PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-30 19:39:07 +00:00
Code Issues Projects Releases Wiki Activity
6,144 Commits 2 Branches 0 Tags
01ccd79c34e093cd23f0553cf0e20a6e0d51c860
Commit Graph

6144 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
patrik
01ccd79c34 o Added a probe for Sybase SQL Anywhere. [Patrik] 2011-11-20 11:03:06 +00:00
fyodor
3eecc35627 note some done things 2011-11-18 23:09:29 +00:00
henri
77465c37df Proper method call with ":" instead of "." 
This fixes broadcast-listener.nse failure:
/home/henri/nmap/nselib/packet.lua:521: attempt to index local 'self' (a number value)
 2011-11-18 15:42:09 +00:00
patrik
9b2d03d633 o [NSE] Added maxdb-info script that tries to enumerate version and database 
information from a SAP MaxDB database [Patrik]
 2011-11-17 22:12:59 +00:00
patrik
4c0ed27d89 o [NSE] Added nexpose-brute a script that performs password auditing against 
the Nexpose vulnerability scanner. [Vlatko Kosturjak]
 2011-11-17 19:46:42 +00:00
patrik
4b64da4f14 o [NSE] Added http-vuln-cve2011-3368 a script that attempts to detect whether 
the remote web server is vulnerable to the Apache reverse proxy bypass
  vulnerability CVE-2011-3368. [Ange Gutek, Patrik]
 2011-11-17 19:33:19 +00:00
david
e52cb742b8 On second thought restore README-EXTERNALS. 
My test checkout seemed to update all the way to the latest revision
before complaining about the former external directories, so
README-EXTERNALS was already gone. We'll leave it in place while it's
still likely to be causing people trouble.
 2011-11-16 21:54:09 +00:00
david
1791bdaca4 Remove README-EXTERNALS. 2011-11-16 21:50:09 +00:00
david
ed2ba4e168 Copy nping, nsock, nbase, zenmap, ncat from their homes in /. 
If you have trouble updating after this revision you need to follow
these instructions. You have probably just seen an error like this:

svn: URL 'svn://svn.insecure.org/nping' of existing directory 'nping'
does not match expected URL 'svn://svn.insecure.org/nmap/nping'

This is caused by the replacement of SVN externals.

Here's what you need to do. First, save any local changes you might have
in the nping, nsock, nbase, ncat, and zenmap directories. (For example
by running "cd nping; svn diff > ../nping.diff".) If you don't have any
local changes you can skip this step.

Then run these commands:

rm -rf nping/ nsock/ nbase/ ncat/ zenmap/
svn update
svn cleanup

If all else fails, you can just delete your whole working directory and
check out anew:

svn co --username guest --password "" svn://svn.insecure.org/nmap

There may be further discussion in the mailing list thread at
http://seclists.org/nmap-dev/2011/q4/303.
 2011-11-16 21:49:44 +00:00
david
4dabecf3b8 Remove externals. 2011-11-16 21:48:10 +00:00
david
ed961420a4 Add README-EXTERNALS with instructions for fixing checkouts after the 
impending externals merge.
 2011-11-16 21:47:23 +00:00
fyodor
308650bbdb Update version num, sort nmap-os-db, etc. 2011-11-14 22:23:24 +00:00
patrik
8728f181d2 Reverting commit r27082 due to incompatibility with Lua 5.2 [Patrik] 2011-11-13 13:11:39 +00:00
patrik
776a11146e Added code to brute library that picks up the executing SCRIPT_NAME using getfenv [Patrik] 2011-11-13 12:56:29 +00:00
patrik
4edf096715 o [NSE] Added new functionality and fixed some bugs in the brute library: 
- Added support for restricting the amount of guesses performed by the
    brute library against users, to prevent account lockouts.
  - Added support to guess the username as password as incorrectly
    suggested as default behavior by the documentation.
  - Added support to guess an empty string as password if not present
    in the dictionary. [Patrik]
 2011-11-13 09:51:15 +00:00
david
f235c4c071 FPmodel -> FPModel for uniformity. 2011-11-12 10:06:21 +00:00
david
7d638997db Regen FPmodel. 2011-11-12 06:00:56 +00:00
fyodor
20105cb903 Removed the note that Nmap always useses its included libpcap in preference to system installed one on Linux. I did a quick scan of configure.ac and pcap_is_suitable in acinclude.m4 and I don't think that is still true. 2011-11-11 22:45:30 +00:00
patrik
2db31ad9f5 o Added a probe for the MongoDB service [Martin Holst Swende] 2011-11-11 20:29:55 +00:00
patrik
ceb89b459f Removed e-mail address from author variable in rtsp-methods and irc-brute 
[Patrik]
 2011-11-11 15:31:50 +00:00
patrik
a8f57064fd o Added a probe for the Metasploit XMLRPC service [Vlatko Kosturjak] 2011-11-11 06:42:01 +00:00
patrik
1aa3e7c456 o [NSE] Re-enabled support for guessing the username in addition to password 
that was incorrectly removed from the metasploit-xmlrpc-brute in previous
  commit. [Patrik]
 2011-11-11 05:52:52 +00:00
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
77380bd9b0 o [NSE] Fixed bug that would prevent brute scripts from running if no service 
field was present in the port table. [Patrik]
 2011-11-10 20:42:47 +00:00
david
5698259a1b sv-tidy softmatch lines too. 2011-11-10 07:02:43 +00:00
david
110e9421cc sv-tidy nmap-service-probes. 
This is a new program to tidy/canonicalize nmap-service-probes. It did
this:
 * Removed excess whitespace.
 * Sorted templates in the order m p v i d o h cpe:.
 * Canonicalized template delimiters in the order / | % = @ #.
 2011-11-10 06:57:27 +00:00
david
7586073399 Add service match for Oracle OVM Manager. 2011-11-10 03:13:57 +00:00
patrik
0fa0ef41d5 Added missing usage and output documentation [Patrik] 2011-11-09 19:15:17 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
djalal
8a175d127d o [NSE] added a debug message in the prerule to show that some arguments are missing. 2011-11-09 12:39:01 +00:00
djalal
5ea6fe675d o [NSE] check script arguments in the prerule to avoid running the script if they are missing. 2011-11-09 12:31:48 +00:00
djalal
99781655ae o [NSE] Add a final note in the output about the 'newtargets' usage. 2011-11-09 12:29:14 +00:00
djalal
4cee81e323 o Check the 'resolveall.hosts' script argument in the prerule function to 
avoid loading the script if it is missing.
o Show all the returned IP addresses by default even if the 'newtargets'
  script argument was specified.
 2011-11-09 12:21:20 +00:00
djalal
5ac9edb7e1 Fix the vulnerability CVE ID in the documentation. 2011-11-09 10:21:08 +00:00
djalal
08b1160c87 Updated some of the vulnerability scripts to use the new vulnerability library. 2011-11-09 10:08:19 +00:00
david
4757dadd11 Add irc-botnet-channels.nse. 2011-11-09 01:42:03 +00:00
david
7c64868741 Fix logic errors in comm.opencon when data is not supplied. 
It looks like this code never worked, because the debug message was
using a nonexistent function (nsedebug.print_debug).
 2011-11-09 01:41:34 +00:00
patrik
465594fa87 o [NSE] Added the http-method-tamper script that detects authentication bypass 
vulnerabilities using the http HEAD method as reported in CVE-2010-738.
  [Hani Benhabiles]
 2011-11-08 21:18:22 +00:00
david
fddfd9b0e6 Use promiscuous mode in targets-sniffer.nse. 2011-11-08 16:10:35 +00:00
david
ab447ef92c CHANGELOG for Hadoop and HBase scripts. 2011-11-08 16:00:18 +00:00
david
ce9ac426e3 New Hadoop and HBase scripts by John Bond: 
hadoop-datanode-info.nse
hadoop-jobtracker-info.nse
hadoop-namenode-info.nse
hadoop-secondary-namenode-info.nse
hadoop-tasktracker-info.nse
hbase-master-info.nse
hbase-region-info.nse
 2011-11-08 16:00:16 +00:00
henri
f181470fac Whitespace fixes: removed trailing whitespaces, always use tabs for indentation. 2011-11-07 21:32:43 +00:00
patrik
b66a4849c4 o [NSE] Modified the http library to support servers that don't return valid 
chunked encoded data, such as the Citrix XML service. [Patrik]
 2011-11-07 06:04:13 +00:00
fyodor
03a75885e7 Minor rewording 2011-11-07 06:00:07 +00:00
fyodor
c12d343ccc fix a typo 2011-11-07 04:51:42 +00:00
fyodor
f73e2b27d1 Update and canonicalize a bunch of script descriptions 2011-11-07 04:08:29 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
dd32e88b66 o [NSE] Added brute scripts rlogin-brute and rexec-brute for the rlogin and 
rexec services [Patrik]
 2011-11-04 21:17:33 +00:00
patrik
fb3b019de4 Fixed small NSEDOC error in xmpp-brute.nse [Patrik] 2011-11-02 19:20:19 +00:00