modpluginshandling.bas

全面网络扫描器VB源代码 很实用

Attribute VB_Name = "modPluginsHandling"
'atk 4#
' This module reads the plugin, performs the parsing and writes the result
' in the global variables.

Option Explicit

                                            'In this column is a short description
                                            'of the meaning of the variables. You
                                            'find more information about them on the
                                            'project web site or the readme.

Public plugin_filename As String            'The filename of the plugin. This value is not
                                            'saved in the plugin file.
Public plugin_filepath As String            'The path of the plugin file.
Public plugin_filesize As String            'The filesize of the plugin. Also not a saved
                                            'value in the plugin file.
Public plugin_filecontent As String         'The whole content of the plugin file

Public plugin_id As String                  'Unique ID of the ATK plugin
Public plugin_name As String                'Plugin name of the ATK plugin
Public plugin_family As String              'Plugin family of the ATK plugin
Public plugin_created_name As String        'Name of the person who created the plugin
Public plugin_created_email As String       'Email of the person who created the plugin
Public plugin_created_web As String         'Web site of the person who created the plugin
Public plugin_created_company As String     'Companyname of the person who created the plugin
Public plugin_created_date As String        'When was the ATK plugin created
Public plugin_updated_name As String        'Name of the person who updated the ATK plugin
Public plugin_updated_email As String       'Email of the person who updated the ATK plugin
Public plugin_updated_web As String         'Web site of the person who updated the ATK plugin
Public plugin_updated_company As String     'Company name of the person who updated the ATK plugin
Public plugin_updated_date As String        'When was the ATK plugin updated the last time
Public plugin_version As String             'Which version of the plugin is it
Public plugin_changelog As String           'The changelog of the plugin
Public plugin_protocol As String            'Which protocol does the plugin use
Public plugin_port As String                'Which port does the ATK plugin use
Public plugin_procedure_detection As String 'The request procedure for detection
Public plugin_procedure_exploit As String   'The request procedure for exploit
Public plugin_detection_accuracy As String  'The accuracy for detection
Public plugin_exploit_accuracy As String    'The accuracy for exploiting
Public plugin_comment As String             'Some words about the ATK plugin

Public bug_published_name As String         'Who published the bug first
Public bug_published_email As String        'Who published the bug first
Public bug_published_web As String          'Who published the bug first
Public bug_published_company As String      'Who published the bug first
Public bug_published_date As String         'Who published the bug first
Public bug_produced_name As String          'Who produced the product
Public bug_produced_email As String         'Who produced the product
Public bug_produced_web As String           'Who produced the product
Public bug_advisory As String               'What is the name and URL of the advisory
Public bug_affected As String               'Which systems and solutions are affected
Public bug_not_affected As String           'Which systems and solutions are not affected
Public bug_false_positives As String        'Known false-positives
Public bug_false_negatives As String        'Known false-negatives
Public bug_vulnerability_class As String    'The class of the vulnerability
Public bug_local As String                  'A local vulnerability
Public bug_remote As String                 'A remote vulnerability
Public bug_description As String            'The description of the vulnerability
Public bug_solution As String               'The solution(s) for the vulnerability
Public bug_fixing_time As String            'The time needed to fix the bug (e.g. hours)
Public bug_exploit_availability As String   'The existence of an exploit
Public bug_exploit_url As String            'The URL of the exploit
Public bug_severity As String               'The severity of the vulnerability
Public bug_popularity As String             'The popularity of the vulnerability (1 to 10)
Public bug_simplicity As String             'The simplicity of the bug (1 to 10)
Public bug_impact As String                 'The impact level of the bug (1 to 10)
Public bug_risk As String                   'The rist of the bug (1 to 10)
Public bug_nessus_risk As String            'The risk level of the bug by Nessus
Public bug_iss_scanner_rating As String     'The risk level by ISS Scanners
Public bug_netrecon_rating As String        'The risk level by Symantec NetRecon
Public bug_check_tool As String             'List of tools that are able to check the bug

Public source_cve As String                 'The unique CAN or CVE number of the vulnerability
Public source_certvu_id As String           'The unique CERT Vulnerability ID
Public source_cert_id As String             'The unique CERT ID
Public source_uscertta_id As String         'The unique US-CERT Technical Advisory ID
Public source_securityfocus_bid As String   'The unique SecurityFocus/Bugtraq ID
Public source_osvdb_id As String            'The unique Open Source Vulnerability Data Base ID
Public source_secunia_id As String          'The unique Secunia ID of the vulnerability
Public source_securiteam_url As String      'The SecuriTeam.com URL
Public source_securitytracker_id As String  'The SecurityTracker ID
Public source_scip_id As String             'The unique scipID of the vulnerability
Public source_tecchannel_id As String       'The unique tecchannel ID
Public source_heise_news As String          'The unique Heise News
Public source_heise_security As String      'The unique Heise Security
Public source_aerasec_id As String          'The unique AeraSec ID
Public source_nessus_id As String           'The unique Nessus ID of the vulnerability
Public source_issxforce_id As String        'The unique ISS X-Force ID
Public source_snort_id As String            'The unique Snort ID of the vulnerability
Public source_arachnids_id As String        'The unique ArachnIDS ID
Public source_mssb_id As String             'The unique Microsoft Security Bulletin ID
Public source_mskb_id As String             'The unique Microsoft Knowledge-Base Article ID
Public source_netbsdsa_id As String         'The unique NetBSD Security Advisory ID
Public source_rhsa_id As String             'The unique Red Hat Security Advisory ID
Public source_ciac_id As String             'The unique CIAC ID
Public source_literature As String          'List of books about the flaw
Public source_misc As String                'List of other sources (e.g. TV shows)

Public session_procedure_type As String     'Type of the procedure (detection or exploit)
Public session_procedure_commands As String 'The commands of the defined procedure
Public session_triggers As String           'The triggers of the check and type
Public session_trigger_match As String      'The matching trigger

' *******************************************************************
' * Reset all plugin variables. This is usually done before new     *
' * data is read. Old "garbage" is prevented and the software don't *
' * need so much ressources during runtime.                         *
' *******************************************************************

Public Sub ClearAllPluginVariables()
    'If frmMain.lblVulnerabilityState.BackColor <> &HE0E0E0 Then
        Dim strAlertingText As String
        
        'strAlertingText = "The vulnerability was not tested. " & _
        '    "Please run the selected plugin to determine the existence of the flaw."
        
        'Message if the vulnerability was found
'        frmMain.lblVulnerabilityState.Caption = strAlertingText
'        frmMain.lblVulnerabilityState.BackColor = &HE0E0E0
'    End If
    
    plugin_id = vbNullString
    plugin_name = vbNullString
    plugin_family = vbNullString
    plugin_created_name = vbNullString
    plugin_created_email = vbNullString
    plugin_created_web = vbNullString
    plugin_created_company = vbNullString
    plugin_created_date = vbNullString
    plugin_updated_name = vbNullString
    plugin_updated_email = vbNullString
    plugin_updated_web = vbNullString
    plugin_updated_company = vbNullString
    plugin_updated_date = vbNullString
    plugin_version = vbNullString
    plugin_changelog = vbNullString
    plugin_protocol = vbNullString
    plugin_port = vbNullString
    plugin_procedure_detection = vbNullString
    plugin_procedure_exploit = vbNullString
    plugin_detection_accuracy = vbNullString
    plugin_exploit_accuracy = vbNullString
    plugin_comment = vbNullString
    
    bug_published_name = vbNullString
    bug_published_email = vbNullString
    bug_published_web = vbNullString
    bug_published_company = vbNullString
    bug_published_date = vbNullString
    bug_produced_name = vbNullString
    bug_produced_email = vbNullString
    bug_produced_web = vbNullString
    bug_advisory = vbNullString
    bug_affected = vbNullString
    bug_not_affected = vbNullString
    bug_false_positives = vbNullString
    bug_false_negatives = vbNullString
    bug_vulnerability_class = vbNullString
    bug_local = vbNullString
    bug_remote = vbNullString
    bug_description = vbNullString
    bug_solution = vbNullString