PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 05:31:31 +00:00
Code Issues Projects Releases Wiki Activity
6,322 Commits 2 Branches 0 Tags
20575e01b92192a37293a1ce0137a16103661295
Commit Graph

18 Commits

Author SHA1 Message Date
robert
9abdc958ed Added the new hash for PHP 5.3.7 and 5.3.8 credits and extended the elephant logo hash to include the new versions. PHP 5.3.7 contained a nasty bug (https://bugs.php.net/bug.php?id=55439) and was quickly replaced by 5.3.8 after a couple of days. 2011-09-04 14:41:53 +00:00
batrick
dc9a35bc9d New system for silent require errors. Use the new function 
stdnse.silent_require. The Lua require function is back in its usual spot
(_G.require).
 2011-06-13 23:38:35 +00:00
robert
7b27940ada Updated the hash information to include PHP/5.3.6 (released today). 2011-03-17 15:42:56 +00:00
robert
d50c58dcc1 Force a match against "^PHP/" (i.e. now with a trailing forward slash) to prevent the "Version from header" from incorrectly matching against the Set-Cookie header with the value "PHPSESSID". This should match PHP/2.x onwards; I'm not sure about earlier versions of PHP as I can't find any references. 
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.

We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
 2011-01-30 11:15:48 +00:00
robert
063e780e1f Updated the hash information to include PHP/5.2.17 (released yesterday). 2011-01-07 10:24:59 +00:00
robert
d8ddf59203 Updated the hash information to include PHP/5.3.5 (released today). 2011-01-06 15:39:35 +00:00
robert
c2305f23a5 Added hashes for PHP 5.2.15 and 5.2.16. 2010-12-26 13:48:06 +00:00
robert
eedd069c9e Added the new hash for PHP 5.3.4 credits and extended the elephant logo hash to include this new version. 2010-12-10 12:14:25 +00:00
robert
e43a866bea Tweaked the versions slightly (removed 4.3.1 from the bunny hash as it looks wrong and hasn't been corroborated), based on 0php.com data. 2010-11-30 09:25:04 +00:00
robert
a92eacec1d Added all missing PHP 5.x hashes and tidied up the output (grouped ranges and made it consistently use a dash). 
Hashes are now arranged in order, to make it easier to find manually.

For a list of all the PHP 5 hashes I generated see: http://seclists.org/nmap-dev/2010/q4/518
 2010-11-27 11:21:36 +00:00
robert
485ee4aded Added a new credits hash for PHP/5.2.2 based on testing with php-5.2.2-Win32.zip. 2010-11-24 15:51:39 +00:00
david
1766507ecf Add a new http-php-version.nse version from a server that said: 
X-Powered-By: PHP/5.1.6
 2010-11-17 22:05:04 +00:00
david
a314b5b7d7 Don't print unknown hashes in http-php-version.nse unless high verbosity 
is used, otherwise you get hashes printed for sites that don't even use
PHP. Patch by Ange Gutek.
 2010-08-16 16:09:56 +00:00
david
d5edc49016 Add patch from Ange Gutek and Tom Sellers to make http-php-version only 
consider responses with a 200 status.
 2010-08-10 19:54:30 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
fyodor
a03bbb206e Remove Ange's email address from http-php-version.nse to match what he uses in http-passwd.nse, ftp-libopie.nse, and ftp-anon.nse author fields (If he wants the email addresses, I'd be happy to put it in all four scripts--I'm just doing a little cleanup for consistency 2010-07-24 05:36:47 +00:00
david
bccb8ead89 Edit some script descriptions for better line breaks when rendered as 
PDF. Some long URLs were replaced by short redirects under
http://nmap.org/r/.
 2010-07-17 16:47:31 +00:00
david
c50c7a2c0b o Added http-php-version.nse from Gutek. This script retrieves 
version-specific pages through a couple of magic PHP queries, which
  can identify the PHP version even when a server doesn't advertise
  it.
 2010-06-18 22:12:17 +00:00