Lucene search

K
nessusThis script is Copyright (C) 2005-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCAN_INFO.NASL
HistoryAug 26, 2005 - 12:00 a.m.

Nessus Scan Information

2005-08-2600:00:00
This script is Copyright (C) 2005-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
954

7.1 High

AI Score

Confidence

Low

This plugin displays, for each tested host, information about the scan itself :

  • The version of the plugin set.
  • The type of scanner (Nessus or Nessus Home).
  • The version of the Nessus Engine.
  • The port scanner(s) used.
  • The port range scanned.
  • The ping round trip time
  • Whether credentialed or third-party patch management checks are possible.
  • Whether the display of superseded patches is enabled
  • The date of the scan.
  • The duration of the scan.
  • The number of hosts scanned in parallel.
  • The number of checks done in parallel.
#TRUSTED 510fdeb00f0452f9c61934a8f0758dcf67ff18a93c1726d7b93c608ecbb08d2e11c732017b7625cd1abe0cd7f98cd6f1a96af91906bdf105f4373bae97339d542ca02114ba92e3173b10c8bad5b36ee255a466537f6b33caf4c1db05421f983862c0b57de1a7833a03dc2102d14fabfc8e7add6eeab7f45169c66dbcdd22fbdda9c09deb1ee5ea2887fafa73cc845f347a2bc2722d47efbfbb0caa2f03c49eb084b00d2a602f8460870eb805ffd1e268b96b9d0d8e86b3fba973787d205c899ecb6a229e6588f62f38a8e4eefe751a4c0f0e1a08f7b17fdc7c569463c5fc273984c0d6ebfd75dd09ab3c41ae6409be1f1ec69824db029e4fea6dcb3948adccf5eb75d10e42bb69a131721529d08dc157b40c2ee2dd73a170c2026940d7a612346558edd9d228dccbe2d585cf78af54b517362a92d186cefd20d2964efc18e3f9632d8dc99096823a6ba5e0185c2149364b7b46a9be5fdba327da780ddb08861babcc11727f288e09376a204839aef17d44e2e2fca29fdeb562276d16074228bcbf65363f3784e1267c35cb9c3d240b117d41b5c1b5c47932ca317616730dc56b6af194e62992731a95e3bf8bd46b5c2e95fdb0ee0c3ec1f455195d744027a193e550f6883cffa0a51ef456dd8a3d41156aa7c33ceaad1900c5b226e1e879a2931fcb1573bac1968d2c25baf9a7ef9e7c136e200e6ce982511fa93246631ea55c
#TRUST-RSA-SHA256 45ceae756268885187d25d7e13ba20d7f6154dcf7a3ebb0e5f932a128fcbc922f89a8e3bfd16b4d6579b5ca029e1523ade73e289710ff0a8c2ce621b1a1b6c835b23db870bb34372f2142f12fe46643e51c2a9a27246ac7de3df764727bf4ebe1888d476d276d2276d9ccb3b405c8724bc9803347739599b778a5065a038a9d913dd682d9fadf48188c1a58cde5cd928358115b45057b0da761582f4d72c53673ea473052a79e20f718b9f40a2df65a64369dc45b90cdf9e706dda0c2447de636dcd5d6769a94b5aa3bca9fb2015ab6ed54347afd59e5867dd351d27ed1460867ca0fb792798ae47bafebf4d438aca0c7baac2fe5417b9e09135f200a1423f97ee3cd9bb633e46c64dfbbc022cb4ad25f01ebb227cd8b37e7773c11b24c5a720db4c387764bef151b329b75ab852a79917bb0be3c44bcbdde58f8416489c7245c661c0953fd1ee5586f1d03352e85b65d28b12eb8fd6af27e413fca84de761e990da3a608ad94f024cb3d482719e7f20afe73dc60500572f0d74fdeb347d4467164020cb0150c4b51dd199cae3093ce7f1b0b5d30b0e6fd39fce2ba59ba54b2f44ecdf981efe189866f5cf8a87a31ff83bbff6934a02e45e336bc01a5587193f134d6144e6c39053e54ee7b902b2d36f733776c460500dbb1c61450f0951c32f85c96ac8b1790be3e0f181e8a3100cc6dcaef9ddd05b8eee40091993892403fa
#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include("compat.inc");

if (description)
{
  script_id(19506);
  script_version("1.121");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/04");

  script_name(english:"Nessus Scan Information");

  script_set_attribute(attribute:"synopsis", value:
"This plugin displays information about the Nessus scan.");
  script_set_attribute(attribute:"description", value:
"This plugin displays, for each tested host, information about the
scan itself :

  - The version of the plugin set.
  - The type of scanner (Nessus or Nessus Home).
  - The version of the Nessus Engine.
  - The port scanner(s) used.
  - The port range scanned.
  - The ping round trip time 
  - Whether credentialed or third-party patch management
    checks are possible.
  - Whether the display of superseded patches is enabled
  - The date of the scan.
  - The duration of the scan.
  - The number of hosts scanned in parallel.
  - The number of checks done in parallel.");
  script_set_attribute(attribute:"solution", value:
"n/a");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_attribute(attribute:"always_run", value:TRUE);
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_publication_date", value:"2005/08/26");

  script_set_attribute(attribute:"plugin_type", value:"summary");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_END2);
  script_family(english:"Settings");

  script_copyright(english:"This script is Copyright (C) 2005-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("nessus_product_setup.nasl", "patches_summary.nbin");

  exit(0);
}

include('nessusd_product_info.inc');
include('smb_hotfixes.inc');
include('smb_func.inc');
include('agent.inc');

var rel, NESSUS6, nes_ver, nes_level, myVersion, plugin_feed_info, array, new_vers, list, version, unsupported_version,
acas_info, report, myPluginFeed, time, diff, old_feed, n_prod, scan_type, policy_name, policy_name2, range, ping_rtt,
modulus, local_checks, login_used, systemroot, proto_used, now, pmchecks, tool, report_superseded, opt, post_scan_editing,
start, zero, scan_duration, num_unsupported, i, cpe_base, old_feed_alert;

old_feed_alert = 0;
NESSUS6 = make_list(6,10,5);
nes_ver = nessus_version();
nes_level = NASL_LEVEL;
myVersion = NULL;

plugin_feed_info = nessusd_plugin_feed_info();

if(isnull(plugin_feed_info))
  plugin_feed_info = {};

if(isnull(plugin_feed_info["PLUGIN_SET"]))
  plugin_feed_info["PLUGIN_SET"] = "<error>";

if(isnull(plugin_feed_info["PLUGIN_FEED"]))
  plugin_feed_info["PLUGIN_FEED"] = "<error>";

if (!isnull(nes_ver))
{
  array = split(nes_ver, sep:'.', keep:FALSE);
  myVersion = make_list(int(array[0]), int(array[1]), int(array[2]));

  if ( myVersion[0] < NESSUS6[0] || (myVersion[0] == NESSUS6[0] && (myVersion[1] < NESSUS6[1] || (myVersion[1] == NESSUS6[1] && myVersion[2] < NESSUS6[2])))
  ) new_vers = NESSUS6[0] + "." + NESSUS6[1] + "." + NESSUS6[2];
}

#
# If no plugin has shown anything, exit and note
#
list = get_kb_list("Success/*");
if ( isnull(list) ) exit(0,"No scans were completed. No scan information to report.");


if ( ! strlen(nes_ver) )
{
  if ( ! defined_func("pread") && nes_level >= 2202 )
    version = "NeWT";
  else
    version = "Unknown (NASL_LEVEL=" + nes_level + ")";
}
else
  version = nes_ver;

unsupported_version = NULL;
if (!isnull(myVersion) && myVersion[0] < NESSUS6[0])
{
  unsupported_version = 'Your Nessus version ' + version + ' is no longer supported.\n' +
   'Please consider upgrading to ensure that results are complete.\n';
}

if ( new_vers )
 version += " (Nessus " + new_vers + ' is available.)\n';

var nasl_env = nasl_environment(flags:ENV_APP | ENV_RUNTIME | ENV_OS | ENV_SCAN);

acas_info = '';
report = 'Information about this scan : \n\n';
report += 'Nessus version : ' + version + '\n';
if (!empty_or_null(nasl_env.build))
  report += strcat('Nessus build : ', nasl_env.build, '\n');

if (!isnull(unsupported_version))
  report += unsupported_version + '\n';


if ( plugin_feed_info["PLUGIN_SET"] )
{
 if (  "Home" >< plugin_feed_info["PLUGIN_FEED"] )
   myPluginFeed = "Nessus Home";
 else
   myPluginFeed = "Nessus";

 report += 'Plugin feed version : ' + plugin_feed_info["PLUGIN_SET"]     + '\n';
 report += 'Scanner edition used : ' + myPluginFeed + '\n';
 set_kb_item(name: "PluginFeed/Version", value: plugin_feed_info["PLUGIN_SET"]);
 set_kb_item(name: "PluginFeed/Type", value: plugin_feed_info["PLUGIN_FEED"]);
 if ( plugin_feed_info["PLUGIN_SET"] =~ "^[0-9]*$" )
 {
  rel["year"] = int(substr(plugin_feed_info["PLUGIN_SET"], 0, 3));
  rel["mon"] = int(substr(plugin_feed_info["PLUGIN_SET"], 4, 5));
  rel["mday"] = int(substr(plugin_feed_info["PLUGIN_SET"], 6, 7));
  time = ((rel["year"] - 1970)*(24*3600*365)) +
	  (rel["year"] - 1970)/4*24*3600;
  time += (rel["mon"]-1)*(12*3600*30+12*3600*31);
  time += rel["mday"]*(24*3600);
  diff = (unixtime() - time)/3600/24;
  if ( diff >= 30 && diff < 10000 )
  {
   old_feed_alert ++;
   old_feed = '\nERROR: Your plugins have not been updated since ' +
     rel["year"] + "/" + rel["mon"] + "/" + rel["mday"] + '\n' +
'Performing a scan with an older plugin set will yield out-of-date results and
produce an incomplete audit. Please run nessus-update-plugins to get the
newest vulnerability checks from Nessus.org.\n\n';
   report += old_feed;
  }
 }
}

# Scanner OS
if (!empty_or_null(nasl_env.os))
  report += strcat('Scanner OS : ' + nasl_env.os, '\n');

if (!empty_or_null(nasl_env.distro))
  report += strcat('Scanner distribution : ', nasl_env.distro, '\n');

n_prod = get_kb_item("nessus/product");
if (!isnull(n_prod))
{
  if (n_prod == PRODUCT_WIN_AGENT  )      scan_type = "Windows Agent";
  else if (n_prod == PRODUCT_UNIX_AGENT ) scan_type = "Unix Agent";
  else if (n_prod == PRODUCT_MAC_AGENT )  scan_type = "Mac Agent";
  else if (n_prod == PRODUCT_NESSUSD    ) scan_type = "Normal";
  else if (n_prod == PRODUCT_NESSUSD_NSX) scan_type = "Nessus in NSX environment";
  else scan_type = "Nessus product undetermined";
  report += 'Scan type : ' + scan_type + '\n';
}

var scan_name;
if (!empty_or_null(get_preference('sc_scan_display_name')))
  scan_name = get_preference('sc_scan_display_name');
else if (!empty_or_null(nasl_env.scan_name))
  scan_name = nasl_env.scan_name;

if (!empty_or_null(scan_name))
  report += strcat('Scan name : ', scan_name, '\n');

policy_name = get_preference("@internal@policy_name");
if ( strlen(policy_name) > 0 )
{
  acas_info += 'ScanPolicy:' + policy_name;
  report += 'Scan policy used : ' + policy_name + '\n';
}

if (defined_func("report_xml_tag"))
{
  policy_name2 = get_preference("sc_policy_name");
  if (strlen(policy_name2) == 0) policy_name2 = policy_name;
  if (strlen(policy_name2) > 0) report_xml_tag(tag:"policy-used", value:policy_name2);
}

if (get_kb_item("Host/msp_scanner"))
{
  report += 'Scanner IP : tenable.io Scanner\n';
}
else
  report += 'Scanner IP : ' + compat::this_host()    + '\n';

var scanners;
if (!get_kb_item("nessus/product/local"))
{
  list = get_kb_list("Host/scanners/*");
  if ( ! isnull(list) )
  {
   foreach var item ( keys(list) )
   {
    item -= "Host/scanners/";
    scanners += item + ' ';
   }

   report += 'Port scanner(s) : ' + scanners + '\n';
  }
  else
   report += '\nWARNING : No port scanner was enabled during the scan. This may\nlead to incomplete results.\n\n';

  if ( get_kb_item("global_settings/disable_service_discovery") )
  {
   report += '\nWARNING: Service discovery has been disabled. The audit is incomplete.\n';
  }

  range = get_preference("port_range");
  if ( ! range ) range = "(?)";
  report += 'Port range : ' + range + '\n';
}

report += 'Ping RTT : ';
ping_rtt = get_kb_item("ping_host/RTT");
if (ping_rtt && ping_rtt > 0)
{
  modulus = ping_rtt % 1000;
  if (modulus == 0) modulus = "0";
  else if (modulus < 10) modulus = "00" + modulus;
  else if (modulus < 100) modulus = "0" + modulus;
  ping_rtt = (ping_rtt / 1000) + '.' + modulus + ' ms';
}
else
{
  ping_rtt = 'Unavailable';
}
report += ping_rtt + '\n';

report += 'Thorough tests : ';
if ( thorough_tests ) report += 'yes\n';
else report += 'no\n';

report += 'Experimental tests : ';
if ( experimental_scripts ) report += 'yes\n';
else report += 'no\n';

var unpatched_vulns = get_kb_item('global_settings/vendor_unpatched');
if (empty_or_null(unpatched_vulns))
    report += 'Scan for Unpatched Vulnerabilities : no\n';
else
{
  if (unpatched_vulns)
    report += 'Scan for Unpatched Vulnerabilities : yes\n';
  else
    report += 'Scan for Unpatched Vulnerabilities : no\n';
}

report += 'Plugin debugging enabled : ';
if ( !get_kb_item('global_settings/enable_plugin_debugging') ) report += 'no\n';
else report += 'yes (at debugging level ' + debug_level + ')\n';

report += 'Paranoia level : ';
report += report_paranoia + '\n';

report += 'Report verbosity : ';
report += report_verbosity + '\n';

report += 'Safe checks : ';
if ( safe_checks() ) report += 'yes\n';
else report += 'no\n';

report += 'Optimize the test : ';
if ( get_preference("optimize_test") == "yes" ) report += 'yes\n';
else report += 'no\n';

local_checks = FALSE;
login_used = get_kb_item("HostLevelChecks/login");

report += 'Credentialed checks : ';
if ( get_kb_item("Host/local_checks_enabled") )
{
  # 20220330: There are edge cases where SMB/not_windows will not write on a non-windows device,
  # but Host/windows_local_checks will write because it relies on SMB/not_windows.
  # Add another precautionary layer for a Host/Auth/SSH/*/Success KB key.
  if ( !get_kb_item("SMB/not_windows") && get_kb_item("Host/windows_local_checks") && empty_or_null(get_kb_list("Host/Auth/SSH/*/Success")) )
  {
    login_used = get_kb_item("HostLevelChecks/smb_login");
    #
    # Windows local checks are complex because the SMB Login *might* work but
    # access to C$ or the registry could fail
    #
    if ( get_kb_item("SMB/MS_Bulletin_Checks/Possible") )
    {
      local_checks = TRUE;
      report += 'yes';
      if (!isnull(login_used)) report += ", as '" + login_used + "' via SMB";
    }
    else
    {
      systemroot = hotfix_get_systemdrive(as_share:TRUE);
      if (get_kb_item("SMB/Registry/Enumerated") && (!isnull(systemroot) && get_kb_item("SMB/AccessibleShare/"+systemroot)))
      {
        local_checks = TRUE;
        report += 'yes';
        if (!isnull(login_used)) report += ", as '" + login_used + "' via SMB";
      }
      else
      {
        local_checks = FALSE;
        report += 'no';
      }
    }
  }
  else
  {
    # Not windows
    local_checks = TRUE;
    report += 'yes';

    # nb : from ssh_get_info.nasl
    proto_used = get_kb_item("HostLevelChecks/proto");
    if (!isnull(proto_used))
    {
      if (proto_used == 'local')
      {
        report += " (on the localhost)";
      }
      else if (!isnull(login_used))
      {
        report += ", as '" + login_used + "' via " + proto_used;
      }
      if ( nes_level >= 61100 )
      {
        report += '\nAttempt Least Privilege : ';
        if (get_kb_item("SSH/attempt_least_privilege")) report += 'yes';
        else report += 'no';
      }
    }
    # nb: from cisco_ios_version.nasl w/ SNMP
    else if (get_kb_item("Host/Cisco/IOS/Version"))
    {
      report += ", via SNMP";
    }
    # nb: from palo_alto_version.nbin, via REST API.
    else if (get_kb_item("Host/Palo_Alto/Firewall/Source"))
    {
      report += ", via HTTPS";
    }
  }
}
else if ( get_kb_item("SMB/MS_Bulletin_Checks/Possible") && !get_kb_item("Host/patch_management_checks") )
{
  local_checks = TRUE;
  report += 'yes';

  if (!isnull(login_used)) report += " (as '" + login_used + "' via SMB";
}
else report += 'no';
report += '\n';

if (defined_func("report_xml_tag"))
{
  now = unixtime();
  if (local_checks)
  {
    report_xml_tag(tag:"Credentialed_Scan", value:"true");
    report_xml_tag(tag:"LastAuthenticatedResults", value:now);
    acas_info += '\nCredentialed_Scan:true';
    acas_info += '\nLastAuthenticatedResults:' + now + '\n';
  }
  else
  {
    report_xml_tag(tag:"Credentialed_Scan", value:"false");
    report_xml_tag(tag:"LastUnauthenticatedResults", value:now);
    acas_info += '\nCredentialed_Scan:false';
    acas_info += '\nLastUnauthenticatedResults:' + now + '\n';
  }
}

pmchecks = "";
if (get_kb_item("patch_management/ran"))
{
  tool = "";
  foreach tool (keys(_pmtool_names))
  {
    if (get_kb_item("patch_management/"+tool))
    {
      pmchecks += ", " + _pmtool_names[tool];
      if (local_checks || !tool) pmchecks += " (unused)";
      else tool = _pmtool_names[tool];
    }
  }
}
if (get_kb_item("satellite/ran"))
{
  pmchecks += ", Red Hat Satellite Server";
  if (local_checks) pmchecks += " (unused)";
}
report += 'Patch management checks : ';
if (pmchecks)
{
  pmchecks = substr(pmchecks, 2);
  report += pmchecks + '\n';
}
else report += 'None\n';

#Display superseded patches: no (supersedence plugin ran)
if (get_kb_item("Settings/report_superseded_patches"))
{
  report_superseded = "yes";
}
else
{
  report_superseded = "no";
}
if (get_kb_item("PatchSummary/Superseded"))
{
  report_superseded += " (supersedence plugin launched)";
}
else
{
  report_superseded += " (supersedence plugin did not launch)";
}
report += 'Display superseded patches : ' + report_superseded + '\n';

report += 'CGI scanning : ';
if (get_kb_item("Settings/disable_cgi_scanning")) report += 'disabled\n';
else report += 'enabled\n';

report += 'Web application tests : ';
if (get_kb_item("Settings/enable_web_app_tests"))
{
 report += 'enabled\n';
 # Display web app tests options
 opt = get_kb_item("Settings/HTTP/test_arg_values");
 report += 'Web app tests -  Test mode : ' + opt + '\n';

 report += 'Web app tests -  Try all HTTP methods : ';
 if (get_kb_item("Settings/HTTP/try_all_http_methods"))
  report += 'yes\n';
 else
  report += 'no\n';

 opt = get_kb_item("Settings/HTTP/max_run_time");
 report += 'Web app tests -  Maximum run time : ' + (int(opt) / 60) + ' minutes.\n';
 opt = get_kb_item("Settings/HTTP/stop_at_first_flaw");
 report += 'Web app tests -  Stop at first flaw : ' + opt + '\n';
}
else report += 'disabled\n';

report += 'Max hosts : ' + get_preference("max_hosts") + '\n';
report += 'Max checks : ' + get_preference("max_checks") + '\n';
report += 'Recv timeout : ' + get_preference("checks_read_timeout") + '\n';

if ( get_kb_item("general/backported")  )
 report += 'Backports : Detected\n';
else
 report += 'Backports : None\n';


post_scan_editing = get_preference("allow_post_scan_editing");
if ( post_scan_editing == "no" )
	report += 'Allow post-scan editing : No\n';
else
	report += 'Allow post-scan editing : Yes\n';

var nasl_no_signature_check = get_preference("nasl_no_signature_check");
if ( nasl_no_signature_check == "yes" || nasl_no_signature_check == "true" )
	report += 'Nessus Plugin Signature Checking : Disabled\n';
else
	report += 'Nessus Plugin Signature Checking : Enabled\n';

var audit_signature_check = get_preference("audit_file_signature_check");
if ( audit_signature_check == "yes" || audit_signature_check == "true" )
	report += 'Audit File Signature Checking : Enabled\n';
else
	report += 'Audit File Signature Checking : Disabled\n';

start = get_kb_item("/tmp/start_time");

if ( start )
{
 time = localtime(start);
 if ( time["min"] < 10 ) zero = "0";
 else zero = NULL;

 report += 'Scan Start Date : ' + time["year"] + '/' + time["mon"] + '/' + time["mday"] + ' ' + time["hour"] + ':' + zero + time["min"] + ' ' + getlocaltimezone() + '\n';
}

if ( ! start ) scan_duration = 'unknown';
else           scan_duration = (unixtime() - start) + " sec";
report += 'Scan duration : ' + scan_duration + '\n';

if ( defined_func("report_error") && old_feed_alert )
{
 report_error(title:"Outdated plugins",
	      message:old_feed,
	      severity:1);
}

if(get_preference("sc_disa_output") == "true")
{
  num_unsupported = get_kb_item("NumUnsupportedProducts");
  if(isnull(num_unsupported)) num_unsupported = 0;

  if(num_unsupported > 0)
    report += 'Unsupported products :';

  for (i=0; i<num_unsupported; i++)
  {
    cpe_base = get_kb_item("UnsupportedProducts/"+i+"/cpe_base");
    version = get_kb_item("UnsupportedProducts/"+i+"/version");
    if(version == "unknown")
      report += '\n  UnsupportedProduct:' + cpe_base;
    else
      report += '\n  UnsupportedProduct:' + cpe_base + ':' + version;
  }

  if(num_unsupported > 0) report += '\n';

  report += acas_info;
}

if(get_kb_item("ComplianceChecks/ran"))
{
  if (get_kb_item("ComplianceChecks/scan_info"))
  {
    report += "Compliance checks: " + get_kb_item("ComplianceChecks/scan_info") + '\n';
  }
  else
  {
    report += 'Compliance checks: Yes\n';
  }
}

var malware_scanning_setting = get_preference("Malicious Process Detection[checkbox]:enable_malware_scanning");
if (malware_scanning_setting != "yes")
  report += 'Scan for malware : no\n';
else
  report += 'Scan for malware : yes\n';

if ( old_feed_alert && !defined_func("report_error") )
{
 if ( nes_level < 3000 ) security_hole(port:0, data:report);
 else security_hole(port:0, extra:report);
}
else
{
 if ( nes_level < 3000 ) security_note(port:0, data:report);
 else security_note(port:0, extra:report);
}

7.1 High

AI Score

Confidence

Low