|
OpenVAS Scanner 23.23.1
|
#include "table_driven_lsc.h"#include "base/networking.h"#include "kb_cache.h"#include "plugutils.h"#include <ctype.h>#include <curl/curl.h>#include <gnutls/gnutls.h>#include <gvm/base/prefs.h>#include <gvm/util/mqtt.h>#include <gvm/util/uuidutils.h>#include <json-glib/json-glib.h>#include <stddef.h>Go to the source code of this file.
Data Structures | |
| struct | notus_info |
| Struct to hold necessary information to call and run notus. More... | |
| struct | fixed_version |
| Fixed version. More... | |
| struct | version_range |
| Specify a version range. More... | |
| struct | vulnerable_pkg |
| Define a vulnerable package. More... | |
| struct | advisory |
| struct | advisories |
| struct | string |
| Define a string struct for storing the response. More... | |
Macros | |
| #define | G_LOG_DOMAIN "lib misc" |
| GLib logging domain. | |
| #define | RSNOTUS |
Typedefs | |
| typedef struct notus_info * | notus_info_t |
| typedef struct fixed_version | fixed_version_t |
| typedef struct version_range | version_range_t |
| typedef struct vulnerable_pkg | vuln_pkg_t |
| typedef struct advisory | advisory_t |
| typedef struct advisories | advisories_t |
Enumerations | |
| enum | fixed_type { UNKNOWN , RANGE , SINGLE } |
| Fixed version format. More... | |
Functions | |
| void | set_lsc_flag (void) |
| Set lsc_flag to 1. | |
| int | lsc_has_run (void) |
| Get lsc_flag value. | |
| static JsonBuilder * | add_packages_str_to_list (JsonBuilder *builder, const gchar *packages) |
| Split the package list string and creates a json array. | |
| static gchar * | make_table_driven_lsc_info_json_str (const char *scan_id, const char *ip_str, const char *hostname, const char *os_release, const char *package_list) |
| Build a json object with data necessary to start a table drive LSC. | |
| static gchar * | get_status_of_table_driven_lsc_from_json (const char *scan_id, const char *host_ip, const char *json, int len) |
| Get the status of table driven lsc from json object. | |
| static notus_info_t | init_notus_info (const char *server) |
| Initialize a notus info struct and stores the server URL. | |
| static void | free_notus_info (notus_info_t notusdata) |
| Free notus info structure. | |
| static char * | help_tolower (char *s) |
| helper function to lower case | |
| static gchar * | make_package_list_as_json_str (const char *packages) |
| Build a json array from the package list to start a table drive LSC. | |
| static int | parse_server (notus_info_t *notusdata) |
| Parse the server URL. | |
| static advisories_t * | advisories_new () |
| Initialize a new adivisories struct with 100 slots. | |
| static void | advisories_add (advisories_t *advisories_list, advisory_t *advisory) |
| Initialize a new adivisories struct with 100 slots. | |
| static advisory_t * | advisory_new (char *oid) |
| Initialize a new adivisory. | |
| static void | advisory_add_vuln_pkg (advisory_t *adv, vuln_pkg_t *vuln) |
| Add a new vulnerability to the advisory. | |
| static void | advisory_free (advisory_t *advisory) |
| Free()'s an advisory. | |
| static void | advisories_free (advisories_t *advisories) |
| Free()'s an advisories. | |
| static vuln_pkg_t * | vulnerable_pkg_new (const char *pkg_name, const char *install_version, enum fixed_type type, char *item1, char *item2) |
| Creates a new Vulnerable packages which belongs to an advisory. | |
| static advisories_t * | process_notus_response (const gchar *resp, const size_t len) |
| Process a json object which contains advisories and vulnerable packages. | |
| static void | init_string (struct string *s) |
| Initialize the string struct to hold the response. | |
| static size_t | response_callback_fn (void *ptr, size_t size, size_t nmemb, void *struct_string) |
| Call back function to stored the response. | |
| static long | send_request (notus_info_t notusdata, const char *os, const char *pkg_list, char **response) |
| Send a request to the server. | |
| static char * | notus_get_response (const char *pkg_list, const char *os) |
| Sent the installed package list and OS to notus. | |
| static int | call_rs_notus (const char *ip_str, const char *hostname, const char *pkg_list, const char *os) |
| Call notus and stores the results. | |
| int | run_table_driven_lsc (const char *scan_id, const char *ip_str, const char *hostname, const char *package_list, const char *os_release) |
| Publish the necessary data to start a Table driven LSC scan. | |
Variables | |
| static int | lsc_flag = 0 |
| LSC ran or didn't 0 didn't run. 1 ran. | |
| #define G_LOG_DOMAIN "lib misc" |
GLib logging domain.
| #define RSNOTUS |
| typedef struct advisories advisories_t |
| typedef struct advisory advisory_t |
| typedef struct fixed_version fixed_version_t |
| typedef struct notus_info* notus_info_t |
| typedef struct version_range version_range_t |
| typedef struct vulnerable_pkg vuln_pkg_t |
| enum fixed_type |
|
static |
Split the package list string and creates a json array.
JSON result consists of scan_id, message type, host ip, hostname, port together with proto, OID, result message and uri.
| [in/out] | builder The Json builder to add the array to. | |
| [in] | packages | The installed package list as string |
|
static |
Initialize a new adivisories struct with 100 slots.
| advisories_list[in/out] | An advisories holder to add new advisories into. |
| advisory[in] | the new advisory to add in the list |
|
static |
|
static |
Initialize a new adivisories struct with 100 slots.
|
static |
Add a new vulnerability to the advisory.
@description Each advisory can have multiple vulnerable packages This structure can hold up to 100 packages.
| adv[in/out] | The advisory to add the vulnerable package into |
| vuln[in] | The vulnerable package to add. |
|
static |
|
static |
|
static |
Call notus and stores the results.
| ip_str | Target's IP address. |
| hostname | Targer's hostname. |
| pkg_list | List of packages installed in the target. The packages are "\n" separated. |
| os | Name of the target's operative sistem. |
|
static |
Free notus info structure.
| notusdata | The data to free() |
|
static |
Get the status of table driven lsc from json object.
Checks for the corresponding status inside the JSON. If the status does not belong the the scan or host, NULL is returned instead. NULL is also returned if message JSON cannot be parsed correctly. Return value has to be freed by caller.
| scan_id | id of scan |
| host_ip | ip of host |
| json | json to get information from |
| len | length of json |
|
static |
helper function to lower case
| s | the string to lower case |
|
static |
Initialize a notus info struct and stores the server URL.
| server | Original server to store and to get the info from |
|
static |
Initialize the string struct to hold the response.
| s[in/out] | The string struct to be initialized |
| int lsc_has_run | ( | void | ) |
Get lsc_flag value.
|
static |
Build a json array from the package list to start a table drive LSC.
| packages | The installed package list in the target system to be evaluated |
|
static |
Build a json object with data necessary to start a table drive LSC.
JSON result consists of scan_id, message type, host ip, hostname, port together with proto, OID, result message and uri.
| scan_id | Scan Id. |
| ip_str | IP string of host. |
| hostname | Name of host. |
| os_release | OS release |
| package_list | The installed package list in the target system to be evaluated |
|
static |
Sent the installed package list and OS to notus.
| pkg_list | Installed package list |
| os | The target's OS |
|
static |
Parse the server URL.
| [in] | server | String containing the server URL Valid is http://example.com:1234 or https://example.com.1234. @notusdata[out] Structure to store information from the URL |
|
static |
Process a json object which contains advisories and vulnerable packages.
@description This is the body string in response get from an openvasd server
| resp | String containing the json object to be processed. |
| len | String lenght. |
|
static |
Call back function to stored the response.
@description The function signature is the necessary to work with libcurl. It stores the response in s. It reallocate memory if necessary.
| int run_table_driven_lsc | ( | const char * | scan_id, |
| const char * | ip_str, | ||
| const char * | hostname, | ||
| const char * | package_list, | ||
| const char * | os_release ) |
Publish the necessary data to start a Table driven LSC scan.
If the gather-package-list.nasl plugin was launched, and it generated a valid package list for a supported OS, the table driven LSC scan which is subscribed to the topic will perform a scan an publish the the results to be handle by the sensor/client.
| scan_id | Scan Id. |
| kb | |
| ip_str | IP string of host. |
| hostname | Name of host. |
|
static |
Send a request to the server.
| [in] | notusdata | Structure containing information necessary for the request |
| [in] | os | Target's operative system. Necessary for the URL path part. |
| [in] | pkg_list | The package list installed in the target, to be checked |
| [out] | response | The string containing the results in json format. |
| void set_lsc_flag | ( | void | ) |
Set lsc_flag to 1.
|
static |
Creates a new Vulnerable packages which belongs to an advisory.
| pkg_name | |
| install_version | |
| type | Data type specifying how the fixed version is stored. Can be RANGE or SINGLE |
| item1 | Depending on the type is the "version" for SINGLE type, or the "less than" for RANGE type |
| item2 | Depending on the type is the "specifer" for SINGLE type, or the "greather than" for RANGE type |
|
static |
LSC ran or didn't 0 didn't run. 1 ran.