PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 12:19:02 +00:00
Code Issues Projects Releases Wiki Activity
6,322 Commits 2 Branches 0 Tags
20575e01b92192a37293a1ce0137a16103661295
Commit Graph

6322 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
77380bd9b0 o [NSE] Fixed bug that would prevent brute scripts from running if no service 
field was present in the port table. [Patrik]
 2011-11-10 20:42:47 +00:00
david
5698259a1b sv-tidy softmatch lines too. 2011-11-10 07:02:43 +00:00
david
110e9421cc sv-tidy nmap-service-probes. 
This is a new program to tidy/canonicalize nmap-service-probes. It did
this:
 * Removed excess whitespace.
 * Sorted templates in the order m p v i d o h cpe:.
 * Canonicalized template delimiters in the order / | % = @ #.
 2011-11-10 06:57:27 +00:00
david
7586073399 Add service match for Oracle OVM Manager. 2011-11-10 03:13:57 +00:00
patrik
0fa0ef41d5 Added missing usage and output documentation [Patrik] 2011-11-09 19:15:17 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
djalal
8a175d127d o [NSE] added a debug message in the prerule to show that some arguments are missing. 2011-11-09 12:39:01 +00:00
djalal
5ea6fe675d o [NSE] check script arguments in the prerule to avoid running the script if they are missing. 2011-11-09 12:31:48 +00:00
djalal
99781655ae o [NSE] Add a final note in the output about the 'newtargets' usage. 2011-11-09 12:29:14 +00:00
djalal
4cee81e323 o Check the 'resolveall.hosts' script argument in the prerule function to 
avoid loading the script if it is missing.
o Show all the returned IP addresses by default even if the 'newtargets'
  script argument was specified.
 2011-11-09 12:21:20 +00:00
djalal
5ac9edb7e1 Fix the vulnerability CVE ID in the documentation. 2011-11-09 10:21:08 +00:00
djalal
08b1160c87 Updated some of the vulnerability scripts to use the new vulnerability library. 2011-11-09 10:08:19 +00:00
david
4757dadd11 Add irc-botnet-channels.nse. 2011-11-09 01:42:03 +00:00
david
7c64868741 Fix logic errors in comm.opencon when data is not supplied. 
It looks like this code never worked, because the debug message was
using a nonexistent function (nsedebug.print_debug).
 2011-11-09 01:41:34 +00:00
patrik
465594fa87 o [NSE] Added the http-method-tamper script that detects authentication bypass 
vulnerabilities using the http HEAD method as reported in CVE-2010-738.
  [Hani Benhabiles]
 2011-11-08 21:18:22 +00:00
david
fddfd9b0e6 Use promiscuous mode in targets-sniffer.nse. 2011-11-08 16:10:35 +00:00
david
ab447ef92c CHANGELOG for Hadoop and HBase scripts. 2011-11-08 16:00:18 +00:00
david
ce9ac426e3 New Hadoop and HBase scripts by John Bond: 
hadoop-datanode-info.nse
hadoop-jobtracker-info.nse
hadoop-namenode-info.nse
hadoop-secondary-namenode-info.nse
hadoop-tasktracker-info.nse
hbase-master-info.nse
hbase-region-info.nse
 2011-11-08 16:00:16 +00:00
henri
f181470fac Whitespace fixes: removed trailing whitespaces, always use tabs for indentation. 2011-11-07 21:32:43 +00:00
patrik
b66a4849c4 o [NSE] Modified the http library to support servers that don't return valid 
chunked encoded data, such as the Citrix XML service. [Patrik]
 2011-11-07 06:04:13 +00:00
fyodor
03a75885e7 Minor rewording 2011-11-07 06:00:07 +00:00
fyodor
c12d343ccc fix a typo 2011-11-07 04:51:42 +00:00
fyodor
f73e2b27d1 Update and canonicalize a bunch of script descriptions 2011-11-07 04:08:29 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
dd32e88b66 o [NSE] Added brute scripts rlogin-brute and rexec-brute for the rlogin and 
rexec services [Patrik]
 2011-11-04 21:17:33 +00:00
patrik
fb3b019de4 Fixed small NSEDOC error in xmpp-brute.nse [Patrik] 2011-11-02 19:20:19 +00:00
david
d3c6976fca Change CRLF line endings to LF in ip-geolocation-*.nse. 2011-11-02 16:50:38 +00:00
david
aceb760703 Change CRLF line endings back to LF in dns-brute.nse. 2011-11-02 16:50:37 +00:00
patrik
fee0ddb527 o [NSE] Added broadcast-rip-discover which gets RIPv2 routers and their routing 
information by querying the multicast address [Patrik]
 2011-11-02 10:23:50 +00:00
paulino
ea31c702ad Minor modification to add the entry "direct" to the default host list. This is a common dns entry found in hosts protected by Cloudflare (www.cloudflare.com) It is Cloudflare's default dns name for the entry pointing to the real host ip. 2011-11-02 10:16:30 +00:00
patrik
cbf71a1668 o [NSE] Fixed a bug where the brute library would not abort even after all 
retries were exhausted [Patrik]
 2011-11-02 09:48:33 +00:00
david
842bf0b8f3 o Added a service probe for VMware ESX Server. The probe is based on a 
script written by Aleksey Tyurin.
 2011-11-01 01:29:17 +00:00
fyodor
4eced641cf add a task for letting nmap.send_Ip take explicit interface address 2011-11-01 00:23:19 +00:00
patrik
c48bb3f3f9 Minor changes to the usage documentation of dns-zeustracker [Patrik] 2011-10-31 18:22:57 +00:00
patrik
ad28a527dc o [NSE] Added dns-zeustracker, which checks whether an IP is part of the Zeus 
botnet. [Mikael Keri]
 2011-10-31 18:11:54 +00:00
tomsellers
41145a414c Added support for the LDAP extensibleMatch filter to ldap.lua. LDAP searches using this take the following format: 
attributename:ruleOID:=value

for example the following finds AD Domain controllers:

(userAccountControl:1.2.840.113556.1.4.803:=8192)

Also added the above as a quickfilter (ad_dcs) to ldap-search.nse to serve as a code example.

Added documentation to explain the values used in some field.
 2011-10-31 00:27:03 +00:00
david
57fc9a5545 Add ipv6-node-info. 2011-10-29 19:40:21 +00:00
david
ef5dfd8479 Compress strings of zeros in packet.toipv6. 
I do this just by passing the uncompressed names through nmap.resolve.

Before:
fe80:0000:0000:0000:0000:0000:0000:0001, 2001:0470:1f05:155e:0000:0000:0000:0003
After:
fe80::1, 2001:470:1f05:155e::3
 2011-10-29 19:40:19 +00:00
david
3fe86cca72 Add a note that ip_send is broken for IPv6 link-local destinations. 
The function always extracts the address from the packet contents, but
the scope_id cannot be recovered from the packet contents.
 2011-10-29 19:40:18 +00:00
david
fd556a76fe Make dnet:ip_send able to send IPv6. 2011-10-29 19:40:16 +00:00
david
06b69fa9a3 Make some args const. 2011-10-29 19:40:15 +00:00
david
17e54e2d0e Document ip_get_data and ip_get_data_any. 2011-10-29 19:40:14 +00:00
david
622e2e08a7 Standardize on ip6_nhdr in packet.lua. 
Some places were using ip6_nxt_hdr and some were using ip6_nhdr.
ip6_nhdr seemed to be the prevailing usage.
 2011-10-29 19:40:14 +00:00
tomsellers
bca60ba8de Added support for LDAP substring searches to ldap.lua. These can now be performed alone or in conjunction with other LDAP query types. 
Added a new quick filter (qfilter) to ldap-search.nse that allows the user to specify, on the command line, an attribute and corresponding value to search the LDAP directory for.  The use of the asterisk '*' as a wildcard is permitted in the value parameter.

Updated asn1.lua with some minor notes on a hex value that was used.
 2011-10-29 10:18:52 +00:00
david
1b469acdae Add OS fingerprint from my localhost. 2011-10-29 01:53:24 +00:00
david
81a312e6d1 Add/modify Solaris 11 IPv4 OS fingerprints. 2011-10-29 01:41:37 +00:00
david
a3cb925699 Add a constructor to FingerMatch. 
Not initializing OS_name was causing problems in
parse_single_fingerprint, used by OSassist. I believe the initialization
was being done manually wherever this was used in Nmap itself.
 2011-10-29 01:41:28 +00:00
david
6e423e861d Update member name in comment. 2011-10-28 10:55:17 +00:00