PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-03 13:19:04 +00:00
Code Issues Projects Releases Wiki Activity
5,866 Commits 2 Branches 0 Tags
22a029c21b51df9c65a8e5dc3858f6f425b2eb1a
Commit Graph

695 Commits

Author SHA1 Message Date
batrick
c4d6d12be7 \x is not a valid escape sequence... 2011-09-09 19:08:13 +00:00
tomsellers
c193cadac7 Fix a typo 2011-09-05 22:44:08 +00:00
tomsellers
f6dc7a160d ldap.lua - added support for saving search results to CSV. 
Also added support for decoding certain time formats found in Microsoft AD such as lastLogon,pwdLastSet, etc
 2011-09-05 22:39:03 +00:00
patrik
ae75aa7fd3 o [NSE] Added new default credential list for Oracle and modified the 
oracle-brute script to make use of it. [Patrik]
 2011-09-05 08:13:34 +00:00
patrik
4e9265b883 fixed a bug that would prevent the library from authenticating against 
Oracle 10.2.0.1.0 XE [Patrik]
 2011-09-05 07:52:30 +00:00
tomsellers
5b6d151787 Add function saveToFile to allow scripts to save credential tables to a file. 
Extend the account state tables to include expired, host and time limited accounts.
 2011-09-04 17:43:42 +00:00
tomsellers
b5cb7a96fc Modified start_session_basic so as to return the 
status code text when the variable status is not
nil.  This mimics the behavior of start_session_extended.

This should provide more reliable results to smb-brute
concerning the nature of login failure reasons.

More detail has been sent to the mailing list.
 2011-09-03 17:01:13 +00:00
patrik
6c864bd9f8 Changed command line processing to assume cred mode if credfile was supplied 
and no mode was explicitly given [Patrik]
 2011-09-02 06:12:39 +00:00
david
2c45aa3b8a Add Weilin's patch to packet.lua to handle IPv6. 2011-09-02 04:10:59 +00:00
patrik
bce29f44cd Fixed typo in supported versions matrix in the TNS library [Patrik] 2011-08-27 08:12:59 +00:00
patrik
a52d443841 o [NSE] Fixed authentication problems in the TNS library that would prevent 
authentication from working against Oracle 11.2.0.2.0 XE [Chris Woodbury]
 2011-08-27 08:05:10 +00:00
djalal
02b7d6e563 o [NSE] Use a table to store the output results, and use table.concat() 
to concat data instead of classic concatenation. This can have a huge
  performance boost, check this thread:
  http://seclists.org/nmap-dev/2011/q3/623
 2011-08-23 09:26:06 +00:00
patrik
5e2f67ae2e o Fixed bugs that would prevent connections against certain versions 
o Improved support for 64-bit database servers
o Tested the code against a larger number of databases running on both
  32/64-bit Windows/Linux
o Improved library documentation
[patrik]
 2011-08-21 19:18:53 +00:00
gorjan
aec7e1ab94 Add the architecture description in the bittorrent.lua library. 2011-08-11 09:54:38 +00:00
patrik
00b72547cf Fixed bugs with empty resultsets returning data [Patrik] 2011-08-11 09:28:09 +00:00
patrik
b593d0778a o [NSE] Added basic query support to the Oracle TNS library making it possible 
for scripts to query the database server using SQL. [Patrik]
 2011-08-10 20:33:13 +00:00
patrik
a1d515e548 o [NSE] Added script broadcast-listener that attempts to discover hosts by 
passively listening to the network. It does so by decoding ethernet and IP
  broadcast and multicast messages. [Patrik]
 2011-08-10 16:46:55 +00:00
gorjan
88e8647381 Adding the bittorrent library and bittorrent-discovery script which enables you to add bittorrent peers and DHT nodes as targets for scanning 2011-08-09 16:56:13 +00:00
gorjan
d509ad055a Adding the optimized snmp-brute script, unpwdb library , snmpcommunities wordlist 2011-08-03 21:37:27 +00:00
djalal
a9bbb27a54 o [NSE] Added a missing function parameter for registry_add_table(). 2011-07-30 12:02:24 +00:00
patrik
1097d0c42d Added documentation for credentials passed through script-args. [Patrik] 2011-07-27 12:05:42 +00:00
paulino
ec63b8a647 Adds support for passing arguments without the script name. 2011-07-27 04:32:01 +00:00
patrik
89d1f3b8d3 o [NSE] Added the library xmpp.lua and the script xmpp-brute that performs 
brute force password auditing against XMPP (Jabber) servers. [Patrik]
 2011-07-26 06:54:19 +00:00
djalal
3ce7d52800 o [NSE] Improved the NSEDoc of the print_hex() function. [Chris Woodbury] 2011-07-25 23:12:51 +00:00
djalal
47345ac696 o [NSE] Do not print an empty line if there are no remaining characters. 
This patch was contributed by Chris Woodbury.
 2011-07-25 23:09:24 +00:00
patrik
5e954c65a9 Added support for comments in the credential_iterator [Patrik] 2011-07-25 17:59:05 +00:00
paulino
a8df084c1f Adds http default ports for LiteSpeed Web Server. 2011-07-24 21:26:37 +00:00
patrik
cbf959aecc o [NSE] Added the script broadcast-dhcp-discover that sends a DHCP discover 
message to the broadcast address and collects and reports the network
  information received from the DHCP server. [Patrik]
 2011-07-21 11:56:15 +00:00
patrik
ee7e069e63 o [NSE] Added the script smtp-brute that performs brute force password 
auditing against SMTP servers. [Patrik]

o [NSE] Updated SMTP library to support authentication using both plain-text
  and the SASL library. [Patrik]
 2011-07-21 06:16:20 +00:00
patrik
0453f89779 o [NSE] Added the script imap-brute that performs brute force password 
auditing against IMAP servers. [Patrik]

o [NSE] Updated IMAP library to support authentication using both plain-text
  and the SASL library. [Patrik]
 2011-07-21 06:14:02 +00:00
patrik
222e8b9e42 o [NSE] Added SASL library created by Djalal Harouni and Patrik Karlsson 
providing common code for "Simple Authentication and Security Layer" to
  services supporting it. The algorithms supported by the library are:
  PLAIN, CRAM-MD5, DIGEST-MD5 and NTLM. [Patrik Karlsson, Djalal Harouni]
 2011-07-21 06:07:02 +00:00
patrik
c3f94727ad o [NSE] Added scripts cvs-brute.nse, cvs-brute-repository.nse and the cvs 
library. The cvs-brute-repository script allows for guessing possible
  repository names needed in order to perform password guessing using the
  cvs-brute.nse script. [Patrik]
 2011-07-21 06:01:19 +00:00
patrik
2faca7aed1 Added support for scripts to report invalid (non-existing) accounts back 
to the brute library. This way, they're removed from further guessing.
[Patrik]
 2011-07-21 05:56:58 +00:00
weilin
586b8464b2 Reverted the unintended changes on nselib/packet.lua@25009. 2011-07-21 02:32:47 +00:00
weilin
1dcf652410 Added ND ping for local IPv6 nets, merging from /nmap-exp/weilin/nmap-nd. 2011-07-19 02:31:54 +00:00
paulino
8215c3420f Fixes the way of creating the request line by changing string.format for regular string concatenation to allow null bytes in the requests. 2011-07-15 23:48:00 +00:00
paulino
deded46038 Adds apache axis2 login signature. 2011-07-15 23:43:10 +00:00
paulino
6a8a10794f Adds more paths for Coldfusion and Apache Axis2 2011-07-15 23:33:03 +00:00
patrik
4356fe16a5 * fixed a bug that would result in unnecessary connects and disconnect for 
discovered accounts

* documented engine options

* added new engine option (nostore) that instructs the library not to store
  the discovered credentials in the credential database
 2011-07-13 20:49:20 +00:00
patrik
c800c437a9 added check for unknown account state to avoid crash when retrieving accounts. 2011-07-13 20:46:15 +00:00
gorjan
70b09c9598 Small fix: missed an 'end' 2011-07-13 09:34:19 +00:00
gorjan
c08ca750fa Added default values for the index and length parameters if no value is supplied in the Packet:raw(index,length) function of the nselib/packet.lua library 2011-07-13 09:27:54 +00:00
patrik
aadac7c8d5 * Fixed a bug in the brute library prevented additional passwords from 
being found if run in passonly mode.

* Fixed a bug in the brute library preventing detection of duplicate
  credential entries requested from the iterator.
 2011-07-12 21:23:12 +00:00
patrik
23d2e0d31f o [NSE] Applied patch from Chris Woodbury that adds the following additional 
information to the output of smb-os-discovery:
  + Forest name
  + FQDN
  + NetBIOS computer name
  + NetBIOS domain name
 2011-07-12 06:08:43 +00:00
paulino
b291f28e62 Added new entries for awstats totals under 'general' 2011-07-11 07:48:16 +00:00
gorjan
25f00f01ec Another possible fix for the NSEDoc arguments in the brute.lua library 2011-07-10 16:20:49 +00:00
paulino
248b53abfa Adds entries under 'attack' for: 
-OrangeHRM: http://www.exploit-db.com/exploits/17212/
-Tikiwiki: http://www.exploit-db.com/exploits/1244/
 2011-07-09 20:44:22 +00:00
paulino
0528868eb9 Includes new fingerprints for Joomla submitted by Hani, moves drupal signatures to the cms section and adds new ones for Cisco, Airaya and Cirronet routers 2011-07-09 20:29:11 +00:00
patrik
5c43a48121 applied patch to json library from Daniel Miller adding the functions 
make_array and make_object:
http://seclists.org/nmap-dev/2011/q3/15

These functions add support for treating Lua tables as JSON arrays or objects.
 2011-07-09 19:49:05 +00:00
paulino
84a4bb2506 Added signature of a Cisco router 2011-07-08 18:44:23 +00:00