PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-25 17:09:02 +00:00
Code Issues Projects Releases Wiki Activity
6,322 Commits 2 Branches 0 Tags
20575e01b92192a37293a1ce0137a16103661295
Commit Graph

747 Commits

Author SHA1 Message Date
patrik
20575e01b9 Fixed bug that would prevent brute library from stopping to guess passwords 
for an account, even when the correct password was found. [Patrik]
 2011-12-30 20:14:48 +00:00
patrik
9ff471d906 o [NSE] Removed DoS code from dhcp-discover and placed it into the discover and 
safe categories. Added support for adding options to DHCP requests in the
  dhcp library. [Patrik]
 2011-12-29 08:07:26 +00:00
patrik
a4e6a82b00 Cleaned up code and removed interface from functions dhcp_send and 
make_request as it was not used. Added WPAD action. [Patrik]
 2011-12-28 21:17:31 +00:00
patrik
07e0426629 o [NSE] Changed the dhcp-discover script to use the DHCPINFORM request to query 
dhcp servers instead of DHCPDISCOVER. Cleaned up some code in the DHCP
  library. [Patrik]
 2011-12-27 18:48:34 +00:00
patrik
bb7d5a526f o [NSE] Added script dns-blacklist that performs DNSBL checks of given or 
scanned IP addresses against multiple DNSBL services. [Patrik]
 2011-12-26 14:22:25 +00:00
patrik
bd1b7dfaad o [NSE] Applied patch to http-fingerprints adding support for identifying DCVS 
systems Git, Mercurial and Bazaar. [Hani Benhabiles]
 2011-12-25 21:57:11 +00:00
patrik
068c6273ec o [NSE] Applied some code cleanup to the snmp library. [Brendan Byrd] 2011-12-25 20:48:17 +00:00
patrik
f93b31373a o [NSE] Fixed bug in the http library that would fail parsing authentication 
headers if no parameters were present. [Patrik]
 2011-12-19 18:35:32 +00:00
patrik
215f697171 o Added new fingerprints to http-enum for Subversion, CVS and Apache Archiva 
[Duarte Silva]
 2011-12-18 19:11:24 +00:00
patrik
156e89c597 Fixed a bug that would incorrectly parse the url scheme [Patrik] 2011-12-17 19:45:48 +00:00
patrik
31803a37f9 o [NSE] Minor change to vuzedht library to fix a bug that failed nsedoc from 
building properly. [Patrik]
 2011-12-13 21:26:19 +00:00
patrik
4214307364 o [NSE] Added the script http-grep that attempts to match web pages and urls 
against a given pattern. [Patrik]
 2011-12-11 19:44:26 +00:00
patrik
74b53a6a14 o [NSE] Added stop function to crawler so that scripts can properly shutdown 
the crawler in case they want to end early. [Patrik]
 2011-12-11 10:59:35 +00:00
patrik
8254da793e o [NSE] Added getLimitations function to httpspider that returns any 
limitations imposed on the crawler. [Patrik]
 2011-12-10 10:11:56 +00:00
patrik
e20a1b5174 o [NSE] Modified the httpspider library to prefetch links in the queue and 
change how script arguments are processed. Script and library arguments are
  now processed from within the library. [Patrik]
 2011-12-09 15:48:19 +00:00
patrik
682a9a746b o [NSE] Added a new httpspider library and the script http-email-harvest that 
collects e-mail addresses by spidering a website. [Patrik]
 2011-12-06 22:47:11 +00:00
patrik
34db78528a o [NSE] Added support for detecting whether a http connection was established 
using SSL or not by the http.lua library [Patrik]
 2011-12-06 22:24:58 +00:00
patrik
acb1455874 o [NSE] Applied patch that replaces a number of GET requests to HEAD in http- 
fingerprints.lua where no matching was performed on the returned contents.
  [Hani Benhabiles]
 2011-12-06 15:57:21 +00:00
patrik
171c917b37 o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The 
script connects to a Vuze node and gets protocol, vendor and network
  information. [Patrik]
 2011-12-03 09:18:58 +00:00
david
46bcc85069 Add some more JBoss fingerprints. 
These are from a talk I saw recently (page 19).
http://www.matasano.com/research/OWASP3011_Luca.pdf
 2011-12-02 19:28:54 +00:00
henri
77465c37df Proper method call with ":" instead of "." 
This fixes broadcast-listener.nse failure:
/home/henri/nmap/nselib/packet.lua:521: attempt to index local 'self' (a number value)
 2011-11-18 15:42:09 +00:00
patrik
8728f181d2 Reverting commit r27082 due to incompatibility with Lua 5.2 [Patrik] 2011-11-13 13:11:39 +00:00
patrik
776a11146e Added code to brute library that picks up the executing SCRIPT_NAME using getfenv [Patrik] 2011-11-13 12:56:29 +00:00
patrik
4edf096715 o [NSE] Added new functionality and fixed some bugs in the brute library: 
- Added support for restricting the amount of guesses performed by the
    brute library against users, to prevent account lockouts.
  - Added support to guess the username as password as incorrectly
    suggested as default behavior by the documentation.
  - Added support to guess an empty string as password if not present
    in the dictionary. [Patrik]
 2011-11-13 09:51:15 +00:00
patrik
77380bd9b0 o [NSE] Fixed bug that would prevent brute scripts from running if no service 
field was present in the port table. [Patrik]
 2011-11-10 20:42:47 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
david
7c64868741 Fix logic errors in comm.opencon when data is not supplied. 
It looks like this code never worked, because the debug message was
using a nonexistent function (nsedebug.print_debug).
 2011-11-09 01:41:34 +00:00
patrik
b66a4849c4 o [NSE] Modified the http library to support servers that don't return valid 
chunked encoded data, such as the Citrix XML service. [Patrik]
 2011-11-07 06:04:13 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
cbf71a1668 o [NSE] Fixed a bug where the brute library would not abort even after all 
retries were exhausted [Patrik]
 2011-11-02 09:48:33 +00:00
tomsellers
41145a414c Added support for the LDAP extensibleMatch filter to ldap.lua. LDAP searches using this take the following format: 
attributename:ruleOID:=value

for example the following finds AD Domain controllers:

(userAccountControl:1.2.840.113556.1.4.803:=8192)

Also added the above as a quickfilter (ad_dcs) to ldap-search.nse to serve as a code example.

Added documentation to explain the values used in some field.
 2011-10-31 00:27:03 +00:00
david
ef5dfd8479 Compress strings of zeros in packet.toipv6. 
I do this just by passing the uncompressed names through nmap.resolve.

Before:
fe80:0000:0000:0000:0000:0000:0000:0001, 2001:0470:1f05:155e:0000:0000:0000:0003
After:
fe80::1, 2001:470:1f05:155e::3
 2011-10-29 19:40:19 +00:00
david
622e2e08a7 Standardize on ip6_nhdr in packet.lua. 
Some places were using ip6_nxt_hdr and some were using ip6_nhdr.
ip6_nhdr seemed to be the prevailing usage.
 2011-10-29 19:40:14 +00:00
tomsellers
bca60ba8de Added support for LDAP substring searches to ldap.lua. These can now be performed alone or in conjunction with other LDAP query types. 
Added a new quick filter (qfilter) to ldap-search.nse that allows the user to specify, on the command line, an attribute and corresponding value to search the LDAP directory for.  The use of the asterisk '*' as a wildcard is permitted in the value parameter.

Updated asn1.lua with some minor notes on a hex value that was used.
 2011-10-29 10:18:52 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
patrik
188209bc62 o [NSE] Fixed an error in the mssql library that was causing the 
broadcast-ms-sql-discover script to fail when trying to update port version
  information. [Patrik]
 2011-10-24 16:42:02 +00:00
djalal
0d6051880b o [NSE] Added a vulnerability management library (vulns.lua) to store and to 
report discovered vulnerabilities.
 2011-10-22 08:40:08 +00:00
patrik
33333da283 Added a new function setStopOnError to the ASN1 library. The function allows 
the library to be set to a mode that will stop trying to decode a ASN1
structure as soon as it runs into a decoding error. [Patrik]
 2011-10-20 02:44:20 +00:00
patrik
005322c8d4 o [NSE] Added a new script http-put.nse that allows uploading of local files 
to remote web servers using the HTTP PUT method. Added HTTP PUT support to
  the http library. [Patrik]
 2011-10-20 02:32:51 +00:00
patrik
c5ee5ec365 o [NSE] Applied patch that fixes a nil table index bug discovered in the 
mongodb library. [Thomas Buchanan]
 2011-10-18 20:38:50 +00:00
patrik
68646bd590 Applied marshalling patch from Chris Woodbury to TNS library 
http://seclists.org/nmap-dev/2011/q4/29
 2011-10-07 01:32:01 +00:00
david
15d0871a5a Add XMPP support to ssl-cert by Vasiliy Kulikov. 2011-10-04 19:32:45 +00:00
paulino
859e35bc2e Adds entry for Easy Hosting Control Panel. There are a lot of vulnerable installations and an auth bypass vulnerability: 
http://www.1337day.com/exploits/17010
 2011-10-04 07:46:16 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
43180f6154 Add amqp-info by Sebastian Dragomir. 2011-10-03 18:04:18 +00:00
henri
b7df13296e Fix a bug in dns.lua: ensure that dns.query() always return two values (status and response). 
Update asn-query.nse accordingly.
 2011-09-22 18:00:44 +00:00
batrick
2511cd1d2a fixed wrong (global) variable name 2011-09-16 18:33:52 +00:00
david
44fcc2f455 ssl-enum-ciphers update for cipher strength from Gabriel Lawrence. 2011-09-14 17:57:47 +00:00
djalal
0b20e734b4 Define 'State.DISABLED_VALID' value. 2011-09-12 14:21:21 +00:00
tomsellers
4e87a1df42 Added string for .PARAM account status, this will be useful later. 2011-09-11 21:28:28 +00:00