PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 11:49:01 +00:00
Code Issues Projects Releases Wiki Activity
3,493 Commits 2 Branches 0 Tags
24e0dceb8e7a7d428c8af04512b86f70aeebe3cc
Commit Graph

3493 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
89019cb221 Split the load_exclude function into load_exclude_file and 
load_exclude_string. Use read_host_from_file in load_exclude_file to
support comments like in -iL files.
 2009-09-29 02:06:56 +00:00
david
0e2d5af0f9 Factor out the function that reads a host specification from an input 
file.
 2009-09-29 01:15:17 +00:00
david
a3df140563 Allow # comments in input files from -iL. The patch is from Tom Sellers. 2009-09-29 00:33:41 +00:00
david
adcbd54e19 Close the -iL input file after reading. 2009-09-28 23:15:55 +00:00
david
2e3b86618b Use a STARTF_USESHOWWINDOW technique to allow running the nmap process without 
using the Windows shell. The only reason for using the shell was to inhibit the
ceration of a terminal window, and this does the same thing. This solves
problems related to running through a shell: cancelling a scan wouldn't kill
the nmap process, and running from directories with names containing shell
metacharacters wouldn't work.
 2009-09-28 22:02:57 +00:00
david
084ba69efe Remove special-case code for doing a traceroute without a port scan, and 
just handle it in the normal program flow. A problem with having two
pieces of code doing the same thing was that they varied a bit; if you
ran -sP --traceroute you wouldn't get the "Final times for host" output
because that was left out of one of the output loops. Another problem
was that the special-case logic assumed that traceroute was the only
thing that could happen after a port scan, which is not true because
script scanning can happen too. Running -sP --traceroute --script=all
would not run any scripts. Now it run asn-query and whois as expected.
 2009-09-28 20:34:23 +00:00
david
1637c05fe2 Make the times element optional as a child of host. There are cases when 
there are no times to record because no packets were sent, as when using
-sL or -sP -PN --traceroute --send-ip against a directly connected host.
 2009-09-28 20:21:46 +00:00
david
925d2a1693 Make the port and proto attributes optional on the trace element in 
nmap.dtd. With a protocol trace or an ICMP trace, there's no port
number.
 2009-09-28 20:19:30 +00:00
david
d0a1bd3001 Print the proto attribute ("tcp", "udp", etc.) along with the port 
number in the XML output for traceroute.
 2009-09-28 20:12:46 +00:00
david
31d2c497fa Give Probe a virtual destructor because it is deleted through pointers 
that point to instances of subclasses (TCPProbe etc.).
 2009-09-27 18:29:20 +00:00
david
67ab4c0208 Fix the initialization of sockaddr_in structures in traceroute name 
resolution. The initialization
    struct sockaddr_in sin = { AF_INET };
didn't set sin.sin_family correctly, leading to a later assertion
failure:
Failed to convert target address to presentation format!?! Error: Address family not supported by protocol family
 2009-09-27 18:08:42 +00:00
david
8fd7a0a46b Always begin with a TTL of at least 1 in traceroute, even if OS 
detection calculated 0 (erroneous if not localhost). This caused an
assertion failure reported by Chris Clements in
http://seclists.org/nmap-dev/2009/q3/1054.html.
 2009-09-27 18:05:16 +00:00
david
a99b8e5e6b Update Zenmap French translation by Henri Doreau. 2009-09-27 16:00:48 +00:00
fyodor
f6fd7d5fc4 Update refguide license from Creative Commons Attribution License version 2.5 to 3.0. 2009-09-25 21:34:16 +00:00
fyodor
a8d6ba3ce9 Add a note to fix the Ncat Windows --max-conns bug 2009-09-23 10:03:41 +00:00
fyodor
aee2d3825a Add some extra debug information related to the Windows version detected 
by the installer.  Also notes that we recommend starting the WinPcap service at system startup for Windows 7 as well as vista.  The patch is from Rob Nicholls.
 2009-09-23 00:31:17 +00:00
david
556a59791f Regenerate man pages. The current versions were broken. 2009-09-22 21:48:00 +00:00
fyodor
f1456b9b4a Changes from chat w/David 2009-09-22 20:37:20 +00:00
ron
390ce42616 Removed the default limit of usernames/passwords, and updated the comments accordingly. Users can still limit by passing script-args. 2009-09-19 05:42:07 +00:00
ron
88d5050fd1 Totally overhaulted the ftp-brute.nse script. I opened this script to see about certain changes, and discovered that it was only actually checking a single account (xampp/default). So I hooked it into unpwdb, but discovered that, at least against my test server, it was _extremely_ slow. For that reason, I limited it to the first 10 usernames/passwords for now. 2009-09-18 19:48:45 +00:00
kris
0ab7d34c88 updating ip_is_reserved(): 02/8 and 46/8 allocated yesterday 2009-09-18 19:03:33 +00:00
david
275a346804 Add a BPF filter to traceroute so we only get packets sent to our own 
source address; i.e., not the packets we send.
 2009-09-17 22:50:09 +00:00
fyodor
923c04657a 2009-09-17 21:03:11 +00:00
david
9a25c8a0b4 Add a CHANGELOG entry for new traceroute. 2009-09-17 15:45:09 +00:00
david
45b783c573 Print "--" for the RTT of traceroute hops if the RTT is unknown. This 
can only happen in the case of a directly connected target with no ping
or port scan responses, like
nmap -PN -sP --send-ip --traceroute <target>
 2009-09-17 15:11:20 +00:00
david
06cc9ad4d1 Add a special-case no-probe traceroute for directly connected targets. 2009-09-17 15:03:13 +00:00
david
fa6002d4e3 Add a mailing list link to the TODO item about memory use. 2009-09-17 15:02:54 +00:00
fyodor
a3b5f278f9 add an idea for Nmap translation/localization 2009-09-17 04:31:09 +00:00
fyodor
93c4dec5d0 Applied FreeBSD portability patch from Jay Fink (he found it in FreeBSD ports tree). The patch 
marks pcap file descriptors as not select()able by Nmap for FreeBSD versions < 5 (__FreeBSD_version < 500000)
 2009-09-17 03:03:10 +00:00
david
875dcddd2c Merge r15496:15502 from /nmap-exp/david/nmap-traceroute. These are some 
minor traceroute performance optimizations.
 2009-09-17 02:22:15 +00:00
david
577a1be0e7 Merge from svn://svn.insecure.org/nmap-exp/david/nmap-traceroute. This 
brings in a new, faster, parallel version of traceroute.
 2009-09-17 00:03:46 +00:00
ron
86e7a63bf6 Added a script called http-malware-host.nse. Its future intention is to discover hosts that are serving malware (for example, that are compromised and have malicious code inserted). At the moment, it checks for one specific attack discussed here: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/ 2009-09-16 14:15:13 +00:00
fyodor
19c18738d0 Note a bug discovered by David 2009-09-16 08:37:59 +00:00
fyodor
bc918d268a the package name now seems to be openss-devel rather than libopenssl-devel 2009-09-15 21:44:41 +00:00
joao
4c13b99e95 Giving priority to transfer-encoding first than content-length, as mentioned in rfc2616, section 4.4. 
isChunked now checks for transfer-encoding: identity instead of transfer-encoding: chunked. If transfer encoding is present and it is not identity, chunked encoding is considered. Also rfc2616, section 4.4 (item 2)
 2009-09-15 03:47:46 +00:00
joao
b9d1591739 Adding a few comments on some functions 2009-09-15 02:46:58 +00:00
joao
b0346e22b9 Fixing problem related to chunked pipelined responses on http.lua 2009-09-15 02:12:02 +00:00
david
8ba33e607b Make it clear in the NSEDoc that error values can be any false value: 
<code>false</code> or <code>nil</code>. Basically it's anything that
matches the protocol of an nmap.new_try handler.
 2009-09-14 15:56:49 +00:00
ron
32d9c9fe98 Added a check for a SMBv2 vulnerability (CVE-2009-3103) to smb-check-vulns. Due to its nature (it performs a DoS, then checks if the system is still online), the script isn't run by default and requires a special script-arg to work. 2009-09-14 15:23:06 +00:00
david
fa6435d6ec Document that IP proto scan has special cases for SCTP and IGMP as well 
as TCP, UDP, and ICMP.
 2009-09-14 02:49:09 +00:00
fyodor
1681e7621b Add clear warnings about using --script=all. 2009-09-13 09:36:33 +00:00
david
b40356ed3f Fixed an integer overflow that could occur when a target with a low 
TCP timestamp clock frequency uses large timestamp values, such that
a naive uptime calculation shows a boot time before the epoch. Also
fixed a printf format specifier mismatch that was revealed by the
overflow. Toby Simmons reported the problem and helped with the fix.
 2009-09-10 18:03:18 +00:00
david
f270257be7 Remove the unused seq_info.uptime member. 2009-09-10 15:17:17 +00:00
david
0a479a45fa Fix a typo in dhcp-discover.nse. 2009-09-10 14:18:02 +00:00
fyodor
e7d0212d68 minor updates to TODO 2009-09-10 08:09:55 +00:00
ron
0e1a013dbf Updated CHANGELOG with my newest script. I have more to add to the CHANGELOG from my recent activities, but that'll have to wait. 2009-09-10 03:31:15 +00:00
ron
9465a839c1 Added dhcp-discover script 2009-09-10 03:26:53 +00:00
ron
66399fc057 Added a couple more paths that might be interesting 2009-09-09 01:59:13 +00:00
bmenrigh
a0bf12e674 Fixed a typo where quad-A records (AAAA) were listed as AAAAA. Thanks 
to Jeron Massar for the report.
 2009-09-08 22:32:45 +00:00
ron
f4458c1917 Added the ability (off by defaultk, since it generates 20x requests) for http-enum.nse to generate variants of each file. This would probably be more useful to use after running a spider script than here, but the code should be essentially the same. I'm hoping it'll be used somewhere more appropriate, eventually. 
Also added a couple fingerprints.
 2009-09-08 19:51:53 +00:00