Nessus plugin - add search to relevant commands #6517
Conversation
Utilize the SearchTerm param in Rex' Tables to filter scrolling outputs. Clean up argument parsing (implement one of the MSF standards). Update help commands to reflect changes Testing: basic functional tests only so far
|
@sempervictus That is actually a great contribution. When I rewrote that plugin almost a year back, the Nessus API changed from XML to JSON and the focus was to make the plugin workable with the latest version. It is great you focused on an area which don't get the love of devs! |
|
Thanks, i try to please, figured you'd see this rather quickly (lurker). |
| case arg | ||
| when '-h', '--help' | ||
| print_status("nessus_server_feed") | ||
| print_status("Example:> nessus_server_feed -S searchterm") |
There was a problem hiding this comment.
This was wrong before and it is wrong here as well. The command is nessus_server_properties but the example is nessus_server_feed. We need to change either the command or the example description.
There was a problem hiding this comment.
Addressed, thank you.
cmd_nessus_server_properties help text was incorrect and referred to nessus_server_feed. Fix the help text to correctly reflect command name. Thanks @void-in
| print_status("Use nessus_user_list to list all users") | ||
| return | ||
| end | ||
| end | ||
| if args[0] == "-h" |
There was a problem hiding this comment.
Body is empty, delete this line.
There was a problem hiding this comment.
I think the original author placed that there for formatting. Void-in: can
I nix the formatting line(s)?
On Feb 3, 2016 11:22 AM, "James Lee" notifications@github.com wrote:
In plugins/nessus.rb
#6517 (comment)
:@@ -410,13 +479,19 @@ def cmd_nessus_server_status(*args)
enddef cmd_nessus_admin(*args)
while (arg = args.shift)case argwhen '-h', '--help'print_status("nessus_admin")print_status("Example:> nessus_admin")print_status()print_status("Checks to see if the current user is an admin")print_status("Use nessus_user_list to list all users")returnendend if args[0] == "-h"Body is empty, delete this line.
—
Reply to this email directly or view it on GitHub
https://github.com/rapid7/metasploit-framework/pull/6517/files#r51744471
.
There was a problem hiding this comment.
@sempervictus Yes. It should be removed.
Per Egypt's request and with Void-in's blessing, empty calls to print_status() are now removed.
|
@sempervictus Ah, I see where the confusion was now. That's not what I meant. The |
|
Sorry I wasn't more clear |
|
@jlee-r7 Yeah. I can see a confusion now but I think the latest commit shouldn't be reverted. The call to print_status() was included just for an empty line which isn't needed. Only thing left is to remove https://github.com/sempervictus/metasploit-framework/blob/ae38403bc29ec20c32f2cefeea8d3bd6f2990c4e/plugins/nessus.rb#L490-L492 |
The list must be iterated from the families key, or it will raise a type error.
|
@void-in: Are you taking this? |
|
@wvu-r7 Please land this. I am away from my dev machine and will take another 10+ hours to get there. Sorry I didn't know it was assigned to me. |
|
Thx guys. I've been using this a ton and its turned out extremely helpful
|
|
Thanks @wvu-r7 for landing. Great job @sempervictus |
Utilize the SearchTerm param in Rex' Tables to filter scrolling
outputs.
Clean up argument parsing (implement one of the MSF standards).
Update help commands to reflect changes
Testing: basic functional tests only so far