PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 01:19:03 +00:00
Code Issues Projects Releases Wiki Activity
10,675 Commits 2 Branches 0 Tags
1387f5c9dfd678a71d1c03aea2d27de69e45d64e
Commit Graph

10675 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
1387f5c9df Add a few localhost Windows fingerprints and sort 2016-09-26 04:54:10 +00:00
david
278ee23466 Expand HAProxy service match lines. 
These are not observed in the wild, but derived from source code, namely
http://git.haproxy.org/?p=haproxy.git;a=blob;f=src/proto_http.c;h=50e3d486ee4798ae8d329b7a78a23b8ba82cff68

There were already matches for status codes 403 and 503 (not counting
the 200 for the statistics page); this change adds codes 400, 401, 403,
405, 407, 408, 429, 500, 502, 503, and 504.

Additionally, I dug through the history back to about 2006 and found a
few places where the responses changed. The new possible version ranges
are (available ranges depend on the status code):
	< 1.3.1
	>= 1.3.1
	1.4.0 - 1.5.10
	< 1.5.0
	>= 1.5.0
	>= 1.5.10
	>= 1.6.0

http://seclists.org/nmap-dev/2016/q3/285
 2016-09-25 03:31:28 +00:00
dmiller
95e4c05fc4 Refactor TLS record/message parsing a bit to make it clearer. 2016-09-24 00:58:27 +00:00
dmiller
4290b983d4 Fix parsing of TLS heartbeat (not used for ssl-heartbleed.nse) 2016-09-24 00:58:26 +00:00
dmiller
e7baa4418b New DTLS service probe and match line. 2016-09-23 05:18:16 +00:00
dmiller
b61e92940e Fix a typo from debugging. 2016-09-23 02:24:57 +00:00
dmiller
e42fecfb89 Update lltd-discovery to Lua 5.3 string packing 2016-09-21 20:44:00 +00:00
dmiller
fb56c01177 Fix a typo in getopt option string causing ncat's -n to consume the next option. 2016-09-21 20:04:16 +00:00
dmiller
59003c255b Catch a few more config corruption issues. i18n for error messages 2016-09-21 15:17:34 +00:00
dmiller
91032d05dd Grab a more-complete Npcap version string 2016-09-21 05:19:25 +00:00
dmiller
6b64fc4753 Fix a bug in lltd-discovery, trying to pack binary data as a hex string 2016-09-21 03:55:13 +00:00
dmiller
9370f5bd5d Strip carriage returns (\r) from output to prevent spoofing 2016-09-21 03:55:12 +00:00
dmiller
d1fb502144 Fix some bad patterns with excessive backtracking 2016-09-21 03:55:11 +00:00
dmiller
da594ae5b8 Add services found in Alexa top 1m websites 2016-09-20 04:48:22 +00:00
paulino
7db0072047 Adds JBoss Seam Debug page. This page leaks critical information sometimes. 2016-09-19 21:32:10 +00:00
jah
c6c5939220 Comment-out the port spec test suite. 2016-09-19 09:25:18 +00:00
david
59cc2fe72a Avoid eating 'T' 'U' 'S' 'P' not followed by ':' in getpts. 
On reading 'T', 'U', 'S', or 'P', getpts_aux would unconditionally
consume the character before checking to see whether it was followed by
a ':'. You could insert 'T', 'U', 'S', or 'P' in several places and it
would just be ignored, which is different treatment than other letters
got.

Behavior before:
	nmap -p 9
	# scans port 9

	nmap -p discard
	# scans port 9

	nmap -p Tdiscard
	# scans port 9

	nmap -p T:Tdiscard
	# scans port 9

	nmap -p Tdi*ard
	# scans port 9

	nmap -p Xdiscard
	# Error #485: Your port specifications are illegal.  Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"

Behavior after:
	nmap -p 9
	# scans port 9

	nmap -p discard
	# scans port 9

	nmap -p Tdiscard
	# Error #485: Your port specifications are illegal.  Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"

	nmap -p T:Tdiscard
	# Error #485: Your port specifications are illegal.  Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"

	nmap -p Tdi*ard
	# Error #485: Your port specifications are illegal.  Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"

	nmap -p Xdiscard
	# Error #485: Your port specifications are illegal.  Example of proper form: "-100,200-1024,T:3000-4000,U:60000-"
 2016-09-18 20:42:56 +00:00
david
3a62c2dbc9 Fix typo in commented p-switch-test line. 
error: ‘struct scan_lists’ has no member named ‘stcp_count’
 2016-09-18 20:42:52 +00:00
dmiller
087fb7be04 Add X509v3 extension parsing to NSE's sslcert code. Show Subject Alternative Name. 2016-09-17 01:54:03 +00:00
dmiller
0bb1dc6dc2 Merge latest IANA services. Includes 446 previously-unknown services 2016-09-14 03:16:18 +00:00
dmiller
e6f45c41f7 Add a few more communities to snmpcommunities.lst 
Three sources:

1. all-caps PUBLIC and PRIVATE because community strings are
   case-sensitive
2. Cisco small-business switch backdoor SNMP community string
3. Phenoelit's Default Password List
 2016-09-14 03:16:17 +00:00
nnposter
4a2b034854 Tightens target_check in the fingerprint for Lantronix SLC 2016-09-14 02:16:00 +00:00
nnposter
52a88e0f21 Updates two fingerprints to support non-English sites 2016-09-14 01:51:22 +00:00
nnposter
0a5be207da Removes an obsolete import from http-default-accounts-fingerprints.lua 2016-09-12 23:59:09 +00:00
dmiller
c321830302 Protect inclusion of nmap_config.h, which is not present on Windows 2016-09-12 19:25:20 +00:00
dmiller
469f091d4d Protect inclusion of nmap_config.h, which is not present on Windows 2016-09-12 19:13:30 +00:00
nnposter
88f6ddc596 Corrects handling of empty pipelines, expressed as nil. Fixes #538 2016-09-12 16:14:33 +00:00
dmiller
6e75d69ee5 Artificial bump to CoAP and MQTT services 2016-09-12 13:09:10 +00:00
fyodor
8df35d4bcb Regenerated to reflect recent minor changes 2016-09-11 18:27:02 +00:00
dmiller
242f980ed8 Avoid deprecation and remove some unneeded OpenSSL version checks (proper way always worked) 2016-09-09 19:57:43 +00:00
dmiller
71b55dd7f8 Factor out some OpenSSL feature checks 
Instead of maintaining parallel blocks of code that do the same thing,
use preprocessor defines to unify the syntax. This way, functional
changes only need to happen in one place.
 2016-09-09 14:08:49 +00:00
dmiller
182bcf8c1c Add compatibility with LibreSSL. Closes #543 2016-09-09 14:08:48 +00:00
dmiller
f607178541 Fix calling Ndiff from Zenmap on OS X. http://seclists.org/nmap-dev/2016/q3/266 2016-09-09 00:53:45 +00:00
dmiller
0790885360 CoAP scripts, payloads, and service probe for CoAP by Mak Kolybabi 2016-09-08 21:19:55 +00:00
dmiller
3fcd3987d3 Claudiu's IPMI scripts from GSoC 2014 2016-09-08 17:30:40 +00:00
dmiller
df9f58f34e UDP payload and service probe for IPMI (ASF-RMCP) on port 623 2016-09-08 17:30:39 +00:00
dmiller
3c7fe1e452 Remove some unused functions 2016-09-08 13:31:24 +00:00
dmiller
dada772d5f Add missing mqtt.lua. #352 2016-09-07 21:03:49 +00:00
dmiller
83ea599122 Make unexpected test successes into failures. #369 2016-09-07 21:03:48 +00:00
dmiller
47ca082c8d New identity unittests from Mak Kolybabi (#369) 2016-09-07 21:03:47 +00:00
dmiller
d0ae7c2c9a Oops! Missed the actual script. #352 2016-09-07 20:16:20 +00:00
dmiller
ee97c8f2a9 New MQTT script and library. Closes #352 2016-09-07 20:01:47 +00:00
dmiller
7e002ec389 Add some missing libraries to unittest.lua 2016-09-07 20:01:45 +00:00
dmiller
0edbf3f073 Tridium Fox script, probes, sslports. 2016-09-07 03:49:31 +00:00
dmiller
577dc6fe1e Move include nbase.h (defines HAVE_NETDB_H) above check for HAVE_NETDB_H 2016-09-06 18:14:58 +00:00
dmiller
bace81fa5c Add check for stdint.h needed by nse_utility.h 2016-09-06 18:14:57 +00:00
dmiller
85e6ebc64e Fix EC cert handling. Fixes #541 2016-09-06 16:36:30 +00:00
dmiller
916647d375 New probe and matchline for ProConOS 2016-09-06 16:36:29 +00:00
d33tah
12f5d91092 Fix a typo: firmward => firmware 2016-09-06 15:09:43 +00:00
dmiller
14de59e6e5 New script: pcworx-info 2016-09-06 04:27:47 +00:00