Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update nessus.rb for Issue #16556 #16560

Merged
merged 3 commits into from
May 12, 2022
Merged

Update nessus.rb for Issue #16556 #16560

merged 3 commits into from
May 12, 2022

Conversation

Ronni3X
Copy link
Contributor

@Ronni3X Ronni3X commented May 11, 2022
edited by adfoster-r7
Loading

closes #16556
supercedes #16559 #16557

Changed the line that parses the input for the nessus_connect password. It will now split the user input by the last occurrence of the at sign (@) instead of the first occurrence. This will prevent improperly parsed passwords due to an at sign (@) in the password.

Verification

  • change a password for a nessus user to something that contains an at sign (@)
  • start nessus
  • start msfconsole
  • load nessus
  • connect to nessus using the following example
  • nessus_connect test:tester@testing@localhost:8834 ssl_ignore
  • it should connect properly

@Ronni3X
Update nessus.rb
33cfc7c 
Changed the line that parses the input for the nessus_connect password. It will now split the user input by the last occurrence of the at sign (@) instead of the first occurrence. This will prevent improperly parsed passwords due to an at sign (@) in the password.
@Ronni3X
Merge pull request #1 from Ronni3X/Ronni3X-nessus-plugin-patch-1
0a2293f 
Update nessus.rb
@Ronni3X
Update nessus.rb
83bfc73
@Ronni3X Ronni3X marked this pull request as ready for review May 12, 2022 00:05
@adfoster-r7 adfoster-r7 merged commit d40a221 into rapid7:master May 12, 2022
@adfoster-r7
Copy link
Contributor

adfoster-r7 commented May 12, 2022
edited
Loading

Release Notes

Updates the nessus_connect login functionality to correctly handle the @ symbol being present in the password.

@adfoster-r7 adfoster-r7 added the rn-fix release notes fix label May 12, 2022
@Ronni3X Ronni3X deleted the Ronni3X-nessus-plugin-patch-1-1 branch May 12, 2022 13:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Nessus plugin password parsing
2 participants
@Ronni3X @adfoster-r7