:: Starting up
:: Request: GET /bar.js HTTP/1.1
Host: fooHost
Cookie: fooCookie
:: set key nvt_debug_misc/ → #-#http_send_recv(): Using a HTTP/1.1 request without a ‘User-Agent:’ header passed in ‘data’ variable. Adding it automatically to the request.
:: Result:
:: set key HostDetails → EXIT_CODE
:: set key HostDetails/NVT/(null)/EXIT_CODE → EXIT_NOTVULN
The result from http_send_recv is always empty. I have tried some different functions but to the same outcome. Couldn’t get much out of the out.log file.
As I have never worked with NASLs I guess this might be a newbie problem.
In general there are already some pretty handy functions available for HTTP based tasks. E.g. http_get_port()http_get_req() etc. for tasks like in your example. So best to have a look at http_func.inc and http_keepalive.inc and already available VTs from the feed how to use them.
However the main problem here is the call over openvas-nasl. As this is over HTTPS the scanner needs to know what protocol it has to use. So you either use something like
It was exactly it, calling by explicitly telling which protocol works. I guess when it is openvas running it, it sees the required scripts, runs them first, understands that ssl is on 443 and only then runs this script.
–kb “Transports/TCP/443=7”
I had to use “port=443” because “port = http_get_port( default:443 );” was not working. Still trying to figure out why.
@cfi
hi,
I have the same problem, did you solve it?
http_get_port ,is 0. but I used nmap,port is open。
I don’t know where unscanned_closed is set? I read some information some say in openvassd.conf settings, I can’t find this (openvassd.conf) file,
Info: kali, GSA 21.4.3, openvas-nasl 21.4.3