PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 21:49:01 +00:00
Code Issues Projects Releases Wiki Activity
6,322 Commits 2 Branches 0 Tags
20575e01b92192a37293a1ce0137a16103661295
Commit Graph

1287 Commits

Author SHA1 Message Date
david
87ee8343f3 Provide a new nsock_setup_udp function to create a UDP socket without connecting it. Provide an NSE interface to the function. Add broadcast.nse, a script that receives UDP broadcasts with an unconnected socket. 2010-10-01 06:26:22 +00:00
djalal
9c132cd72f Remove unused variable. 2010-09-30 19:00:25 +00:00
david
60636135a2 Fix whitespace in dns-zone-transfer.nse. 2010-09-30 17:05:12 +00:00
david
e7fc9c4c5f Change " \n" to just "\n" where appropriate in NSE. Leading newlines are 
no longer removed from script output.
 2010-09-30 05:03:39 +00:00
david
ae9c5d6922 Use args of the form dns-zone-transfer.domain instead of dnszonetransfer.domain 
in dns-zone-transfer.nse. Keep the old forms as undocumented aliases.
 2010-09-29 18:57:07 +00:00
kris
ede2a10048 remove a stale comment 2010-09-29 02:07:41 +00:00
david
da5a9ecc52 Fix some whitespace. 2010-09-28 22:30:48 +00:00
david
7dcd478487 Put nat-pmp-info.nse in the "default" category. Let the portrule match 
the service "nat-pmp". Set the service name "nat-pmp" on success.
 2010-09-28 22:30:18 +00:00
patrik
0ef84cf443 o [NSE] Added nat-pmp-info script that uses the nat-pmp service to 
discover the external IP address of a router. [Patrik]
 2010-09-28 19:43:06 +00:00
david
956688774a Add the ability to send UDP probes to firewalk.nse. Patch by Henri Doreau. 2010-09-28 03:25:22 +00:00
kris
f4286b0c80 Adding prerule support to snmp-interfaces.nse and the ability to add the 
target host's interface addresses to Nmap's scanning queue.
 2010-09-28 02:33:52 +00:00
kris
29e6257541 Add the resolveall prerule script which takes a table of hosts and adds the 
resolved addresses to Nmap's target queue.
 2010-09-28 02:04:20 +00:00
david
d98e9b9225 Add tests with query strings and null bytes to http-passwd.nse. This patch is 
from Ange Gutek.
 2010-09-27 18:58:38 +00:00
david
602a40c2b0 Fix a syntax error caused by reordering array entries. 2010-09-27 18:56:23 +00:00
david
cd5f41fc91 Add some more payloads to http-passwd.nse (with comments explaining which 
servers they affect). Fix a pattern. Patch by Ange Gutek.
 2010-09-27 18:10:46 +00:00
david
52d1590c84 Add the script argument http-brute.method. This is so you can do 
http-brute.method=POST instead of having GET hardcoded in the script.
 2010-09-27 01:23:37 +00:00
ron
cfd0aaeabc Fixed a bug where a ternary operator meant to prevent a nil pointer exception was outside of a math.floor() call, making it totally worthless. I moved the math.floor() outside the operation, fixing it. 2010-09-24 01:33:01 +00:00
ron
3bc39efc4b Lots of little bugfixes throughout several smb scripts, mostly related to bad use of global variables 2010-09-24 00:31:12 +00:00
david
ed48818666 Remove the restriction to one thread in http-brute.lua, as the worker thread 
bug that required it has been fixed.
 2010-09-23 16:33:02 +00:00
david
15b5df36ff Add missing <code> tags. 2010-09-21 17:31:17 +00:00
david
0c8460e841 Put <code> tags around an option name. 2010-09-21 17:12:27 +00:00
kris
fa858e041b Remove unused and newly unrequired arguments to the pcap check functions (which 
replace the old callbacks) in scripts
 2010-09-19 02:15:19 +00:00
batrick
de4ba536de Merge from /nmap-exp/patrick/nse-nsock-maintenance. 
This is a maintenance fix for the NSE Nsock library binding. The patch focuses
on code correctness and simplicity. The patch also brings some initial updates
with an eye towards the upcoming Lua 5.2 release. See [1] for a post concerning
this branch.

[1] http://seclists.org/nmap-dev/2010/q3/710
 2010-09-18 20:35:09 +00:00
djalal
15a0dc47b0 Added the targets-traceroute script, which inserts traceroute hops onto Nmap scanning queue. 2010-09-10 01:53:22 +00:00
david
5f7d7fe252 Add status code 553 (Relaying Denied) to the list of NOTPERMITTED codes in 
smtp-enum-users.nse. Martin Holst Swende reported this.
 2010-09-07 20:15:41 +00:00
david
f7b4900eac Include a message in the output (and quit trying users with the current method) 
when smtp-enum-users hits an unhandled status code.
 2010-09-07 20:13:05 +00:00
david
90e2d1dacd Fix spelling of identifier name (NOTPERMITED) in smtp-enum-users.nse. 2010-09-07 19:54:44 +00:00
david
23908b40a8 Fix a typo in the @usage of smtp-enum-users.nse; it said smtp-open-relay. 2010-09-07 19:07:07 +00:00
patrik
c0d92223db Added missing error handling for connection timeouts 2010-08-31 13:38:50 +00:00
david
902b39517f Copyedit NSEDoc in firewalk.nse. 2010-08-31 04:05:31 +00:00
ron
73d8459565 Fixed a bug where http-headers.nse wasn't honouring the 'path' script-arg. 2010-08-29 01:18:08 +00:00
ron
89888ef6b3 Added DHCP library and re-wrote dhcp-discover.nse to use the new library. 2010-08-28 17:18:40 +00:00
david
7026f5fdbd o [NSE] Added the firewalk script, which tries to find whether a 
firewall blocks or forwards ports like the firewall tool does. [Henri
  Doreau]
 2010-08-28 16:03:20 +00:00
david
2dedb261d9 In ftp-anon.nse, note that ftp-anon.maxlist=0 disable directory listing. 2010-08-27 20:08:01 +00:00
david
5731d55219 Revert r19993, the addition of firewalk.nse. This depends on an nselib 
change that isn't committed yet.
 2010-08-27 20:03:21 +00:00
david
79da626772 o [NSE] Added the firewalk script, which maps firewall rules in a way 
similar to the firewalk tool. [Henri Doreau]
 2010-08-27 20:01:09 +00:00
david
e0918fedc4 Let ftp-anon.nse return a directory listing when anonymous login is 
allowed, and add a ftp-anon.maxlist argument to control the listing.
This is adapted from a patch by Gutek.
 2010-08-27 19:21:34 +00:00
jah
22b458476f fix a test of a return from reg_get_value which caused the following error when 
getting NT_STATUS_WERR_ACCESS_DENIED from winreg.openhkpd

smb-system-info.nse:131:
attempt to perform arithmetic on field 'number_of_processors' (a string value)
stack traceback:
        smb-system-info.nse:131: in function 'get_info_registry'
        smb-system-info.nse:182: in function <smb-system-info.nse:180>
        (tail call): ?
 2010-08-25 21:32:40 +00:00
kris
9be7cd7be0 Use host.times.timeout instead of a hardcoded read timeout in path-mtu.nse. I 
forgot to update this since I posted path-mtu before the host.times{} stuff.
 2010-08-24 23:22:01 +00:00
patrik
d4e0b179c1 Fixed a number of incorrect receives and replaced them with receive_bytes. 
Added some logic to make sure all data is read off the socket.
 2010-08-24 20:25:46 +00:00
kris
57664a51cf Committing MTU-related changes: 
* Adding path-mtu.nse for Path MTU Discovery
* Nmap now stores the MTU for interfaces (from SIOCGIFMTU or libdnet)
* Scripts can access the MTU for host.interface via host.interface_mtu
* Nmap prints the MTU for interfaces in --iflist
 2010-08-24 01:47:12 +00:00
patrik
c3a1ec9f02 typo fix, replace Oracle with Informix 2010-08-23 17:25:48 +00:00
patrik
af76c5dad7 o [NSE] Added GIOP library and a small script that makes use of it: 
- giop-info Queries the CORBA naming server for a list of objects
  [Patrik]
 2010-08-19 23:14:39 +00:00
patrik
87109b5670 o [NSE] Added a Oracle TNS library and two new scripts that make use of it. 
The scripts are:
  - oracle-brute uses the brute and tns library to perform password guessing
  - oracle-enum-users attempts to determine valid Oracle user names
  [Patrik]
 2010-08-19 23:09:32 +00:00
patrik
e80b196d2e o [NSE] Added a smallish Lotus Domino rpc library (nrpc.lua) and some Lotus 
Domino oriented scripts:
  - domino-enum-users.nse guesses users and attempts to download ID files by
                          exploiting (CVE-2006-5835).
  - domino-enum-passwords attempts to download Internet passwords and ID files
                          from the web server.
  - domcon-brute performs password guessing against the remote console.
  - domcon-cmd adds support for running custom remote console commands.
  [Patrik]
 2010-08-19 23:02:58 +00:00
patrik
73b01af10a o [NSE] Added an Informix library and three scripts that make use of it: 
- informix-brute uses the brute framework to perform password guessing
  - informix-query add support for running SQL queries against Informix
  - informix-tables lists table- and column-names for a given database
  [Patrik]
 2010-08-19 22:47:52 +00:00
patrik
a2c2a3f84c o [NSE] Added two new scripts http-brute.nse and http-form-brute that attempt 
to perform password guessing against web servers and applications. [Patrik]
 2010-08-19 20:53:40 +00:00
patrik
a946f11791 o [NSE] Added svn-brute, which attempts to perform password guessing against 
the subversion service. [Patrik]
 2010-08-18 20:50:51 +00:00
david
9cbfbbaadc Remove a script.db entry for an uncommitted script I am working on, 
ovs-agent-version.nse.
 2010-08-17 22:44:28 +00:00
david
9ac9fbdd94 Add a "VULNERABLE" banner to the output of wdb-version.nse. 2010-08-17 22:30:43 +00:00