PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-09 23:16:32 +00:00
Code Issues Projects Releases Wiki Activity
10,148 Commits 2 Branches 0 Tags
2702b4d030bbc4997bd80098d5b173b0c3bd40d7
Commit Graph

10148 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fyodor
c2ff573967 In r23085 (part of the silent require change), the require for ssh2 was accidentally deleted and that broke the script. Restored. 2011-07-07 08:15:08 +00:00
gorjan
04b4baa747 Missing require('creds') 2011-07-06 21:58:16 +00:00
gorjan
519d93da6d Fix for the NSEDoc missing @args 2011-07-06 20:19:20 +00:00
djalal
a3c15ce071 Force the ProFTPD banner check. 2011-07-06 15:12:03 +00:00
patrik
7059623d3a Fixed a bug, reported by Toni Ruottu, for retrieving command line credentials 
for services detected by port and where the service was not identified.
[Patrik]
 2011-07-06 13:11:59 +00:00
patrik
3a3ae7ede1 Added command line support to the creds library 
Changed getCredentials to allow a bitmask filter
Changed getCredentials to return an iterator instead of a table
Modified the brute library to support the changes
[Patrik]
 2011-07-06 12:16:43 +00:00
batrick
b209bfbdfe removed dead code 2011-07-05 18:37:09 +00:00
djalal
cd430fcc9a Update my TODO file. 2011-07-05 16:56:37 +00:00
djalal
bc6155de59 o [NSE] Added a message to let the users know if the backdoor was already triggered. 2011-07-05 16:09:39 +00:00
djalal
e7d45910d9 o [NSE] Clean indentation and make some variables local. 2011-07-05 16:01:03 +00:00
djalal
21abe501ea o [NSE] Added a special function to check if the vsFTPd was backdoored. 
Added a first check to see if the backdoor was already triggered.
  Cleaned the script.
 2011-07-05 15:55:16 +00:00
luis
2324cc4191 Note a couple of bugs that I've found 2011-07-05 10:56:53 +00:00
djalal
ac07e4b3eb o [NSE] Added the ftp-vuln-cve2010-4221 CHANGELOG entry. 2011-07-05 10:13:00 +00:00
djalal
7b0b7c3370 Added the ftp-vsftpd-backdoor entry to the script.db file. 2011-07-05 09:19:59 +00:00
henri
7e1e29ac4f Added ftp-vsftpd-backdoor, which detects a backdoor that was introduced 
into vsftpd-2.3.4 source code distributions. [Daniel Miller]
 2011-07-05 07:16:55 +00:00
paulino
7b83ec9370 TODO update 
Accomplishments:
* Added 117 new signatures to http-enum for a new total of 223! These new signatures are all from vulnerable web applications taken from exploit-db.com's archives from July 1 2009 until May 30 2011. I only checked advisories with more than 300 views to focus on the most popular apps and also did a quick Google search to make sure there are enough installations out there.
* Researched about malware detection methods in HTTP servers.
* Submitted http-default-accounts.nse to nmap-dev
* Fixed a bug in http.lua. The argument 'http.pipeline' was not being read correctly.
* Submitted http-unsafe-host.nse to nmap-dev
* Added more signatures to http-default-accounts
* Submitted http-wp-enum to nmap-dev

Priorities:
* Work on more NSE scripts
* Polish documentation in all my scripts
* Add more signatures to http-default-accounts
 2011-07-05 03:51:39 +00:00
gorjan
abf2a20866 Adding the NSE nmap.list_interfaces() function that lists all interfaces available to Nmap. 2011-07-05 00:01:35 +00:00
shinnok
2a0c839986 Update status on a bunch of tasks in my TODO file. 2011-07-04 21:41:47 +00:00
paulino
4348f6fa07 Adds fingerprints for Drupal and Arris 2307 2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d Adds new fingerprint and new login template. 2011-07-04 20:56:06 +00:00
paulino
89bf1d1661 Fixes bug when adding credentials using creds library. 2011-07-04 20:55:39 +00:00
patrik
d1fbee17df changed so that nping-brute uses silent_require rather than require for openssl 
[patrik]
 2011-07-02 18:02:54 +00:00
paulino
4f21388faa Adds http-default-accounts fingerprint database 2011-07-01 21:43:53 +00:00
paulino
82a68e02db Adds http-default-accounts - It tests for access with default credentials in a variety of web applications and devices. 
It works similar to http-enum, we detect applications by matching known paths and launching a login routine using default credentials when found.
This script depends on a fingerprint file containing the target's information: name, category, location paths, default credentials and login routine.
 2011-07-01 21:43:34 +00:00
gorjan
f15baac22d Update todo file 2011-07-01 21:38:56 +00:00
paulino
5fcfb8abc6 * Adds Wikipedia path to the wiki signatures. 2011-07-01 20:47:06 +00:00
paulino
47a338c85a * Adds note about a desired feature: cache system for http pipelines 
* Adds note about the new signatures added to http-enum
 2011-07-01 20:45:28 +00:00
paulino
390eb9e4ab * Fixes bug when parsing script-args. The script was only using the value from the argument 'pipeline' but not from 'http-enum.pipeline'. 
* Makes clean_404 a public function. This function is used in the NSE script http-waf-detect to remove text that changes.
 2011-07-01 20:34:01 +00:00
paulino
d69d7aa820 No more duplicates in this database. 2011-07-01 19:27:53 +00:00
paulino
fb07b4082a Moves lotus domino fingerprints under the same one 2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5 Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009. 2011-07-01 19:02:34 +00:00
paulino
e420332846 Adds 120 new entries under the categories: general, attacks, cms, security, management and database. 2011-07-01 10:18:10 +00:00
fyodor
f2d2cc6e87 Remove a change which actually got reverted a while back and is being redone 2011-07-01 06:45:39 +00:00
djalal
b4f865179b o [NSE] Added another missing check that will report that the server is not vulnerable. 2011-06-30 23:11:11 +00:00
fyodor
d498efba48 Apparently the require 'root' feature was removed 2011-06-30 22:39:23 +00:00
fyodor
e8b422e09a latest generated man pages 2011-06-30 22:38:52 +00:00
djalal
1c3d400822 o [NSE] Added ftp-vuln-cve2010-4221 script which checks if the ProFTPD 
server is vulnerable to the Telnet IAC stack overflow CVE-2010-4221
  [Djalal].
 2011-06-30 22:21:25 +00:00
djalal
fe981e5014 o [NSE] Added an ftp.connect() methode. 2011-06-30 22:14:58 +00:00
fyodor
9e1fc9cffb OK, I think I'm done with the CHANGELOG\! 2011-06-30 22:07:33 +00:00
gorjan
789977d8df Adding a dependency for backorifice-brute to backorifice-info 2011-06-30 15:47:32 +00:00
gorjan
88b994a451 Small fix 2011-06-30 15:46:50 +00:00
fyodor
1facb2572c Some minor work on CHANGELOG 2011-06-30 09:13:34 +00:00
fyodor
1c702ffad3 trivial nsedoc change 2011-06-30 09:11:57 +00:00
fyodor
8d8d16ec80 trivial nsedoc change 2011-06-30 08:59:30 +00:00
fyodor
e27ff18e56 trivial nsedoc change -- define NCP 2011-06-30 08:58:12 +00:00
fyodor
f802f7ac09 Made a bunch of additions to the CHANGELOG in prep for 5.59BETA1 release. It still needs some reorganization though 2011-06-30 08:50:24 +00:00
fyodor
a1fba2c7e0 Move up the priority of a task about fixing option ordering requirements. People shouldn't have to worry about things like making sure -6 always comes before -A. To move it up, I had to detach it from a cluster of feature creeper tasks though, so at least I added a note to it that it is a potential FC tasks. 2011-06-30 01:15:40 +00:00
fyodor
d6ec64ec2c Add an Ncat-portable-related task 2011-06-29 23:49:07 +00:00
shinnok
a1e9bf6683 Add Ncat Portable to CHANGELOG. 2011-06-29 15:03:19 +00:00
fyodor
130e417be9 fix a small nsedoc typo noted by Henri Doreau 2011-06-29 09:05:03 +00:00