Table of ContentsPreviousNextIndex

Adding a vulnerability check that uses a custom shell script

In GFI LANguard N.S.S. you can add vulnerability checks which use custom shell scripts to check Linux and UNIX based targets. These checks are remotely executed over SSH by the SSH module. Script can be written using any scripting language that outputs text results to the console.

In the following example we will create a vulnerability check (for Linux based targets) which uses a script written in Bash. The vulnerability check in this example will test for the presence of a dummy file called `test.file'

Step 1 : Create the script

1. Launch your favorite text file editor.

2. Create a new script using the following code:

#!/bin/bash
if [ -e test.file ]
then
echo "TRUE:"
else
echo "FALSE:"
fi
echo "!!SCRIPT_FINISHED!!"

3. Save the file in `C:\Program Files\GFI\LANguard Network Security Scanner 7.0\Data\Scripts\myscript.sh"

Step 2: Add the new vulnerability check:

Screenshot 131 - Adding a new vulnerability check

1. Expand the Configuration } Scanning Profiles node and select the scanning profile where you wish to add the new vulnerability check.

2. Click on the Vulnerabilities tab.

3. From the middle pane, select the category in which the new vulnerability check will be included (for example, DNS Vulnerabilities).

4. Click on the Add button. This will bring up the new vulnerability check dialog.

7. Specify the basic details such as the vulnerability name, short description, security level, and BugtraqID/URL (if applicable). Optionally, you can also specify how long the check takes to execute.

8. Click on the Add... button. This will bring up the check triggering conditions dialog.

Screenshot 132 - The check triggering conditions dialog

9. From the `Check type:' drop down select `SSH Script' and specify the triggering condition in the `Condition' field.

10 Click on the (open) button and select the custom SSH script file that will be executed by this check. For this example use `myscript.sh'.

11. Click on Add to include the vulnerability check to the list.

12. From the list of checks, select the relative vulnerability check box so that it is include it in the next network vulnerability scan.

Testing the vulnerability check/script used in our example

1. Log on to a Linux target computer and create a file called `test.file'. This check will generate a vulnerability alert if a file called 'test.file' is found.

2. Launch a scan on the Linux target where you created the file.

3. Check you scan results. The Vulnerabilities node will the vulnerability warning shown below.

Table of ContentsPreviousNextIndex