Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

iQSonar v3 used a “Shell on Shell” approach to SSH scanning. This introduced complications when it came to the complexities and variances introduced by different versions of shells and terminals on different distributions of linux and unix operating systems. The approach effectively emulated what an end user would do on a target machine. The problems came when messages like “You’ve got mail” were printed to the terminal. While a human could simply ignore the text, it introduced many difficulties for iQSonar and often contaminated the results or caused scans to fail.

...

Note

In order for this to work the iQSonar scanning user must be added to the sudoers file and REQUIRETTY directive must be disabled either at a user or system level more details available in the scanning pre-requisites document

 


Step-by-step guide

  1. From the UI navigate to Locations > Connections > SHH
  2. Change commandprefixcode to SUDO
  3. Change usecommandprefix to True

...


The command is:

{set the path};if sudo -l {command}>/dev/null; then sudo {command}; else {command};fi

The precise behaviour might be dependent on the user’s standard shell. ‘if’ is a shell command that can have slightly different behaviors on different shells.

 


 

 

 

 





Info

Filter by label (Content by label)
showLabelsfalse
max5
spacesCSKB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel = "kb-how-to-article" and type = "page" and space = "CSKB"
labelskb-how-to-article

...