_content: unexpected EOF on %s\n", value); break; } else /* error */ if (errno == EINTR) continue; else { nasl_perror(lexic, "script_get_preference_file_content: read(%s): %s", value, strerror(errno)); break; } } close(fd); retc = alloc_tree_cell(0, NULL); retc->type = CONST_DATA; retc->size = n; retc->x.str_val = buffer; return retc;}tree_cell*script_get_preference_file_location(lex_ctxt* lexic){ struct arglist *script_infos = lexic->script_infos; tree_cell *retc; char *pref = get_str_var_by_num(lexic, 0); const char *value, *local; int len; /* * Getting the local file name is not dangerous, but * only signed scripts can access files uploaded by the user */ if (check_authenticated(lexic) < 0) { nasl_perror(lexic, "script_get_preference_file_location: script is not authenticated!\n"); return NULL; } if(pref == NULL) { nasl_perror(lexic, "script_get_preference_file_location: no preference name!\n"); return NULL; } value = get_plugin_preference(script_infos, pref); if(value == NULL) { nasl_perror(lexic, "script_get_preference_file_location: could not get preference %s\n", pref); return NULL; } local = get_plugin_preference_fname(script_infos, value); if(local == NULL) { nasl_perror(lexic, "script_get_preference_file_location: could not get local file name from preference %s\n", pref); return NULL; } len = strlen(local); retc = alloc_typed_cell(CONST_DATA); retc->size = len; retc->x.str_val = emalloc(len+1); memcpy(retc->x.str_val, local, len+1); return retc;}/* Are safe checks enabled ? */tree_cell * safe_checks(lex_ctxt * lexic){ struct arglist * script_infos = lexic->script_infos; struct arglist * prefs = arg_get_value(script_infos, "preferences"); char * value; tree_cell * retc = alloc_tree_cell(0, NULL); retc->type = CONST_INT; value = arg_get_value(prefs, "safe_checks"); if((value && !strcmp(value, "yes"))) { retc->x.i_val = 1; }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -