PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 22:21:29 +00:00
Code Issues Projects Releases Wiki Activity
7,941 Commits 2 Branches 0 Tags
02659c3de285f37cc45b64c764c855e77a9dfcd9
Commit Graph

1780 Commits

Author SHA1 Message Date
david
02659c3de2 Use version_port_or_service over port_or_service. 2012-12-30 00:39:30 +00:00
david
d24ab2d43c Make dns-nsec-enum and dns-nsec3-enum reference each other. 2012-12-29 15:25:41 +00:00
david
f5de2d9419 Restore UTF-8 in author field of murmur-version. 
There's a bug in NSEDoc that we should fix that causes
	Marin Maržić
to appear as
	Marin Maržić
in HTML output. It is wrongly assuming a one-byte encoding.

http://seclists.org/nmap-dev/2012/q4/477
 2012-12-18 04:36:09 +00:00
patrik
0587b3e0c4 nse_check_globals cleanup 2012-12-18 02:46:01 +00:00
dmiller
b3b3fa70e8 Fix broadcast-dropbox-listener not giving output 
The check for output using maxn was changed to use the # operator in
r23147, but the table was not an "array"-style table. Changed it to test
for next(ids) instead, which works.
 2012-12-17 23:34:35 +00:00
aca
d8dc00e0ed Merged mysql-enum from my dev branch 2012-12-17 15:59:35 +00:00
batrick
5edca6f97b Undo previous commits as http-slowloris-check.nse doesn't do a DOS attack like http-slowloris.nse. 
See http://seclists.org/nmap-dev/2012/q4/465
 2012-12-16 01:58:59 +00:00
batrick
02369ec7d9 update script.db for r30412 2012-12-16 00:23:22 +00:00
batrick
8b8e4e307e This script never ends and seeks to crash the web server... why was this categorized as safe?? 2012-12-16 00:18:13 +00:00
david
43f28b8f4a Add structured output to http-get.nse. 
This patch is by Alex Weber.
http://seclists.org/nmap-dev/2012/q4/434
 2012-12-13 04:16:01 +00:00
david
9083da3e53 Add link to Mumble protocol documentation. 2012-12-11 05:34:03 +00:00
david
59478987fa Change the output of murmur-version a bit. 2012-12-11 05:34:02 +00:00
david
eef7155ee1 Add murmur-version script from Marin Maržić. 
http://seclists.org/nmap-dev/2012/q4/408
 2012-12-11 05:34:01 +00:00
david
8f3165f7a6 Don't substitute nonprinting characters in http-git. 
NSE already escapes output everywhere. More importantly, the call to
gsub returns two values, which were being treated as structured output
and unstructured output. The second return value is an integer count of
substitutions, so what you would see in normal output was
|_http-git: 0
while what used to be normal output was going to XML.

Alex Weber noticed that the script was not working.
http://seclists.org/nmap-dev/2012/q4/397
 2012-12-08 10:22:55 +00:00
david
e78540e9a5 Fix regex in http-git. 
Patch by Alex Weber.
http://seclists.org/nmap-dev/2012/q4/397
 2012-12-08 10:22:54 +00:00
david
ec53dc049a Update with new mailing list addresses. 2012-12-06 02:23:34 +00:00
david
4c9a3ef4de Add multicast group name output to broadcast-igmp-discovery. 
Patch by Vasily Kulikov.
http://seclists.org/nmap-dev/2012/q4/350
 2012-11-29 19:58:30 +00:00
david
e262a5bb19 Add CPE to smb-os-discovery output. 2012-11-29 05:36:50 +00:00
david
21e953d489 Add cpe field to smb-os-discovery output. 2012-11-29 05:36:49 +00:00
david
db6825d319 Use smb.get_windows_version in smb-os-discovery. 2012-11-29 05:36:46 +00:00
paulino
dd6105588d Fixes bug when reading the initial base uri. These scripts were incorrectly setting "/" as the starting point. 2012-11-25 18:38:59 +00:00
fyodor
c58b302ee1 Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
fyodor
46e8ade6da fix another instance of same typo 2012-11-16 08:53:05 +00:00
fyodor
8ccf89b3ea fix a typo 2012-11-16 08:52:13 +00:00
fyodor
079e4c4c6a spell out EIGRP acronym 2012-11-16 02:07:06 +00:00
fyodor
0a9d569e42 Some more minor script description updates 2012-11-16 00:51:50 +00:00
fyodor
f13353a610 Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
fyodor
ff0f33288b Add author field to Patrik's bjnp-discover script 2012-11-15 21:17:17 +00:00
patrik
20555b7988 nse_check_globals cleanup 2012-11-12 03:49:35 +00:00
david
36e378155e Add @xmloutput to snmp-hh3c-logins. 2012-11-10 07:33:59 +00:00
david
54ad2eaede Add snmp-hh3c-logins by Kurt Grutzmacher. 
http://seclists.org/nmap-dev/2012/q4/155
 2012-11-08 07:37:48 +00:00
david
4c298e6e67 Add support for ECDSA to ssh-hostkey.nse. 
Patch by Adam Števko. http://seclists.org/nmap-dev/2012/q4/181
 2012-10-31 17:57:26 +00:00
robert
30fcbb260e Updated the hash information in http-php-version to include PHP/5.3.17, PHP/5.3.18, PHP/5.4.7 and PHP/5.4.8. 2012-10-22 20:26:43 +00:00
david
f26d82b3fc Update the status code name in smb-check-vulns. 
The checks for conficker and ms08_067 check for a specific status code
of 0x00000057, but do so by the name mapping to this value rather than
by value.

The name of this value was change from NT_STATUS_WERR_UNKNOWN_57 to
NT_STATUS_WERR_INVALID_PARAMETER in r24847, breaking these tests because
they were still searching for the "UNKNOWN_57" string.

This error was reported by Kit Peters.
http://seclists.org/nmap-dev/2012/q4/125
 2012-10-18 04:28:11 +00:00
david
3c87635ae8 Use nmap.new_socket in place of nmap:new_socket in smb-check-vulns.nse. 
Kit Peters reported the crash:
smb-check-vulns.nse:366: calling 'new_socket' on bad self (string expected, got table)

http://seclists.org/nmap-dev/2012/q4/124
 2012-10-18 03:47:22 +00:00
david
f8b8cd6b91 script-updatedb. 2012-10-18 03:18:08 +00:00
henri
b3361b56d0 Added HTTP status code 400 (Bad request) to the list of ignored codes in 
http-method-tamper.nse, which is the behavior of many servers (makes sense as
this is rather a client-side error).
 2012-10-12 12:25:45 +00:00
kroosec
3858d67874 Added check for excluded ports for rpc-grind.nse 2012-10-11 19:49:44 +00:00
patrik
121cc35de6 nse_check_globals cleanup 2012-10-07 12:54:31 +00:00
patrik
2e985da611 fixed bug "ORA-03146: Invalid buffer length for TTC field" 2012-10-07 09:10:59 +00:00
patrik
6cfa5aea0f o [NSE] Added oracle-brute-stealth which exploits CVE-2012-3137, a weakness 
in the Oracle O5LOGIN authentication scheme. [Dhiru Kholia]
 2012-10-06 19:59:45 +00:00
patrik
655f766445 reverted bad commits 2012-10-06 19:38:15 +00:00
patrik
10a34f626a Squashed commit of the following: 
commit 5de9e4fa623f88a9b48ef0704244ff843005573a
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sat Oct 6 21:19:08 2012 +0200

    Applied patch from Dhiru Kholia adding oracle-brute-stealth and needed changes

    reworked the patch slightly and added;
    - support for specifying account on command line
    - johnfile argument for writing hashes directly to file
 2012-10-06 19:25:13 +00:00
patrik
2e5a448aa5 Revert "Squashed commit of the following:" 
This reverts commit 71f5f22e79bdb44fffa14edd5d3ffa570efde8ed.
 2012-10-06 19:25:04 +00:00
david
52a4ae6e71 Fix wrong script id in oracle-enum-users error message. 
By Dhiru Kholia.
http://seclists.org/nmap-dev/2012/q4/1
 2012-10-01 21:54:47 +00:00
henri
f2bb268135 Added 404 detection checks to attempt to reduce false positives. 2012-09-25 12:07:59 +00:00
david
9a21b96b49 Let -e work in ipv6-ra-flood. NSEDoc fixes. 
Patch by Adam Števko.
 2012-09-24 04:33:15 +00:00
david
6b86535138 Use parse_timespec for ipv6-ra-flood.timeout argument. 2012-09-23 21:15:24 +00:00
david
40a2af0a84 Description and timeout argument for ipv6-ra-flood. 
Patch by Adam Števko.
 2012-09-23 21:15:22 +00:00
david
7ddb82d555 Remove nonexistent @output from ipv6-ra-flood.nse. 2012-09-22 16:54:31 +00:00