Errors when running a scan of a Windows machine from a Linux machine

[ronanlaunay]

What did you do? (required. The issue will be closed when not provided.)

I tried to scan a windows 2019 server from a vuls server installed on Red Hat Entreprise Linux 8

What did you expect to happen?

List of CVEs and patches present on the VM

What happened instead?

Lots of errors in remote command line execution

• Current Output

`
./vuls configtest -debug vm-windows2k9-test-1
[Oct 5 23:20:45] INFO [localhost] vuls-v0.24.1-build-20231005_224349_d2ca56a
[Oct 5 23:20:46] INFO [localhost] Validating config...
[Oct 5 23:20:46] INFO [localhost] Detecting Server/Container OS...
[Oct 5 23:20:46] INFO [localhost] Detecting OS of servers...
[Oct 5 23:20:46] DEBUG [localhost] Validating SSH Settings for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Executing... /usr/bin/ssh -G -F /home/vuls/.ssh/config -i /home/vuls/.ssh/id_rsa -p 22 -l administrator 192.168.0.42
[Oct 5 23:20:46] DEBUG [localhost] Setting SSH User:administrator for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Setting SSH Port:22 for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Checking if the host's public key is in known_hosts...
[Oct 5 23:20:46] DEBUG [localhost] Executing... /usr/bin/ssh-keygen -F 192.168.0.42 -f ~/.ssh/known_hosts
[Oct 5 23:20:46] DEBUG [localhost] Executing... exit
[Oct 5 23:20:46] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:
stderr: stty : The term 'stty' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• stty cols 1000; exit

•   + CategoryInfo          : ObjectNotFound: (stty:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
  
  
  err: %!s(<nil>)
  

[Oct 5 23:20:46] DEBUG [localhost] Executing... Get-ComputerInfo -Property WindowsProductName, OsVersion, WindowsEditionId, OsCSDVersion, CsSystemType, WindowsInstallationType
[Oct 5 23:20:47] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 1
stdout:
stderr: Get-ComputerInfo : A positional parameter cannot be found that accepts argument 'OsVersion'.
At line:1 char:1

• Get-ComputerInfo -Property WindowsProductName OsVersion WindowsEditio ...

•   + CategoryInfo          : InvalidArgument: (:) [Get-ComputerInfo], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetComputerInfoCommand
  
  
  err: %!s(<nil>)
  

[Oct 5 23:20:47] DEBUG [localhost] Executing... $WmiOS = (Get-WmiObject Win32_OperatingSystem); Format-List -InputObject $WmiOS -Property Caption, Version, OperatingSystemSKU, CSDVersion; $WmiCS = (Get-WmiObject Win32_ComputerSystem); Format-List -InputObject $WmiCS -Property SystemType, DomainRole
[Oct 5 23:20:48] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:

SystemType : x64-based PC
DomainRole : 2

stderr: = : The term '=' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• = \VM-INTERCO-PAIT\root\cimv2:Win32_OperatingSystem=@

• ~

  • CategoryInfo : ObjectNotFound: (=:String) [], CommandNotFoundException
  • FullyQualifiedErrorId : CommandNotFoundException

  err: %!s()
  [Oct 5 23:20:48] DEBUG [localhost] Windows. Host: 192.168.0.42:22
  [Oct 5 23:20:48] ERROR [localhost] (1/1) Failed: vm-windows2k9-test-1, err: [Failed to detect os name. err:
  github.com/future-architect/vuls/scanner.detectWindows
  /home/vuls/tmp/vuls/scanner/windows.go:105

  • Failed to detect OS Name from OSInfo: {productName: version: build: revision: edition: servicePack: arch:x64-based installationType:Server}, err:
    github.com/future-architect/vuls/scanner.detectOSName
    /home/vuls/tmp/vuls/scanner/windows.go:557
  • OS Name not found:
    github.com/future-architect/vuls/scanner.detectOSNameFromOSInfo
    /home/vuls/tmp/vuls/scanner/windows.go:765]
    [Oct 5 23:20:48] ERROR [localhost] Failed to configtest: Failed to init servers. err:
    github.com/future-architect/vuls/scanner.Scanner.Configtest
    /home/vuls/tmp/vuls/scanner/scanner.go:119
  • No scannable host OS:
    github.com/future-architect/vuls/scanner.Scanner.initServers
    /home/vuls/tmp/vuls/scanner/scanner.go:300
    `

Steps to reproduce the behaviour

Here's the workaround:

We need to scan Windows 2019 machines by ssh and powershell from a vuls server running on RHEL 8, and a second test has been run on macOS for debugging purposes.

To put it simply, we've noticed that when we play with exec functions that start by declaring a variable with $ launched with " at beginning, this leads to non-interpretation and when we replace with `, it works a little better and when we replace with the ipconfig command, it works even better, why, I don't know, I haven't found a valid reason why this parry works ...

Here are the lines I have modified

===============
EXECUTION START

vuls@server ~ $ grep -inr "exec" ~/tmp/vuls/scanner/windows.go 54: if isLocalExec(c.Port, c.Host) { 55: if r, r2 := exec(tmp, $CurrentVersion = (Get-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion"); Format-List -InputObject $CurrentVersion -Property ProductName, CurrentVersion, CurrentMajorVersionNumber, CurrentMinorVersionNumber, CurrentBuildNumber, UBR, CSDVersion, EditionID, InstallationType, noSudo), exec(tmp, (Get-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment").PROCESSOR_ARCHITECTURE, noSudo); (r.isSuccess() && r.Stdout != "") && (r2.isSuccess() && r2.Stdout != "") { 75: if r := exec(tmp, "Get-ComputerInfo -Property WindowsProductName, OsVersion, WindowsEditionId, OsCSDVersion, CsSystemType, WindowsInstallationType", noSudo); r.isSuccess() && r.Stdout != "" { 94: if r := exec(tmp, "$WmiOS = (Get-WmiObject Win32_OperatingSystem); Format-List -InputObject $WmiOS -Property Caption, Version, OperatingSystemSKU, CSDVersion; $WmiCS = (Get-WmiObject Win32_ComputerSystem); Format-List -InputObject $WmiCS -Property SystemType, DomainRole", noSudo); r.isSuccess() && r.Stdout != "" { 113: if r := exec(tmp, "systeminfo.exe", noSudo); r.isSuccess() && r.Stdout != "" { 977: r := o.exec("ipconfig.exe", noSudo) 1020: if r := o.exec("$Packages = (Get-Package); Format-List -InputObject $Packages -Property Name, Version, ProviderName", noSudo); r.isSuccess() { 1081: if r := o.exec("$Hotfix = (Get-Hotfix); Format-List -InputObject $Hotfix -Property HotFixID", noSudo); r.isSuccess() { 1091: if r := o.exec("$Packages = (Get-Package -ProviderName msu); Format-List -InputObject $Packages -Property Name", noSudo); r.isSuccess() { 1101: if isLocalExec(o.getServerInfo().Port, o.getServerInfo().Host) { 1110: if r := o.exec(fmt.Sprintf(%s $UpdateSearcher.search("IsInstalled = 1 and RebootRequired = 0 and Type='Software'").Updates | ForEach-Object -MemberName KBArticleIDs, searcher), noSudo); r.isSuccess() { 1119: if r := o.exec(fmt.Sprintf(%s $UpdateSearcher.search("IsInstalled = 0 and Type='Software'").Updates | ForEach-Object -MemberName KBArticleIDs, searcher), noSudo); r.isSuccess() { 1128: if r := o.exec(fmt.Sprintf(%s $UpdateSearcher.search("IsInstalled = 1 and RebootRequired = 1 and Type='Software'").Updates | ForEach-Object -MemberName KBArticleIDs, searcher), noSudo); r.isSuccess() { 1139: if r := o.exec("$UpdateSearcher = (New-Object -ComObject Microsoft.Update.Session).CreateUpdateSearcher(); $HistoryCount = $UpdateSearcher.GetTotalHistoryCount(); $UpdateSearcher.QueryHistory(0, $HistoryCount) | Sort-Object -Property Date | Format-List -Property Title, Operation, ResultCode", noSudo); r.isSuccess() { 4526: if r := o.exec("Invoke-WebRequest -MaximumRetryCount 3 -TimeoutSec 1 -NoProxy http://169.254.169.254/latest/meta-data/instance-id", noSudo); r.isSuccess() { 4533: if r := o.exec("Invoke-WebRequest -Method Put -MaximumRetryCount 3 -TimeoutSec 1 -NoProxy -Headers @{\"X-aws-ec2-metadata-token-ttl-seconds\"=\"300\"} http://169.254.169.254/latest/api/token", noSudo); r.isSuccess() { 4534: r := o.exec(fmt.Sprintf("Invoke-WebRequest -MaximumRetryCount 3 -TimeoutSec 1 -NoProxy -Headers @{\"X-aws-ec2-metadata-token\"=\"%s\"} http://169.254.169.254/latest/meta-data/instance-id", strings.TrimSpace(r.Stdout)), noSudo) 4544: if r := o.exec("where.exe curl.exe", noSudo); r.isSuccess() { 4545: if r := o.exec("curl.exe --max-time 1 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id", noSudo); r.isSuccess() { 4552: if r := o.exec("curl.exe -X PUT --max-time 1 --noproxy 169.254.169.254 -H \"X-aws-ec2-metadata-token-ttl-seconds: 300\" http://169.254.169.254/latest/api/token", noSudo); r.isSuccess() { 4553: if r := o.exec(fmt.Sprintf("curl.exe -H \"X-aws-ec2-metadata-token: %s\" --max-time 1 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id", strings.TrimSpace(r.Stdout)), noSudo); r.isSuccess() {

===============
EXECUTION END

1. OS informations

vuls@server ~ $ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.8 (Ootpa)

2. Go informations

vuls@server ~ $ go version go1.20 linux/amd64

vuls@server ~ $ go env GO111MODULE="" GOARCH="amd64" GOBIN="" GOCACHE="/home/vuls/.cache/go-build" GOENV="/home/vuls/.config/go/env" GOEXE="" GOEXPERIMENT="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="linux" GOINSECURE="" GOMODCACHE="/home/vuls/go/pkg/mod" GONOPROXY="" GONOSUMDB="" GOOS="linux" GOPATH="/home/vuls/go" GOPRIVATE="" GOPROXY="https://proxy.golang.org,direct" GOROOT="/usr/local/go" GOSUMDB="sum.golang.org" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64" GOVCS="" GOVERSION="go1.20" GCCGO="gccgo" GOAMD64="v1" AR="ar" CC="gcc" CXX="g++" CGO_ENABLED="1" GOMOD="/dev/null" GOWORK="" CGO_CFLAGS="-O2 -g" CGO_CPPFLAGS="" CGO_CXXFLAGS="-O2 -g" CGO_FFLAGS="-O2 -g" CGO_LDFLAGS="-O2 -g" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build561781977=/tmp/go-build -gno-record-gcc-switches"

3. Compilation step

`
mkdir tmp

cd tmp

git clone https://github.com/future-architect/vuls.git

cd vuls

vuls@server ~/tmp/vuls $ make install
ls: impossible d'accéder à '/home/vuls/tmp/vuls/integration/results': Aucun fichier ou dossier de ce type
ls: impossible d'accéder à '/home/vuls/tmp/vuls/integration/results': Aucun fichier ou dossier de ce type
ls: impossible d'accéder à '/home/vuls/tmp/vuls/integration/results': Aucun fichier ou dossier de ce type
CGO_ENABLED=0 go install -ldflags "-X 'github.com/future-architect/vuls/config.Version=v0.24.1' -X 'github.com/future-architect/vuls/config.Revision=build-20231006_000232_d2ca56a'" ./cmd/vuls
vuls@server ~/tmp/vuls $
`

4. vuls informations

vuls@server ~/fakeroot 02:44:52 $ vuls -v vuls-v0.24.1-build-20231006_004552_d2ca56a

===============
EXECUTION START

`
./vuls configtest -debug vm-windows2k9-test-1
[Oct 5 23:20:45] INFO [localhost] vuls-v0.24.1-build-20231005_224349_d2ca56a
[Oct 5 23:20:46] INFO [localhost] Validating config...
[Oct 5 23:20:46] INFO [localhost] Detecting Server/Container OS...
[Oct 5 23:20:46] INFO [localhost] Detecting OS of servers...
[Oct 5 23:20:46] DEBUG [localhost] Validating SSH Settings for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Executing... /usr/bin/ssh -G -F /home/vuls/.ssh/config -i /home/vuls/.ssh/id_rsa -p 22 -l administrator 192.168.0.42
[Oct 5 23:20:46] DEBUG [localhost] Setting SSH User:administrator for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Setting SSH Port:22 for Server:vm-windows2k9-test-1 ...
[Oct 5 23:20:46] DEBUG [localhost] Checking if the host's public key is in known_hosts...
[Oct 5 23:20:46] DEBUG [localhost] Executing... /usr/bin/ssh-keygen -F 192.168.0.42 -f ~/.ssh/known_hosts
[Oct 5 23:20:46] DEBUG [localhost] Executing... exit
[Oct 5 23:20:46] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:
stderr: stty : The term 'stty' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• stty cols 1000; exit

•   + CategoryInfo          : ObjectNotFound: (stty:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
  
  
  err: %!s(<nil>)
  

[Oct 5 23:20:46] DEBUG [localhost] Executing... Get-ComputerInfo -Property WindowsProductName, OsVersion, WindowsEditionId, OsCSDVersion, CsSystemType, WindowsInstallationType
[Oct 5 23:20:47] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 1
stdout:
stderr: Get-ComputerInfo : A positional parameter cannot be found that accepts argument 'OsVersion'.
At line:1 char:1

• Get-ComputerInfo -Property WindowsProductName OsVersion WindowsEditio ...

•   + CategoryInfo          : InvalidArgument: (:) [Get-ComputerInfo], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetComputerInfoCommand
  
  
  err: %!s(<nil>)
  

[Oct 5 23:20:47] DEBUG [localhost] Executing... $WmiOS = (Get-WmiObject Win32_OperatingSystem); Format-List -InputObject $WmiOS -Property Caption, Version, OperatingSystemSKU, CSDVersion; $WmiCS = (Get-WmiObject Win32_ComputerSystem); Format-List -InputObject $WmiCS -Property SystemType, DomainRole
[Oct 5 23:20:48] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:

SystemType : x64-based PC
DomainRole : 2

stderr: = : The term '=' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• = \VM-INTERCO-PAIT\root\cimv2:Win32_OperatingSystem=@

• ~

  • CategoryInfo : ObjectNotFound: (=:String) [], CommandNotFoundException
  • FullyQualifiedErrorId : CommandNotFoundException

  err: %!s()
  [Oct 5 23:20:48] DEBUG [localhost] Windows. Host: 192.168.0.42:22
  [Oct 5 23:20:48] ERROR [localhost] (1/1) Failed: vm-windows2k9-test-1, err: [Failed to detect os name. err:
  github.com/future-architect/vuls/scanner.detectWindows
  /home/vuls/tmp/vuls/scanner/windows.go:105

  • Failed to detect OS Name from OSInfo: {productName: version: build: revision: edition: servicePack: arch:x64-based installationType:Server}, err:
    github.com/future-architect/vuls/scanner.detectOSName
    /home/vuls/tmp/vuls/scanner/windows.go:557
  • OS Name not found:
    github.com/future-architect/vuls/scanner.detectOSNameFromOSInfo
    /home/vuls/tmp/vuls/scanner/windows.go:765]
    [Oct 5 23:20:48] ERROR [localhost] Failed to configtest: Failed to init servers. err:
    github.com/future-architect/vuls/scanner.Scanner.Configtest
    /home/vuls/tmp/vuls/scanner/scanner.go:119
  • No scannable host OS:
    github.com/future-architect/vuls/scanner.Scanner.initServers
    /home/vuls/tmp/vuls/scanner/scanner.go:300
    `

===============
EXECUTION END

After that, I tried to replace all exec functions starting with a "$" with a `$, as shown on line 55.

But after re-compiling the binary and testing, I got other errors on functions that don't start with $ but start with a powershell function whose arguments are not interpreted
as in this Get-ComputerInfo execution

===============
EXECUTION START

`
vuls@server ~/fakeroot $ ./vuls configtest -debug vm-windows2k9-test-1
[Oct 6 00:01:18] INFO [localhost] vuls-v0.24.1-build-20231005_233609_d2ca56a
[Oct 6 00:01:18] INFO [localhost] Validating config...
[Oct 6 00:01:18] INFO [localhost] Detecting Server/Container OS...
[Oct 6 00:01:18] INFO [localhost] Detecting OS of servers...
[Oct 6 00:01:18] DEBUG [localhost] Validating SSH Settings for Server:vm-windows2k9-test-1 ...
[Oct 6 00:01:18] DEBUG [localhost] Executing... /usr/bin/ssh -G -F /home/vuls/.ssh/config -i /home/vuls/.ssh/id_rsa -p 22 -l administrator 192.168.0.42
[Oct 6 00:01:18] DEBUG [localhost] Setting SSH User:administrator for Server:vm-windows2k9-test-1 ...
[Oct 6 00:01:18] DEBUG [localhost] Setting SSH Port:22 for Server:vm-windows2k9-test-1 ...
[Oct 6 00:01:18] DEBUG [localhost] Checking if the host's public key is in known_hosts...
[Oct 6 00:01:19] DEBUG [localhost] Executing... /usr/bin/ssh-keygen -F 192.168.0.42 -f ~/.ssh/known_hosts
[Oct 6 00:01:19] DEBUG [localhost] Executing... exit
[Oct 6 00:01:19] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:
stderr: stty : The term 'stty' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• stty cols 1000; exit

•   + CategoryInfo          : ObjectNotFound: (stty:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
  
  
  err: %!s(<nil>)
  

[Oct 6 00:01:19] DEBUG [localhost] Executing... Get-ComputerInfo -Property WindowsProductName, OsVersion, WindowsEditionId, OsCSDVersion, CsSystemType, WindowsInstallationType
[Oct 6 00:01:20] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 1
stdout:
stderr: Get-ComputerInfo : A positional parameter cannot be found that accepts argument 'OsVersion'.
At line:1 char:1

• Get-ComputerInfo -Property WindowsProductName OsVersion WindowsEditio ...

•   + CategoryInfo          : InvalidArgument: (:) [Get-ComputerInfo], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetComputerInfoCommand
  
  
  err: %!s(<nil>)
  

[Oct 6 00:01:20] DEBUG [localhost] Executing... $WmiOS = (Get-WmiObject Win32_OperatingSystem); Format-List -InputObject $WmiOS -Property Caption, Version, OperatingSystemSKU, CSDVersion; $WmiCS = (Get-WmiObject Win32_ComputerSystem); Format-List -InputObject $WmiCS -Property SystemType, DomainRole
[Oct 6 00:01:21] DEBUG [localhost] execResult: servername: vm-windows2k9-test-1
cmd: /usr/bin/ssh -F /home/vuls/.ssh/config -l administrator -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no 192.168.0.42
exitstatus: 0
stdout:

SystemType : x64-based PC
DomainRole : 2

stderr: = : The term '=' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1

• = \VM-INTERCO-PAIT\root\cimv2:Win32_OperatingSystem=@

• ~

  • CategoryInfo : ObjectNotFound: (=:String) [], CommandNotFoundException
  • FullyQualifiedErrorId : CommandNotFoundException

  err: %!s()
  [Oct 6 00:01:21] DEBUG [localhost] Windows. Host: 192.168.0.42:22
  [Oct 6 00:01:21] ERROR [localhost] (1/1) Failed: vm-windows2k9-test-1, err: [Failed to detect os name. err:
  github.com/future-architect/vuls/scanner.detectWindows
  /home/vuls/tmp/vuls/scanner/windows.go:105

  • Failed to detect OS Name from OSInfo: {productName: version: build: revision: edition: servicePack: arch:x64-based installationType:Server}, err:
    github.com/future-architect/vuls/scanner.detectOSName
    /home/vuls/tmp/vuls/scanner/windows.go:557
  • OS Name not found:
    github.com/future-architect/vuls/scanner.detectOSNameFromOSInfo
    /home/vuls/tmp/vuls/scanner/windows.go:765]
    [Oct 6 00:01:21] ERROR [localhost] Failed to configtest: Failed to init servers. err:
    github.com/future-architect/vuls/scanner.Scanner.Configtest
    /home/vuls/tmp/vuls/scanner/scanner.go:119
  • No scannable host OS:
    github.com/future-architect/vuls/scanner.Scanner.initServers
    /home/vuls/tmp/vuls/scanner/scanner.go:300
    `

===============
EXECUTION END

I decide to do the same for all exec functions
I recompile and test again and I still get errors interpreting certain characters, I don't understand but I continue my tests
This time, I try adding a classic Windows command to confirm that it's an interpretation error when sending the command via bash. I decide to add ipconfig in front of each command that causes a problem

vuls_configtest_-debug_vm-windows2k9-test-1.log

The same tests were carried out with macOS. Here's the information from the runtime environment

OS: macOS 13.6 22G120 x86_64
go version go1.21.1 darwin/amd64

Errors remain the same

Configuration (MUST fill this out):

• Go version (go version):

vuls@server ~ $ go version go1.20 linux/amd64

• Go environment (go env):

vuls@server ~ $ go env GO111MODULE="" GOARCH="amd64" GOBIN="" GOCACHE="/home/vuls/.cache/go-build" GOENV="/home/vuls/.config/go/env" GOEXE="" GOEXPERIMENT="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="linux" GOINSECURE="" GOMODCACHE="/home/vuls/go/pkg/mod" GONOPROXY="" GONOSUMDB="" GOOS="linux" GOPATH="/home/vuls/go" GOPRIVATE="" GOPROXY="https://proxy.golang.org,direct" GOROOT="/usr/local/go" GOSUMDB="sum.golang.org" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64" GOVCS="" GOVERSION="go1.20" GCCGO="gccgo" GOAMD64="v1" AR="ar" CC="gcc" CXX="g++" CGO_ENABLED="1" GOMOD="/dev/null" GOWORK="" CGO_CFLAGS="-O2 -g" CGO_CPPFLAGS="" CGO_CXXFLAGS="-O2 -g" CGO_FFLAGS="-O2 -g" CGO_LDFLAGS="-O2 -g" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build561781977=/tmp/go-build -gno-record-gcc-switches"

• Vuls environment:

vuls@server ~ $ vuls -v vuls-v0.24.1-build-20231006_004552_d2ca56a

• config.toml:

`
[default]
port = "22"
user = "root"
sshConfigPath = "/home/vuls/.ssh/config"
keyPath = "/home/vuls/.ssh/id_rsa"
scanMode = ["fast"]
ignoreCves = ["CVE-2018-19325", "CVE-2022-36227", "CVE-2023-25358", "CVE-2023-25360", "CVE-2023-25361", "CVE-2023-25362", "CVE-2023-25363", "CVE-2019-9928", "CVE-2020-9947", "CVE-2022-2196", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-3640", "CVE-2022-3970", "CVE-2022-42823", "CVE-2022-42826", "CVE-2022-42896", "CVE-2023-23517", "CVE-2023-23518", "CVE-2022-4904", "CVE-2022-1665", "CVE-2021-40153", "CVE-2022-41674", "CVE-2021-29657", "CVE-2021-3444", "CVE-2021-38166", "CVE-2022-0886", "CVE-2022-1679", "CVE-2022-20566", "CVE-2022-25265", "CVE-2022-30594", "CVE-2022-3239", "CVE-2022-3545", "CVE-2022-3565", "CVE-2022-3625", "CVE-2022-39189", "CVE-2022-42720", "CVE-2022-4378", "CVE-2022-45934", "CVE-2023-0266", "CVE-2023-0386", "CVE-2023-0461", "CVE-2023-1118", "CVE-2023-1252", "CVE-2023-1281", "CVE-2023-26604", "CVE-2020-10735", "CVE-2020-25645", "CVE-2021-33645", "CVE-2021-33646", "CVE-2021-34981", "CVE-2021-3714", "CVE-2022-21216", "CVE-2022-3623", "CVE-2022-38900", "CVE-2023-0361", "CVE-2023-0464", "CVE-2023-25193", "CVE-2021-28861", "CVE-2022-33196", "CVE-2021-0146", "CVE-2022-3564", "CVE-2022-3566", "CVE-2022-3567", "CVE-2022-41858", "CVE-2009-1143", "CVE-2022-1280", "CVE-2022-20141", "CVE-2022-3028", "CVE-2022-3522", "CVE-2023-0590", "CVE-2023-1579", "CVE-2023-28466", "CVE-2021-33656", "CVE-2022-1789", "CVE-2022-3628", "CVE-2021-28972", "CVE-2021-33655", "CVE-2021-4001", "CVE-2021-43975", "CVE-2022-2503", "CVE-2022-43750", "CVE-2023-1380", "CVE-2019-11135", "CVE-2020-3702", "CVE-2021-0145", "CVE-2021-26341", "CVE-2021-3178", "CVE-2021-33117", "CVE-2021-38206", "CVE-2022-32923", "CVE-2022-3627", "CVE-2022-42895", "CVE-2023-0394", "CVE-2023-1192", "CVE-2023-1195", "CVE-2023-23009", "CVE-2021-38198", "CVE-2022-20154", "CVE-2023-22745", "CVE-2022-1462", "CVE-2023-1073", "CVE-2022-33972", "CVE-2022-42799", "CVE-2019-11139", "CVE-2020-27171", "CVE-2022-21233", "CVE-2022-38090", "CVE-2020-28097", "CVE-2022-2663", "CVE-2022-43552", "CVE-2019-19530", "CVE-2020-14390", "CVE-2021-0127", "CVE-2021-46778", "CVE-2022-21127", "CVE-2022-23824", "CVE-2018-18700", "CVE-2019-20095", "CVE-2020-36311", "CVE-2021-3428", "CVE-2021-34556", "CVE-2021-34693", "CVE-2021-35477", "CVE-2021-4135", "CVE-2022-0171", "CVE-2022-1263", "CVE-2022-21131", "CVE-2022-21136", "CVE-2022-21151", "CVE-2022-28388", "CVE-2022-3524", "CVE-2022-3570", "CVE-2022-36280", "CVE-2022-36402", "CVE-2022-3707", "CVE-2022-38096", "CVE-2022-38457", "CVE-2022-40133", "CVE-2022-41218", "CVE-2022-4129", "CVE-2022-42703", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-42824", "CVE-2022-4285", "CVE-2022-45869", "CVE-2022-4662", "CVE-2022-47929", "CVE-2022-48281", "CVE-2023-0597", "CVE-2023-1095", "CVE-2023-1382", "CVE-2023-1637", "CVE-2023-23454", "CVE-2023-23455", "CVE-2023-24056", "CVE-2023-28327", "CVE-2023-28328", "CVE-2021-33120", "CVE-2022-1972", "CVE-2022-3594", "CVE-2023-28486", "CVE-2023-28487", "CVE-2022-0005", "CVE-2020-27170", "CVE-2021-33624", "CVE-2021-3896", "CVE-2022-28693", "CVE-2022-39188", "CVE-2023-1582", "CVE-2019-15213", "CVE-2019-15219", "CVE-2020-10741", "CVE-2021-4159", "CVE-2022-3619", "CVE-2020-14416", "CVE-2022-35252", "CVE-2020-29374", "CVE-2020-35501", "CVE-2021-3655", "CVE-2021-3923", "CVE-2022-3542", "CVE-2023-1513", "CVE-2022-30294", "CVE-2023-0045", "CVE-2023-0047", "CVE-2023-27536", "CVE-2021-20200", "CVE-2015-5196", "CVE-2011-4084", ]

[servers.vm-interco-paitry-test-2]
user= "administrator"
host = "192.168.0.42"
port = "22"
scnMode = ["fast-root"]
`

• command:

`
vuls configtest -debug vm-windows2k9-test-1

vuls scan -debug vm-windows2k9-test-1
`

[MaineK00n]

@ronanlaunay

I apologize for the delay in fixing this bug.
If you like, I would be happy if you could try using the modified vuls again.
#1844