PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-06 14:39:03 +00:00
Code Issues Projects Releases Wiki Activity
9,221 Commits 2 Branches 0 Tags
2df9a5f678abbdccc3ce94d18833cf31ef1ec72e
Commit Graph

9221 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
2df9a5f678 Factor out cipher selection for chunks 
It will be handy later to have a find_ciphers_group function that
doesn't know anything about chunking.
 2014-08-12 02:38:09 +00:00
dmiller
38ab5861d5 Report server's cipher ordering algorithm 
Old code from David, modified to fit the current script.
 2014-08-12 02:38:07 +00:00
claudiu
15692e18c3 Removed print 2014-08-11 23:32:56 +00:00
claudiu
73d69527ab Fix false positive on socket timeout 2014-08-11 23:29:32 +00:00
jay
7fc846929d Move some todo items to done 2014-08-11 16:18:31 +00:00
henri
97103efdfb Try to trigger connection failure in a more portable way. 
The former one was hackish and didn't behave consistently
between operating systems.

Passing in a zero addrlen should reliably make connect(2) fail.
 2014-08-10 18:31:00 +00:00
henri
a913288efa Added missing variable declaration, as reported by Gisle Vanem 2014-08-10 13:22:09 +00:00
dmiller
d7d991477a Move http-form-brute docs from @usage to description 2014-08-10 12:34:55 +00:00
jay
4d5950cb42 Add (and document) host.reason and host.reason_ttl 2014-08-10 06:28:58 +00:00
jay
fc5cc15b2c Add port.reason_ttl 
Document port.reason and port.reason_ttl
 2014-08-10 06:14:00 +00:00
d33tah
e142958581 Note a TODO. 2014-08-09 22:30:36 +00:00
jay
b281e0bf1d Get rid of unnecessary spaces at the end of lines 2014-08-09 19:09:06 +00:00
jay
03dd80d280 Convert to unix line endings using dos2unix 2014-08-09 18:06:14 +00:00
jay
1756416ec6 Further reduce Zenmap's Topology Noise 2014-08-09 17:56:29 +00:00
jay
5f346ca88c Document nmap.version_intensity() 2014-08-09 17:49:11 +00:00
dmiller
a7a7229105 Revert r32979, superseded by script-intensity 2014-08-08 14:43:11 +00:00
dmiller
a8d34b7635 Prevent address-info from crashing when the IPv6 address is "not interesting" 2014-08-08 14:43:10 +00:00
jay
b58913befa Document --exclude-ports 2014-08-08 13:27:35 +00:00
dmiller
35045fd839 Removed a troublesome OS fingerprint that matched too many firewalled systems 2014-08-07 19:53:11 +00:00
jay
df4f23eec0 Change all statements of the form 'return BOOLEAN_EXPRESSION ? false : true;' to 'return !BOOLEAN_EXPRESSION;' 2014-08-03 04:25:18 +00:00
jay
68659157f6 Change all statements of the form 'return BOOLEAN_EXPRESSION ? true : false;' to 'return BOOLEAN_EXPRESSION;' 2014-08-03 04:22:02 +00:00
jay
3c38c2099b If a version script is called by name (eg: '-sV --script skypev2-version'), then set version_intensity() to 9 for that script; thus guaranteeing that it will run 2014-08-03 04:16:13 +00:00
batrick
1d77f352ed Fix doc. 2014-08-03 01:19:31 +00:00
batrick
d48e21eb3e fix comment 2014-08-03 01:18:57 +00:00
batrick
5fee541da7 typo 2014-08-03 01:18:13 +00:00
batrick
4b9f1c6766 nselib stdnse.print_debug -> stdnse.debug 
Manual fixes.
 2014-08-03 01:17:09 +00:00
batrick
ee6622aea4 nselib stdnse.print_debug -> stdnse.debug 
$ f() { find -name \*.lua -exec /bin/echo sed -i "$1" {} \; ; }
$ f 's/stdnse.print_debug( *\([0-9]*\) *, */stdnse.debug\1(/'
$ f 's/stdnse.print_debug( *"\(.*\))/stdnse.debug1("\1)/'
 2014-08-03 00:56:45 +00:00
batrick
a809f52d5d level should be a number 2014-08-03 00:43:03 +00:00
batrick
1cec0a305b Run rule functions in the main loop. 
This allows usage of verbose/debug in portrule/hostrule and access to all
functionality of NSE, including sockets. So for example, we can now do:

function portrule (host, port)
  local response = http.get(host, port, "/");
  stdnse.debug1(response.body)
  ...
end

The verbose/debug function did not work in rule functions because the
introspection API (getid, gettid, etc.) only work when NSE is in the main loop.
The main loop sets the required internal variable current needed by the API.

List of changes:

stdnse.lua:

  o debug/verbose check the debugging/verbosity level much earlier to allow
    returning if nothing will be printed.

  o Simplified debug/verbose logic to handle the optional first argument
    better.

  o made debug/verbose local functions to avoid using globals and allow self
    tail calls

nse_main.lua:

  o The logic for adding threads via a rule function is simplified. So long as
    the script has the desired rule function, a thread is always returned.
    Evaluation of the rule function is done while NSE is in the main loop (i.e.
    not in script:new_thread()). The rule function only determines if the action
    function is run.

  o [Not a change:] If the action function will be run or was run then we see
    the usual "Starting X" and "Finished X" messages from NSE.

  o Use Lua 5.2's pack function instead of the slightly more expensive
    {n = select("#", ...), ...} idiom.

  o New stdnse.getinfo introspection function which is used by stdnse.debug.
 2014-08-02 21:18:08 +00:00
jay
078f3fe108 Fix a typo in nmap.cc 2014-08-02 19:35:31 +00:00
jay
70d6d637f9 Missed the COPYING file in the last commit :P 2014-08-02 19:32:53 +00:00
jay
d4cf544df6 Fix a missing bracket at the end of the IMPORTANT NMAP LICENSE TERMS part in each file 2014-08-02 19:29:50 +00:00
batrick
a19c9eb461 stdnse.print_verbose -> stdnse.verbose1 
$ sed -i 's/stdnse.print_verbose( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose\1("\2"/' *.nse
$ sed -i 's/stdnse.print_verbose( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose1("\1"/' *.nse

and some manual corrections.
 2014-08-02 18:32:26 +00:00
dmiller
9bf8974b38 Let nsock use /bin/sh instead of Bash for testing 2014-08-02 04:38:04 +00:00
dmiller
e7cd3a7f1e Fix ncat tests 
google.com can resolve to a different set of addresses each time you
resolve it, which makes the addrset tests fail. Use scanme.nmap.org
instead, since (at least for now) that has only one address assigned.
 2014-08-02 04:38:02 +00:00
batrick
59562d1c50 stdnse.print_debug -> stdnse.debug 2014-08-02 03:46:13 +00:00
batrick
4201aa8eac Fix stdnse undeclared variable warning. 
Also fixes a typo:

-function debug3 (...) return stdnse.debug(4, ...) end
+function debug4 (...) return _ENV.debug(4, ...) end
 2014-08-02 03:37:29 +00:00
batrick
91a106e7d5 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 03:15:44 +00:00
batrick
6e3bde5de5 debug6 -> debug5 2014-08-02 02:56:31 +00:00
batrick
aeb5908481 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 02:54:47 +00:00
batrick
810f7d4803 more stdnse.print_debug -> stdnse.debug 
This is a catchall pattern with a few exclusions.

$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\(.*\))/stdnse.debug\1(\2)/' *.nse
$ sed -i 's/stdnse.print_debug(\(.*\))/stdnse.debug1(\1)/' *.nse

Excluded:
$ svn revert db2-das-info.nse
$ svn revert flume-master-info.nse
$ svn revert http-headers.nse
$ svn revert http-methods.nse
$ svn revert http-unsafe-output-escaping.nse
$ svn revert http-userdir-enum.nse
$ svn revert http-vuln-cve2011-3192.nse
$ svn revert http-vuln-wnr1000-creds.nse
$ svn revert http-wordpress-plugins.nse
$ svn revert telnet-brute.nse
 2014-08-02 02:46:16 +00:00
batrick
5e9a8d0777 more stdnse.print_debug -> stdnse.debug 
This one also fixes format string bugs:

stdnse.print_debug(foo) --> stdnse.debug1("%s", foo)

$ sed -i 's/stdnse.print_debug( *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug1("%s", \1)/' *.nse
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug\1("%s", \2)/' *.nse
 2014-08-02 02:18:48 +00:00
batrick
5d4c5a659c more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:13:12 +00:00
batrick
d47acf9f5e more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:08:12 +00:00
fyodor
a763dc81a8 Updated MAC Address prefixes from IEEE data 2014-08-02 01:19:55 +00:00
batrick
536075d3af stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug("[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug1("\1"/' *.nse
$ sed -i 's/stdnse.print_debug(\([0-9]*\),\s*"[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug\1("\2"/' *.nse

Except:
  o eap-info.nse
  o oracle-brute.nse

Modified:
  o couchdb-databases.nse
  o couchdb-stats.nse
  o http-open-redirect.nse
 2014-08-01 23:04:55 +00:00
dmiller
d23c46f3ac Remove unnecessary SCRIPT_NAME from stdnse.debug calls 2014-08-01 22:00:04 +00:00
dmiller
718c83f367 Check for actually-random TLS random instead of date in ssl-date 
Patch from nnposter here: http://seclists.org/nmap-dev/2014/q3/194
 2014-08-01 21:57:04 +00:00
batrick
2a8c81c4f6 stdnse.print_debug -> stdnse.debug1 
$ sed -i 's/stdnse.print_debug("%s \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-01 21:35:56 +00:00
batrick
c94d5970ff stdnse.print_debug -> stdnse.debug1 
sed -i 's/stdnse.print_debug("%s: \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-01 21:31:04 +00:00