CMPS 476 Lab 7

Lab 7 - Writing Nessus Plugins

Due: Wednesday at 5:00pm
This lab is worth 10 points.

For today's lab, we will write a simple custom Nessus plugin that checks the banner string of SSH to see if OpenSSH is the type of SSH server running. Nessus uses a simple scripting language, NASL, for writing plugins. There is also a command line tool, nasl, to run a single script against a target machine.

The following links have tutorials about the scripting language and the command line tool. Read through each before starting to write your plugin.

Writing Nessus Plugins by Nitesh Dhanjani
Presentation on Writing Nessus Plugins by Nitesh Dhanjani - The presentation actually has details not in the above article.
NASL Reference Manual - The official reference manual from Tenable (the makers of Nessus)
Using the nasl Nessus Command Line Tool - A tutorial provided by Tenable on how to use the nasl command. It also has links to some sample NASL scripts that you can use as examples.

To write your plugin, you will need to launch the virtual machine that has the Nessus code installed on it. You will also need a target machine with the SSH server running and no firewall rules blocking access to the SSH server. Use the above tutorials to write your NASL script to see if the banner returned by port 22 contains the phrase OpenSSH, which indicates it is running the OpenSSH server. If the banner contains that phrase, set the security note flag. Test your script using the nasl command line tool and the GUI.

Email your NASL script to me.