Tag Archives: nasl

More Of The Same

Posted on by

I’ve been testing PGP10 with GnuPG2 again, and noticed that GnuPG2 seems to embed the filename of encrypted files incorrectly – they’re always called “-&25″. Whilst they decrypt fine using GPG which I guess ignores the embedded filename and uses the actual filename, PGP cannot handle it. The fix is to add: set-filename "" to ~/.gnupg/gpg.conf

I installed my Corsair H50-1 watercooling system the other day, and on the final step found that I had a mis-manufactured part so am awaiting delivery of a replacement – which is being helped up getting between the US and Europe due to bloody Icelandic ash! So I had to put everything back together again, wasting about three hours of my time. I did at least confirm that I can get a 2-fan setup into my case, its a bit tight with the graphics card and PCI bracket though.

I installed Solaris 10u8 under VirtualBox yesterday and found that they’ve improved security by default – a lot of policies that had to be manually tightened are already set, such as SSHv2 and no root SSH. I meant to test them before applying the patch cluster, as the fixes could be due to the cluster. Update 9 should be due next month, which is the first post-Oracle release.

I’ve been playing with Nessus 4.2 exporting to Excel, using custom XSLT’s and writing more NASL’s. I installed 4.2.2 but it still doesn’t cache the SWF object.

I’m awaiting a replacement hard disk caddy for my laptop as it recently stopped working. I’m pretty sure its not the disk that’s dead as its barely been used and works fine the 10% of the time it actually does boot.

My Samsung F3 hard disk has started humming and vibrating like all the F1′s did, so I expect that is on its way out, so backing up regularly and will probably order a WD Caviar Black 1Tb next month, I’m fed up of Samsung, they’re the new Maxtor/Deskstar of the hard disk world I reckon!

GnuPG and PGP

Posted on by

I’ve been playing with the commercial PGP Desktop Pro today. Its funny, how for 185ukp its frontend really isn’t as nice as the free Seahorse and the PGP 10 backend isn’t [reportedly] as secure as the opensource GnuPG 2.

They both comply to the OpenPGP standard so I found I could use public/private keys generated on one with the other; and create encrypted/signed files using one tool and decrypt and verify on the other.

I’ve also been doing a lot more work with Nessus scripting lately – writing a lot of NASL plugins and also a parser to convert from the new Nessus 4.2 XML format to an Excel spreadsheet.

The other day I tried to get MS Office 2007 installed under WINE. Well it didn’t go well, eventually I did it (by removing the SP2 files from the installer) but the installed applications wouldn’t start. So I decided to try those Crossover Pro 8 licenses I won. Well all I can say is I’m glad I got them for free not seventy bucks, as even though they did install and run Word 2007 without modification like WINE, the installer screwed up my MIME associations. Plus the de-installer didn’t clean up after itself.

I don’t know how CodeWeavers are making money out of Crossover when the few advantages it has over WINE (GUI config etc.) actually break things that WINE wouldn’t. So I think I’ll stick to unzipping .docx files and opening them in OpenOffice.

RPM building

Posted on by

Today I’ve been building a noarch RPM specfile for setting up a Nessus environment with custom [signed] plugins. This is quite a good starting point, not really a tutorial though.

rpmbuild signs the plugin using nasl as per these instructions, but to automate it I had to remove the passphrase from the private key I was using, as rpmbuild won’t be able to prompt for a passphrase! The command to do that is:

openssl rsa -in MyCustomKey.priv.pem -out MyCustomKey2.priv.pem

It doesn’t change the public key and it still generates the same script signatures.

I also found that due to moving to a newer version of RPM, you can’t build FC9-compatible RPM’s on Fedora 12. I also found you can’t rebuild a src-rpm from F13 on F9, it can’t unpack it, probably for the same reason.