CMD_EXEC

It is possible to execute commands on the remote host and to check that the output matches what is expected. This kind of check should be used with extreme caution, as it is not always portable across different flavors of Unix.

The quiet keyword tells Nessus not to show the output of the command that failed. It can be set to “YES” or “NO”. By default, it is set to “NO” and the result of the command is displayed. Similarly, the dont_echo_cmd keyword limits the results by outputting the command results, but not the command itself.

The nosudo keyword lets the user tell Nessus not to use sudo to execute the command by setting it to “YES”. By default, it is set to “NO” and sudo is always used when configured to do so.

Tip: For information about the parameters commonly found in Unix custom items, see Unix Configuration Keywords.

Example

<custom_item>

type: CMD_EXEC

description: "Make sure that we are running FreeBSD 4.9 or higher"

cmd: "uname –a"

timeout: "600"

expect: "FreeBSD (4\.(9|[1-9][0-9])|[5-9]\.)"

dont_echo_cmd: YES

</custom_item>