[framework] Autopwn question [+generating Reports]
Dennis Günnewig
lex001 at gmx.de
Thu Feb 8 09:59:35 CST 2007
Hey, thx for this information. while sleeping i got some ideas to come along with the creation of reports, maybe it's possible to
implement them this way in a future release.
Extend the database by one table:
=================================
database: <database>
table: db_successful_exploits
columns: host_id - exploit
Adding some new commands to the db_mysql/postgres/...-plugin:
=================================
command: db_clear
parameters: --all --vuln --hosts --services --successful_exploits
default parameters: --services --vuln --successful_exploits)
information: to clear any data in the database
command: db_report
parameters: --verbose --short --xml --plaintext
default parameters: --short --plaintext
information: generate a report getting the information out of the database / exploits-instances
what information should be in the report
----------------------------------------
time when the report was created (getting from ruby)
foreach hosts {
host
overview services (getting from db)
overview successfull exploits (getting from db)
references to cve etc. (getting from exploits)
maybe what to do, to close the vulnerability (getting from cve...)
}
greetings,
/d
More information about the framework
mailing list