PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity
13,343 Commits 2 Branches 0 Tags
master
Commit Graph

31 Commits

Author SHA1 Message Date
dmiller
0500811f5a Move string utility functions to stringaux.lua 2018-10-18 01:08:19 +00:00
dmiller
cb4b46bd53 Canonicalize authors as tables instead of comma-separated strings 2016-06-09 22:46:42 +00:00
dmiller
10bddaf1cf Update http-php-version based on scan data 2016-02-05 22:53:43 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
298be5bfaa Re-indent some scripts. Whitespace-only commit 
https://secwiki.org/w/Nmap/Code_Standards
 2014-01-31 17:36:09 +00:00
robert
30fcbb260e Updated the hash information in http-php-version to include PHP/5.3.17, PHP/5.3.18, PHP/5.4.7 and PHP/5.4.8. 2012-10-22 20:26:43 +00:00
robert
1a726ba337 Updated hashes to include PHP 5.3.15, 5.3.16, 5.4.5 and 5.4.6. 2012-09-07 10:03:05 +00:00
robert
33e9bf8d7b Updated the hash information in http-php-version to include PHP/5.4.4 and 5.3.14. 2012-06-16 21:41:46 +00:00
batrick
000f6dc4d9 Lua 5.2 upgrade [1] for NSE. 
[1] http://seclists.org/nmap-dev/2012/q2/34
 2012-05-27 08:53:32 +00:00
robert
bc73457e5f Updated the hash information in http-php-version to include PHP/5.4.1-5.4.3 and 5.3.11-5.3.13. 2012-05-13 08:43:50 +00:00
robert
a9d9983fd0 Updated the hash information to include PHP/5.4.0. 2012-04-19 15:01:27 +00:00
david
295152116e Add a link for PHP magic GUIDs. 2012-04-17 05:52:56 +00:00
robert
37d099c4f0 Added hash for PHP 5.3.9 and 5.3.10. 2012-02-04 16:24:43 +00:00
robert
9abdc958ed Added the new hash for PHP 5.3.7 and 5.3.8 credits and extended the elephant logo hash to include the new versions. PHP 5.3.7 contained a nasty bug (https://bugs.php.net/bug.php?id=55439) and was quickly replaced by 5.3.8 after a couple of days. 2011-09-04 14:41:53 +00:00
batrick
dc9a35bc9d New system for silent require errors. Use the new function 
stdnse.silent_require. The Lua require function is back in its usual spot
(_G.require).
 2011-06-13 23:38:35 +00:00
robert
7b27940ada Updated the hash information to include PHP/5.3.6 (released today). 2011-03-17 15:42:56 +00:00
robert
d50c58dcc1 Force a match against "^PHP/" (i.e. now with a trailing forward slash) to prevent the "Version from header" from incorrectly matching against the Set-Cookie header with the value "PHPSESSID". This should match PHP/2.x onwards; I'm not sure about earlier versions of PHP as I can't find any references. 
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.

We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
 2011-01-30 11:15:48 +00:00
robert
063e780e1f Updated the hash information to include PHP/5.2.17 (released yesterday). 2011-01-07 10:24:59 +00:00
robert
d8ddf59203 Updated the hash information to include PHP/5.3.5 (released today). 2011-01-06 15:39:35 +00:00
robert
c2305f23a5 Added hashes for PHP 5.2.15 and 5.2.16. 2010-12-26 13:48:06 +00:00
robert
eedd069c9e Added the new hash for PHP 5.3.4 credits and extended the elephant logo hash to include this new version. 2010-12-10 12:14:25 +00:00
robert
e43a866bea Tweaked the versions slightly (removed 4.3.1 from the bunny hash as it looks wrong and hasn't been corroborated), based on 0php.com data. 2010-11-30 09:25:04 +00:00
robert
a92eacec1d Added all missing PHP 5.x hashes and tidied up the output (grouped ranges and made it consistently use a dash). 
Hashes are now arranged in order, to make it easier to find manually.

For a list of all the PHP 5 hashes I generated see: http://seclists.org/nmap-dev/2010/q4/518
 2010-11-27 11:21:36 +00:00
robert
485ee4aded Added a new credits hash for PHP/5.2.2 based on testing with php-5.2.2-Win32.zip. 2010-11-24 15:51:39 +00:00
david
1766507ecf Add a new http-php-version.nse version from a server that said: 
X-Powered-By: PHP/5.1.6
 2010-11-17 22:05:04 +00:00
david
a314b5b7d7 Don't print unknown hashes in http-php-version.nse unless high verbosity 
is used, otherwise you get hashes printed for sites that don't even use
PHP. Patch by Ange Gutek.
 2010-08-16 16:09:56 +00:00
david
d5edc49016 Add patch from Ange Gutek and Tom Sellers to make http-php-version only 
consider responses with a 200 status.
 2010-08-10 19:54:30 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
fyodor
a03bbb206e Remove Ange's email address from http-php-version.nse to match what he uses in http-passwd.nse, ftp-libopie.nse, and ftp-anon.nse author fields (If he wants the email addresses, I'd be happy to put it in all four scripts--I'm just doing a little cleanup for consistency 2010-07-24 05:36:47 +00:00
david
bccb8ead89 Edit some script descriptions for better line breaks when rendered as 
PDF. Some long URLs were replaced by short redirects under
http://nmap.org/r/.
 2010-07-17 16:47:31 +00:00
david
c50c7a2c0b o Added http-php-version.nse from Gutek. This script retrieves 
version-specific pages through a couple of magic PHP queries, which
  can identify the PHP version even when a server doesn't advertise
  it.
 2010-06-18 22:12:17 +00:00