Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cfischer@distal:~/openvas-scm/nvts/scripts$ svn diff 2017/gb_pfsense_default_ssh_credentials.nasl
- Index: 2017/gb_pfsense_default_ssh_credentials.nasl
- ===================================================================
- --- 2017/gb_pfsense_default_ssh_credentials.nasl (revision 7794)
- +++ 2017/gb_pfsense_default_ssh_credentials.nasl (working copy)
- @@ -71,8 +71,7 @@
- login = ssh_login( socket:soc, login:username, password:password, pub:NULL, priv:NULL, passphrase:NULL );
- if( login == 0 ) {
- - rcv = ssh_cmd( socket:soc, cmd:'8', nosh:TRUE, pty:TRUE );
- - sh = ssh_cmd( socket:soc, cmd:'cat /etc/passwd' );
- + rcv = ssh_cmd( socket:soc, cmd:'8\n && cat /etc/passwd', nosh:TRUE, pty:TRUE );
- if ('Welcome to pfSense' >< rcv && username >< rcv) {
- vuln = TRUE;
- @@ -79,10 +78,9 @@
- report += '\nuser: "' + username + '", password: "' + password + '"';
- }
- - if (sh =~ 'root:.*:0:[01]:') {
- - report += '\n\nIt was also possible to execute "cat /etc/passwd" as "' + username + '". Result:\n\n' + sh;
- + if (passwd = egrep( pattern:'root:.*:0:[01]:', string:rcv)) {
- + report += '\n\nIt was also possible to execute "cat /etc/passwd" as "' + username + '". Result:\n\n' + passwd;
- }
- -
- close( soc );
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement