I have a question regarding a few NASL functions that are limited to use the target/host IP/FQDN only during their execution.
I am trying to develop a NASL VT that will run a few tests on the localhost.
However functions like open_sock_tcp() and http_req() can only target the target/host, or at least I cannot find a way to change that. I would like to mention that I want this script to run against localhost regardless the actual target/host that has been configured.
Is there anything I could do to use the aforementioned functions with IP: 127.0.0.1?
The scanner in general (e.g. via open_sock_tcp or any functions like http_send_recv()) currently only support connecting/targeting the target/host and not arbitrary systems which are not the target itself.
A possible workaround might be to call external tools like curl or nc via the scanner function pcred() (Check the feed for some examples and note that this function was called a “dangerous” one in some older OpenVAS documentation).
