Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2024 Tenable Network Security, Inc.MICROSOFT_WINDOWS_IE_TYPEURLS.NASL
HistoryJul 19, 2016 - 12:00 a.m.

Internet Explorer Typed URLs

2016-07-1900:00:00
This script is Copyright (C) 2016-2024 Tenable Network Security, Inc.
www.tenable.com
33

7.2 High

AI Score

Confidence

Low

JSON

Nessus was able to generate a list URLs that were manually typed into the Internet Explorer address bar.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if ( !defined_func("nasl_level") || nasl_level() < 5200 ) exit(0, "Not Nessus 5.2+");

if (description)
{
  script_id(92421);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/08");

  script_name(english:"Internet Explorer Typed URLs");
  script_summary(english:"Report URLs typed into Internet Explorer.");

  script_set_attribute(attribute:"synopsis", value:
"Nessus was able to enumerate URLs that were manually typed into the
Internet Explorer address bar.");
  script_set_attribute(attribute:"description", value:
"Nessus was able to generate a list URLs that were manually typed into
the Internet Explorer address bar.");
  script_set_attribute(attribute:"see_also", value:"https://forensafe.com/blogs/typedurls.html");
  script_set_attribute(attribute:"solution", value:"n/a");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
  script_set_attribute(attribute:"agent", value:"windows");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2016-2024 Tenable Network Security, Inc.");

  script_dependencies("smb_hotfixes.nasl", "smb_reg_service_pack.nasl", "set_kb_system_name.nasl");
  script_require_keys("SMB/Registry/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}
include("audit.inc");
include("charset_func.inc");
include("global_settings.inc");
include("misc_func.inc");
include("smb_func.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_reg_query.inc");
include("data_protection.inc");

# Disable if data protection is filtering user info
data_protection::disable_plugin_if_set(flags:[data_protection::DPKB_USERNAME]);

REPORT_TO_UI = FALSE;
if (report_verbosity > 0)
{
  REPORT_TO_UI = TRUE;
}
report_extra_output = '';

# HKEY_USERS\\<sid>\\Software\\Microsoft\\Internet Explorer\\TypedURLs
key = '\\Software\\Microsoft\\Internet Explorer\\TypedURLs';
value = get_hku_key_values(key:key);

att_report = '';
foreach user (keys(value))
{
  foreach turl (keys(value[user]))
  {
    att_report += user + ',' + key + ',' + turl + ',' + value[user][turl] +'\n';
    if (REPORT_TO_UI)
    {
      report_extra_output +=  value[user][turl] + '\n';
    }
  }
}

if (strlen(att_report) > 0)
{
  report = report_extra_output+'\nInternet Explorer typed URL report attached.\n';
  att_report = 'user,regkey,key,value\n' + att_report;

  system = get_system_name();

  attachments = make_list();
  attachments[0] = make_array();
  attachments[0]["type"] = "text/csv";
  attachments[0]["name"] = "ie_typedurl_"+system+".csv";
  attachments[0]["value"] = att_report;

  security_report_with_attachments(
    port  : 0,
    level : 0,
    extra : report,
    attachments : attachments
  );
}
else
{
  exit(0, "No typed URLs found.");
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows
microsoftiecpe:/a:microsoft:ie

7.2 High

AI Score

Confidence

Low

JSON