PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-18 04:19:00 +00:00
Code Issues Projects Releases Wiki Activity
10,503 Commits 2 Branches 0 Tags
1aa7958e23efa40d63c6e4359e24cdebd4cda171
Commit Graph

10503 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tudor
1aa7958e23 Added IOCP integration for Nsock 2016-08-09 12:44:55 +00:00
tudor
3ba4a87c75 o.ping_group_sz can be increased above 4096 with a higher --min-hostgroup value, calls to target_needs_new_hostgroup limited as much as possible 2016-08-09 06:12:17 +00:00
tudor
7c0280382e incompleteHosts and completedHosts are now sets, matching a packet to a target is done faster 2016-08-09 06:07:22 +00:00
tudor
5d942ab1bd Fixed a compiler warning 2016-08-07 16:57:32 +00:00
tudor
c860732097 Limited unnecessary calls to alloc_vsprintf 2016-08-07 16:19:53 +00:00
tudor
78435476df Certain variables are now unsigned int instead of int to accommodate full internet scans 2016-08-07 16:05:47 +00:00
tudor
89e4901d49 Simple fix that improves accuracy a lot during the host discovery phase 2016-08-07 14:56:46 +00:00
dmiller
3ed18dc0fa Process 107 service fingerprints 2016-08-06 03:40:01 +00:00
dmiller
a26d0cb718 Process 85 service fingerprints 2016-08-04 19:33:18 +00:00
dmiller
d30b3c36a8 Silence ASan warning due to definition of container_of in tests. Same as r32536 2016-08-03 18:29:56 +00:00
batrick
71e3c76f95 use dynamic upval count to allow easy changes 2016-08-03 01:28:10 +00:00
vincent
ce5231a120 Correct pkg order and add background to the mpkg installer 2016-08-02 16:29:02 +00:00
vincent
1bc77e3394 Make scripts executable 2016-08-02 15:46:04 +00:00
vincent
ace4e2c5bc Modify Makefile to call the DMG creator and checker scripts 2016-08-02 15:20:22 +00:00
vincent
22afa27b24 Add DMG creator and checker scripts 2016-08-02 15:16:14 +00:00
vincent
efae235cc5 Add background DMG image / design 2016-08-02 15:13:31 +00:00
vincent
3bbd85b38d Correct bad fix for silencing compiler warning (overloaded functions) 2016-08-02 13:47:45 +00:00
vincent
a2b5a1a5f9 Check for EVP_PKEY_get1_EC_KEY(), based on @jer-gentoo's work 2016-08-02 12:20:06 +00:00
vincent
c4c93166f1 Correct usage of RSA_get0_key according to OpenSSL version 2016-08-02 11:55:04 +00:00
vincent
107f4f2e9b Correct problem 2016-08-02 11:47:04 +00:00
vincent
2080807052 Correct qualifiers for arguments of RSA_get0_key, by gvanem 2016-08-02 11:38:52 +00:00
fyodor
e398e6f1f2 Add missing rarity level to kumo-server probe as suggested by xbguo at http://seclists.org/nmap-dev/2016/q3/78 2016-08-01 21:37:11 +00:00
vincent
bd1108c442 Update CHANGELOG for OpenSSL 1.1.0-pre5 and previous versions 2016-08-01 09:41:58 +00:00
vincent
aedd25c3a2 Add compatibility with OpenSSL 1.1.0 pre5 and previous versions 
Add some checks to know which OpenSSL version is used, to be sure
the code follows the syntax of the version used (including 1.1.0).
 2016-08-01 09:34:56 +00:00
dmiller
8c8e4a08c6 Be clearer about npf/npcap service status in Nping, just like r36061. Fixes #485 2016-08-01 04:43:33 +00:00
dmiller
3db511e83d Consolidate warnings about npf service, avoid starting if --unprivileged. Fixes #465 2016-07-31 19:26:39 +00:00
dmiller
28bd96b82e Reorder checks and libs to fix building when OpenSSL requires -ldl 2016-07-31 13:57:01 +00:00
paulino
26bec9be41 Fixes incorrect argument name in documentation 2016-07-30 21:58:56 +00:00
dmiller
b8fb5be8a1 Sanity check on IPv6 addresses: they must be 128 bits or less 2016-07-30 03:54:01 +00:00
dmiller
74cade6f39 Avoid some theoretical null pointer derefs 2016-07-30 03:54:00 +00:00
dmiller
7f6595112d Better use of configured flags when building Nsock tests 2016-07-30 03:53:59 +00:00
dmiller
56f3573609 Fix interaction of --ssl --exec --max-conns 2016-07-30 00:13:18 +00:00
dmiller
dbbc420d99 Avoid 1-byte buffer overflow due to not allocating for null terminator 2016-07-30 00:13:17 +00:00
nnposter
367dc67f5a Re-wrapped description output in script ssl-poodle. Fixes #481 2016-07-29 21:47:27 +00:00
nnposter
b9c4c12462 Re-wrapped description output in script ssl-dh-params. Fixes #476 2016-07-29 16:50:32 +00:00
dmiller
0b8b1097ab Changelog entry for bounce scan changes 2016-07-29 16:24:00 +00:00
dmiller
228794974a Adjust indentation for clarity 2016-07-29 16:23:59 +00:00
dmiller
181599884b Bounce scan: handle timed-out LIST by sending ABOR and clearing recv buffer 2016-07-29 15:50:49 +00:00
dmiller
09eef559c3 Bounce scan: avoid array overrun (read) by checking index instead 2016-07-29 15:50:48 +00:00
dmiller
b6dfce6217 Bounce scan: don't claim privileged ports are unsupported if one succeeded previously 2016-07-29 15:50:47 +00:00
dmiller
204962648c Bounce scan: detect no-password-needed logon 2016-07-29 15:50:47 +00:00
dmiller
bb9d03269c Fix bin.pack('H') to allow whitespace, force crash on non-hex chars 2016-07-28 18:51:40 +00:00
dmiller
8b18e348db Avoid array overrun with -PO when probes time out 2016-07-28 16:19:49 +00:00
dmiller
5d726c7733 Handle ICMPv6 packets without a body 
Two issues here: First, IP protocol scan can send packets with protocol
58 (ICMPv6) even over IPv4. This led to a bad interaction where the
packet was created (in build_protoscan_packet) without a data payload,
but setIP tried to set the packet's Identifier field (present in both
ICMPv6 and ICMP Echo Request packets), leading to a heap buffer
overflow. Instead, we now only try to set this identifier when the IP
version matches the ICMP version, indicating that we set the data
payload.

The other issue was a out-of-bounds read while packet tracing when an
ICMPv6 packet without a payload was sent or received, due to trying to
read the type and code. Now we check that the data length is sufficient
to contain an ICMPv6 header before attempting to read one.

Credit LLVM/Clang's AddressSanitizer with catching these bugs.
 2016-07-28 05:11:35 +00:00
dmiller
2e05009ff7 Avoid undefined behavior of shifting over the sign bit by declaring unsigned literal 2016-07-28 05:11:34 +00:00
dmiller
4486148760 Remove an unnecessary debug statement from development 2016-07-28 05:11:33 +00:00
dmiller
d78f924635 Process 61 service fingerprints 2016-07-28 01:26:31 +00:00
dmiller
7aed1fd2ab Partially revert r36038: EC support only missing on RHEL 2016-07-27 20:35:00 +00:00
dmiller
3611aa0a6e Fix building on OpenSSL 1.0.1 and earlier due to missing EC crypto 2016-07-27 20:28:46 +00:00
dmiller
85dd7e6ac1 Fix a potential buffer overrun due to sscanf using the wrong field width 2016-07-27 20:11:27 +00:00