PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 19:59:02 +00:00
Code Issues Projects Releases Wiki Activity
6,322 Commits 2 Branches 0 Tags
20575e01b92192a37293a1ce0137a16103661295
Commit Graph

1287 Commits

Author SHA1 Message Date
david
09762c4d85 Add helpful text for the two most common errors seen in the Conficker 
check in smb-check-vulns.nse: NT_STATUS_OBJECT_NAME_NOT_FOUND and
NT_STATUS_ACCESS_DENIED. Ron and I found the best explanations for these
that we could. There is another error, NT_STATUS_NOT_SUPPORTED, which is
less common than these but has been observed. We still don't have a clue
as to the cause of that one.
 2009-04-02 02:27:47 +00:00
ron
dde55ed602 Added a change to eliminate possible false negatives 2009-04-01 12:23:21 +00:00
ron
f157387be1 Changed message when checks are disabled (it seemed to be confusing people) 2009-04-01 03:31:13 +00:00
ron
cf73d9eb03 Fixed a bug where every host showed up as 'infected'.. oops\! 2009-03-31 15:18:03 +00:00
ron
70275c69c3 Fixed a small output bug in smb-check-vulns where it would print 'PATCHED' if an error occurred (in addition to the error message) 2009-03-31 15:04:10 +00:00
ron
f4575514af Updated Conficker detection: change some constants, better error checking for MS08-067 patch (tell the user if the system has a jury-rigged patch instead of a cryptic error) 2009-03-31 14:14:24 +00:00
kris
97028d6a6f wrap a couple of long doc lines 2009-03-30 20:35:38 +00:00
kris
f6f61ecf83 typos in docs/comments: if->is and alse->false 2009-03-30 20:25:45 +00:00
ron
9948b1d7f4 Print Connficker error messages always 2009-03-30 19:16:55 +00:00
ron
67a6886318 Changed spelling of 'Connficker' to 'Conficker' 2009-03-30 15:24:36 +00:00
ron
9060d2fadd Modified smb-check-vulns.nse to check for Connficker infections. Got permission from authors of simple connficker scanner (scs.zip) to post this 2009-03-30 14:46:58 +00:00
jah
de922ab69c Now works for udp again. The port table has a "protocol" field, not "proto". 2009-03-13 03:41:28 +00:00
ron
80591c9cc6 Cleaned up output of smb-server-stats.nse 2009-03-12 14:56:23 +00:00
ron
bb30932c0d Wrapped a long line 2009-03-11 14:13:17 +00:00
ron
45744eddc3 Merge in changes from my private branch, primarily smb-brute.nse and smb-pwdump.nse, among other smaller changes. 2009-03-05 02:03:29 +00:00
david
62aa04c11a In dns-zone-transfer.nse, return "<parse error>" in case domain decoding fails. 
otherwise there is an assertion failure trying to insert a nil into an output
table in tab.lua. Increase the maximum number of message compression pointers
we will follow in dns.lua from 3 to 10, because Brandon found a server that
used 4..
 2009-02-27 20:16:29 +00:00
david
dde083e900 Fix the formatting of the uptime in snmp-ssydescr.nse so it looks like 
"0:03:02.72 (18272 timeticks)", not "0:3:2.72 (18272 timeticks)" (note padding
zeroes).
 2009-02-12 04:23:41 +00:00
david
2d018963ca Use dns.decStr in dns-zone-transfer.nse instead of a custom DNS decoder. This 
avoids an infinite recursion bug present in the old decoder. I raised the
number of compression pointers that dns.decStr will follow from 1 to 3 because
I found a server that sent 2.
 2009-02-10 00:53:26 +00:00
david
590e7b7574 Fix abug in the DNS parser in dns-zone-transfer.nse: All '0' characters in 
domain names were changed to '.', probably as a result of some code that wasn't
updated when surrounding code was. This changed the name net360.example.com to
net36..example.com.
 2009-02-08 04:33:43 +00:00
david
e6d6e8d83e Fixed a DNS decoding bug in dns-zone-transfer.nse that created 
garbage output and could crash Zenmap by including 0x0C bytes in XML
files. The Zenmap crash looked like
  SAXParseException: .../zenmap-XXXXXX.xml:39:290: not well-formed (invalid token)
 2009-02-06 19:25:11 +00:00
david
00b65b7768 Remove script args that are inherited from modules from sript documentation. 
Such args are now included automatically in the generated documentation.
 2009-02-05 23:45:12 +00:00
ron
5ec608507a Backported a couple minor bugfixes from my experimental branch 2009-02-04 22:08:20 +00:00
jah
c622a1518e Pass "ssl" as the third paramater to connect() in pop3.lua capabilities() and 
smtp-commands.nse if version detection set the port service_tunnel to "ssl".
 2009-02-03 02:43:24 +00:00
jah
c8442d3946 Fix error: 
SCRIPT ENGINE (506.424s): ./scripts/pop3-capabilities.nse against a.b.1.47:995
ended with error: ./scripts/pop3-capabilities.nse:32: bad argument #1 to
'pairs' (table expected, got string)

which happens because pop3.lua returns a string error message instead of a table
of capabilities if it can't connect the socket or obtain a response from a
connected socket.
It now returns nil, err_message in these cases and the documentation now reflects
this - pop3-capabilities.nse silently returns and prints a debug message.

Added a 10s timeout for the socket in pop3.lua capabilities - 30s was a bit much.
 2009-02-03 01:15:25 +00:00
david
a5b73cf906 Rename the xampp-default-auth script to ftp-brute. Incorporate some code 
improvements in the script from Vlatko Kosturjak. Remove the nobody/e0e0e0e0
test credentials because I can't find a web source to substantiate them.
 2009-01-26 06:02:45 +00:00
david
81886dc21d Remove id variables from a couple of scripts. 2009-01-26 05:56:49 +00:00
fyodor
197b228b4d remove complex timeout system (based on -T level) of Banner NSE script, and instead always wait five seconds. 2009-01-23 05:22:06 +00:00
david
0844aa18af Remove redundant "Daytime: " from the output of daytime.nse. It looked like 
|_ daytime: Daytime: Mon Jan 19 17:43:18 MST 2009
 2009-01-20 00:42:32 +00:00
david
bad22b8c60 Give the default value ("public") in the NSEDoc for the snmpcommunity script 
argument in snmp-sysdescr.nse.
 2009-01-19 23:23:20 +00:00
david
7307d28e88 Let daytime.nse run against both TCP and UDP port 13. It only did UDP before. 
RFC 867 says the service runs over both protocols.
 2009-01-19 21:55:23 +00:00
david
a384e9016f Document script arguments in 
pop3-brute.nse: pop3loginmethod, userdb, passdb;
snmp-brute.nse: snmpcommunity, snmplist, userdb, passdb;
snmp-sysdecsr.nse: snmpcommunity;
snmp.lua: snmpcommunity;
unpwdb.lua: userdb, passdb.
 2009-01-13 00:10:33 +00:00
kris
5725a169bf Make robots.txt.nse be silent instead of printing reports for a file with no 
disallowed entries
 2009-01-03 16:54:47 +00:00
ron
1c08d02689 Updated the output section for smb-enum-processes.nse 2008-12-24 00:58:52 +00:00
ron
773000b65a Merging changes from my experimental branch; the new versions of this scripts, which have significant changes to their core functionality, managed to hold their own against Brandon's network. More testing would be very helpful, though, especially with credentials (most of Brandon's scans were anonymous). 2008-12-24 00:53:01 +00:00
bmenrigh
c4bebb3a01 Starting in Lua 5.1, string.gfind was renamed to string.gmatch. This commit fixes a warning when gfind is used by using gmatch instead. 2008-12-17 20:43:57 +00:00
batrick
88419b0c6e Cleaned up the creation of the string payload. 2008-12-09 06:00:50 +00:00
ron
86de493a3e Changed smb-enum-shares to detect a host that returns the incorrect value for unknown shares (happened against what appears to be a EMC SANS). Also added a check to stdnse.strjoin() to ensure that the first parameter is either nil or a string, I got the parameters wrong and spent awhile trying to figure otu why. 2008-12-08 03:33:25 +00:00
ron
ea42f39faa Merged in significant changes to Microsoft RPC calls 2008-12-07 16:16:11 +00:00
david
be28828544 Add a patch by Tom Sellers to use "html-title.nse" in the debug messages of the 
script of that name, instead of the old name "showHTMLTitle."
 2008-12-06 02:48:30 +00:00
jah
9f3a5e5210 Fix the closure of a multiline comment which is not strictly legal 
http://www.lua.org/pil/1.3.html, but only impacts syntax
highlighting and not script execution.
 2008-12-02 18:30:05 +00:00
david
85deff9ede Use a more straightforward return style in script rules. Instead of 
if cond then
		return true
	else
		return false
	end

just do

	return cond
 2008-11-18 16:59:09 +00:00
david
f4b970f889 Update skypev2-version.nse to match how it's shown in scripting.xml. 2008-11-18 16:47:57 +00:00
david
8247257ad0 Make the code that manipulates the filename local to a function in banner.nse. 
--script-updatedb didn't work because scripts don't have the filename variable
in their environment during that.
 2008-11-18 16:44:57 +00:00
jah
100aa9d122 Removed filename_len() from banner.nse and instead shorten var filename 
to the script name minus its extension - in response to the change
in r11111.
Changed the width of output from 80 chars to 75 which is what was
originally intended.
 2008-11-18 14:08:08 +00:00
jah
fece92c4f7 Add http-alt and https-alt to the services handled by html-title.nse 
Modified http.request() to connect using ssl for the https-alt service.
html-title.nse can now deal with a redirect which changes the url scheme
as long as a port is present in the url and it is the port being scanned.
 2008-11-17 22:06:58 +00:00
david
6bd949abb0 Add a little bit about POP3 capabilities to the pop3-capabilities.nse script. 2008-11-15 01:43:10 +00:00
david
c3ee93f056 Sort script.db entries by file name to make diffs comprehensible. Their 
previous unsorted state was due to their coming straight out of opendir.
 2008-11-15 00:58:36 +00:00
david
0d7243ad5a Add banner.nse to script.db. 2008-11-15 00:55:59 +00:00
jah
17595d5f03 Removed an erroneous argument to a print_debug statement. 2008-11-14 20:57:45 +00:00
fyodor
cdfac4d6b2 spell check: recognise -> recognize 2008-11-11 20:33:48 +00:00