Question about http_cgi_dirs()

Hi, I have a question about the function http_cgi_dirs().

Are there any plugins that may change the return value of the function, or the return value will be the same on every function call (with the same parameters)?

The http_cgi_dirs() function is initially returning only the / root dir by default. The “final” list of returned directories is then influenced by various factors / VTs:

  1. dirs found by the VT “Directory Scanner” (OID: 1.3.6.1.4.1.25623.1.0.11032)
  2. dirs found by the VT “Web mirroring” (OID: 1.3.6.1.4.1.25623.1.0.10662)
  3. The following settings of the VT “Global variable settings” (OID: 1.3.6.1.4.1.25623.1.0.12288):
    1. Add historic /scripts and /cgi-bin to directories for CGI scanning
    2. Regex pattern to exclude directories from CGI scanning
    3. Use regex pattern to exclude directories from CGI scanning
    4. Exclude directories containing detected known server manuals from CGI scanning
  4. The content of the cgi_path scanner preference (openvas -s | grep cgi_path)

Hope this helps.

2 Likes

So, the list is final when the VT “Web mirroring” runs complete, right?

Yes, after the two VTs "Directory Scanner” and "Web mirroring” have finished their work (the first one is a dependency of the latter and should be pulled in / launched and started before) the list is final.

That’s why you also see most of the HTTP based VTs have a dependency to both VTs.

1 Like