PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

nse_check_globals fixup

Browse Source
This commit is contained in:
patrik
2012-08-17 05:37:59 +00:00
parent 6294398668
commit 4157e63c9e
9 changed files with 60 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nselib/eigrp.lua
View File

@@ -5,6 +5,8 @@
-- Version 0.1 -- Version 0.1
-- 19/07/2012 - First version. -- 19/07/2012 - First version.
local bin = require "bin"
local table = require "table"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local ipOps = require "ipOps" local ipOps = require "ipOps"
local packet = require "packet" local packet = require "packet"

6
scripts/broadcast-eigrp-discovery.nse
View File

@@ -7,6 +7,8 @@ local bin = require "bin"
local packet = require "packet" local packet = require "packet"
local ipOps = require "ipOps" local ipOps = require "ipOps"
local target = require "target" local target = require "target"
local coroutine = require "coroutine"
local string = require "string"
description = [[ description = [[
Network discovery and routing information gathering through Cisco's EIGRP. Network discovery and routing information gathering through Cisco's EIGRP.
@@ -114,7 +116,7 @@ end
local eigrpListener = function(interface, timeout, responses) local eigrpListener = function(interface, timeout, responses)
local condvar = nmap.condvar(responses) local condvar = nmap.condvar(responses)
local routers = {} local routers = {}
local status, l3data, response, p, eigrp_raw local status, l3data, response, p, eigrp_raw, _
local start = nmap.clock_ms() local start = nmap.clock_ms()
-- Filter for EIGRP packets that are sent either to us or to multicast -- Filter for EIGRP packets that are sent either to us or to multicast
local filter = "ip proto 88 and (ip dst host " .. interface.address .. " or 224.0.0.10)" local filter = "ip proto 88 and (ip dst host " .. interface.address .. " or 224.0.0.10)"
@@ -162,7 +164,7 @@ end
--@param astab Table to put result into. --@param astab Table to put result into.
local asListener = function(interface, timeout, astab) local asListener = function(interface, timeout, astab)
local condvar = nmap.condvar(astab) local condvar = nmap.condvar(astab)
local status, l3data, p, eigrp_raw, eigrp_hello local status, l3data, p, eigrp_raw, eigrp_hello, _
local start = nmap.clock_ms() local start = nmap.clock_ms()
local filter = "ip proto 88 and ip dst host 224.0.0.10" local filter = "ip proto 88 and ip dst host 224.0.0.10"
local listener = nmap.new_socket() local listener = nmap.new_socket()

4
scripts/broadcast-igmp-discovery.nse
View File

@@ -5,6 +5,8 @@ local bin = require "bin"
local packet = require "packet" local packet = require "packet"
local ipOps = require "ipOps" local ipOps = require "ipOps"
local target = require "target" local target = require "target"
local coroutine = require "coroutine"
local string = require "string"
description = [[ description = [[
Discovers targets that have IGMP Multicast memberships and grabs interesting information. Discovers targets that have IGMP Multicast memberships and grabs interesting information.
@@ -142,7 +144,7 @@ local igmpListener = function(interface, timeout, responses)
local condvar = nmap.condvar(responses) local condvar = nmap.condvar(responses)
local start = nmap.clock_ms() local start = nmap.clock_ms()
local listener = nmap.new_socket() local listener = nmap.new_socket()
local p, igmp_raw, status, l3data, response local p, igmp_raw, status, l3data, response, _
local devices = {} local devices = {}
listener:set_timeout(100) listener:set_timeout(100)
listener:pcap_open(interface.device, 1024, true, 'ip proto 2') listener:pcap_open(interface.device, 1024, true, 'ip proto 2')

4
scripts/broadcast-pim-discovery.nse
View File

@@ -5,6 +5,8 @@ local bin = require "bin"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local target = require "target" local target = require "target"
local table = require "table" local table = require "table"
local math = require "math"
local string = require "string"
description = [[ description = [[
Discovers routers that are running PIM (Protocol Independant Multicast). Discovers routers that are running PIM (Protocol Independant Multicast).
@@ -104,7 +106,7 @@ local helloListen = function(interface, timeout, responses)
local condvar = nmap.condvar(responses) local condvar = nmap.condvar(responses)
local start = nmap.clock_ms() local start = nmap.clock_ms()
local listener = nmap.new_socket() local listener = nmap.new_socket()
local p, hello_raw, status, l3data local p, hello_raw, status, l3data, _
-- PIM packets that are sent to 224.0.0.13 and not coming from our host -- PIM packets that are sent to 224.0.0.13 and not coming from our host
local filter = 'ip proto 103 and dst host 224.0.0.13 and src host not ' .. interface.address local filter = 'ip proto 103 and dst host 224.0.0.13 and src host not ' .. interface.address

38
scripts/http-title.nse
View File

@@ -5,6 +5,7 @@ local nmap = require "nmap"
local shortport = require "shortport" local shortport = require "shortport"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local string = require "string" local string = require "string"
local table = require "table"
local url = require "url" local url = require "url"
description = [[ description = [[
@@ -38,11 +39,9 @@ categories = {"default", "discovery", "safe"}
portrule = shortport.http portrule = shortport.http
action = function(host, port) local function getTitle(host, port, path)
local resp, redirect_url, title local resp = http.get( host, port, path )
local redirect_url
resp = http.get( host, port, '/' )
-- check for a redirect -- check for a redirect
if resp.location then if resp.location then
redirect_url = resp.location[#resp.location] redirect_url = resp.location[#resp.location]
@@ -52,10 +51,14 @@ action = function(host, port)
end end
-- try and match title tags -- try and match title tags
local title
if ( resp.body ) then
title = string.match(resp.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)</[Tt][Ii][Tt][Ll][Ee]>") title = string.match(resp.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)</[Tt][Ii][Tt][Ll][Ee]>")
else
title = "No reponse received from server"
end
local display_title = title local display_title = title
if display_title and display_title ~= "" then if display_title and display_title ~= "" then
display_title = string.gsub(display_title , "[\n\r\t]", "") display_title = string.gsub(display_title , "[\n\r\t]", "")
if #display_title > 65 then if #display_title > 65 then
@@ -70,14 +73,25 @@ action = function(host, port)
end end
end end
local output_tab = stdnse.output_table() return title, display_title, redirect_url
output_tab.title = title end
output_tab.redirect_url = redirect_url
local output_str = display_title action = function(host, port)
local path = stdnse.get_script_args(SCRIPT_NAME .. ".path") or "/"
local str_res, xml_res = {}, stdnse.output_table()
for _, p in ipairs(stdnse.strsplit(",", path)) do
local title, display_title, redirect_url = getTitle(host, port, p)
local result_part = { ("%s: %s"):format(p, display_title) }
if redirect_url then if redirect_url then
output_str = output_str .. "\n" .. ("Requested resource was %s"):format( redirect_url ) table.insert(result_part, { ("Requested resource was %s"):format( redirect_url ) })
end
table.insert(str_res, result_part)
xml_res.urls = xml_res.urls or {}
table.insert(xml_res.urls, { path = p, title = title, redirect_url = redirect_url })
end end
return output_tab, output_str return xml_res, stdnse.format_output(true, str_res)
end end

9
scripts/llmnr-resolve.nse
View File

@@ -6,6 +6,8 @@ local bit = require "bit"
local packet = require "packet" local packet = require "packet"
local ipOps = require "ipOps" local ipOps = require "ipOps"
local target = require "target" local target = require "target"
local math = require "math"
local string = require "string"
description = [[ description = [[
Resolves a hostname by using the LLMNR (Link-Local Multicast Name Resolution) protocol. Resolves a hostname by using the LLMNR (Link-Local Multicast Name Resolution) protocol.
@@ -88,7 +90,7 @@ local llmnrListen = function(interface, timeout, result)
local condvar = nmap.condvar(result) local condvar = nmap.condvar(result)
local start = nmap.clock_ms() local start = nmap.clock_ms()
local listener = nmap.new_socket() local listener = nmap.new_socket()
local status, l3data local status, l3data, _
-- packets that are sent to our UDP port number 5355 -- packets that are sent to our UDP port number 5355
local filter = 'dst host ' .. interface.address .. ' and udp src port 5355' local filter = 'dst host ' .. interface.address .. ' and udp src port 5355'
@@ -202,10 +204,11 @@ action = function()
if #result > 0 then if #result > 0 then
for _, response in pairs(result) do for _, response in pairs(result) do
table.insert(output, response.hostname.. " : " .. response.address) table.insert(output, response.hostname.. " : " .. response.address)
end
if target.ALLOW_NEW_TARGETS then if target.ALLOW_NEW_TARGETS then
target.add(response.address) target.add(response.address)
else end
end
if ( not(target.ALLOW_NEW_TARGETS) ) then
table.insert(output,"Use the newtargets script-arg to add the results as targets") table.insert(output,"Use the newtargets script-arg to add the results as targets")
end end
return stdnse.format_output(true, output) return stdnse.format_output(true, output)

6
scripts/mtrace.nse
View File

@@ -4,6 +4,8 @@ local ipOps = require "ipOps"
local bin = require "bin" local bin = require "bin"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local table = require "table" local table = require "table"
local math = require "math"
local string = require "string"
description = [[ description = [[
Queries for the multicast path from a source to a destination host. Queries for the multicast path from a source to a destination host.
@@ -155,7 +157,7 @@ local traceSend = function(interface, destination, trace_raw)
if destination == "224.0.0.2" then if destination == "224.0.0.2" then
sock:ethernet_open(interface.device) sock:ethernet_open(interface.device)
-- Ethernet IPv4 multicast, our ethernet address and packet type IP -- Ethernet IPv4 multicast, our ethernet address and packet type IP
eth_hdr = bin.pack("HAH", "01 00 5e 00 00 02", interface.mac, "08 00") local eth_hdr = bin.pack("HAH", "01 00 5e 00 00 02", interface.mac, "08 00")
sock:ethernet_send(eth_hdr .. trace_packet.buf) sock:ethernet_send(eth_hdr .. trace_packet.buf)
sock:ethernet_close() sock:ethernet_close()
else else
@@ -266,7 +268,7 @@ local traceListener = function(interface, timeout, responses)
local condvar = nmap.condvar(responses) local condvar = nmap.condvar(responses)
local start = nmap.clock_ms() local start = nmap.clock_ms()
local listener = nmap.new_socket() local listener = nmap.new_socket()
local p, trace_raw, status, l3data, response local p, trace_raw, status, l3data, response, _
-- IGMP packets that are sent to our host -- IGMP packets that are sent to our host
local filter = 'ip proto 2 and dst host ' .. interface.address local filter = 'ip proto 2 and dst host ' .. interface.address

2
scripts/smb-os-discovery.nse
View File

@@ -2,6 +2,8 @@ local smb = require "smb"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local string = require "string" local string = require "string"
local table = require "table" local table = require "table"
local math = require "math"
local os = require "os"
description = [[ description = [[
Attempts to determine the operating system, computer name, domain, workgroup, and current Attempts to determine the operating system, computer name, domain, workgroup, and current

1
scripts/ssl-known-key.nse
View File

@@ -3,6 +3,7 @@ local nmap = require "nmap"
local shortport = require "shortport" local shortport = require "shortport"
local stdnse = require "stdnse" local stdnse = require "stdnse"
local sslcert = require "sslcert" local sslcert = require "sslcert"
local bin = require "bin"
-- -*- mode: lua -*- -- -*- mode: lua -*-
-- vim: set filetype=lua : -- vim: set filetype=lua :