luis
30d25e7e1e
Merge r27956 from nmap-npingchanges: Improve code description.
2013-03-29 16:32:44 +00:00
luis
642c62e833
Merge r27995 from nmap-npingchanges: Add two missing codes. Also, re-write description so it says the same thing as Wireshark.
2013-03-29 16:30:32 +00:00
luis
afc00e36f2
Merge r27953 from nmap-npingchanges: Add support for ARP Request/Reply packet matching
2013-03-29 16:27:01 +00:00
luis
d5fe922084
Merged r27646 from nmap-npingchages: Add function to determine the tranport layer protocol in a chain of PacketElements
2013-03-29 13:46:14 +00:00
luis
62199a4666
Merged r27540 from nmap-npingchages: Fix bug: convert to u32 after fixing the endianness.
2013-03-29 13:42:41 +00:00
luis
b534fd83a1
Merged r27539 from nmap-npingchages: Implement print() in ICMPv6Header
2013-03-29 13:41:28 +00:00
luis
9fd48a1ea4
Merged r27297 from nmap-npingchages: Implement the print() method for IPv6 headers
2013-03-29 13:32:02 +00:00
luis
2fa6124a79
Merged r27296 from nmap-npingchages: Add some missing code to support ICMP domain name requests
2013-03-29 13:31:04 +00:00
luis
ac64c953ab
Merge r27177-180 from nmap-npingchanges: Minor typo and style fixes in -h output
2013-03-29 13:14:18 +00:00
luis
686322d1bd
Merged r27162 from nmap-npingchanges: Remove some unused code
2013-03-29 13:01:29 +00:00
luis
84c31d5237
Merge r27120,27121,27123,27124,27125 from nmap-npingchanges. Minor style and typo fixes.
2013-03-29 12:51:50 +00:00
luis
f64b3fafe8
Merge r27122 from nmap-npingchanges: Changed names for output funtions. outPrint() -> nping_print(); outFatal() -> nping_fatal() ; outError() -> nping_warning(). This change is completely irrelevant but I personally hate the names I chose the first time and I thought I'd change them to something better.
2013-03-29 12:44:51 +00:00
kris
5c9a2b54ce
Update script.db
2013-03-28 22:26:31 +00:00
dmiller
11d34ec9b4
Changelog entry for time-exceeded port reason
2013-03-28 21:11:46 +00:00
dmiller
43f5db6ce4
Handle ICMP Time Exceeded messages in scan engine
...
DiabloHorn on #nmap noticed that Nmap was ignoring ICMP Time Exceeded
messages while trying to map firewall rules using --ttl.
get_pcap_result() was handling ICMP type 3 (Destination Unreachable),
but not type 11 (Time Exceeded). Now ports that elicit this response
will be marked filtered (to be consistent with existing Connect scan
behavior) and will report time-exceeded from (IP) for the reason.
This was not a common issue, since host discovery already accounted for
it. Port scans would only be affected when skipping host discovery.
2013-03-28 21:11:45 +00:00
dmiller
97c5aa0f0c
Return nil, not false, from firewall-bypass.nse
2013-03-28 21:07:08 +00:00
fyodor
beb0886776
Some ideas from Nmap GSoC 2013 IRC meeting
2013-03-24 07:45:34 +00:00
david
ea7462eb84
Dynamic CONCURRENCY_LIMIT todo.
2013-03-22 15:34:50 +00:00
patrik
1605b0d219
add CHANGELOG entry for changes in broadcast-listener
2013-03-16 03:18:38 +00:00
patrik
56ef8fad06
fix flipped ip in BROWSER decoder
2013-03-16 03:18:35 +00:00
patrik
429b030c3d
add BROWSER protocol support
2013-03-16 03:18:32 +00:00
patrik
b6492f96af
add LLMNR support and cleaned up some result output
2013-03-16 03:18:28 +00:00
patrik
675000afe8
change debug level for missing decoders, more indent cleanup
2013-03-16 03:18:24 +00:00
patrik
560c97923b
refactor MDNS code and add ipv6 to Generic table
2013-03-16 03:18:21 +00:00
patrik
bf24a53487
split Netbios up in Queries and Registrations
2013-03-16 03:18:18 +00:00
patrik
66335c6902
add support for decoding MacBooks from DDNS, support for DHCPv6 and CUPS
2013-03-16 03:18:15 +00:00
patrik
4ecb3e55d8
add support to parse and decode fqdn option
2013-03-16 03:18:11 +00:00
patrik
ddbc5d7297
indentation cleanup
2013-03-16 03:18:07 +00:00
tomsellers
44b7f59523
Add match line for IneoQuest Video Diagnostic device/software HTTP server
2013-03-09 20:56:32 +00:00
david
39687a80b1
Set source and destination interfaces as rtattrs.
...
Scans using the -e option could use the correct interface but the wrong
source address.
Thanks to Taburiss S for the report and John Bond for help debugging.
http://seclists.org/nmap-dev/2013/q1/269
http://seclists.org/nmap-dev/2013/q1/327
2013-03-08 05:35:07 +00:00
david
96d9d6fc51
Fix some socket leaks in get_srcaddr.
2013-03-08 05:35:05 +00:00
tomsellers
6efffce8a9
Address an false positive issue caused http-git interacting with HTTP servers that report 200 OK to all requests.
2013-03-07 02:05:23 +00:00
dmiller
7a7bd78468
Changelog entry for timespec script-args
2013-03-06 15:20:51 +00:00
dmiller
8d28811522
Update scripts with millisecond timeouts to timespec
...
Similar changes to r30653, but may break compatibility with people using
integer millisecond values, which are now treated as number of seconds.
To get same behavior, use ms after number, e.g. 5000 becomes 5000ms or
5s
2013-03-06 15:14:20 +00:00
dmiller
ab098ef4d2
Don't crash on stdnse.parse_timespec(nil)
2013-03-06 04:36:09 +00:00
tomsellers
9cfdb23f75
Adjustment to Cisco ASA match line to make it match a broader range of versions when scanning the port 80 redirect to https
2013-03-06 03:14:32 +00:00
dmiller
f42dde7ba2
Document some undocumented script-args
2013-03-05 22:31:39 +00:00
dmiller
fdb0f775e2
Update timeout script-args to use standard timespec
...
Many scripts were documented as using timespecs (10s, 5000ms, etc) for
timeout script-args, but one 1 or 2 actually did. Now all timeout
script-args will accept timespecs, except those which took a number of
milliseconds, which remain unchanged.
Also fixed some documentation issues (missing script name in arg
description, missing nsedoc for args, etc)
2013-03-05 21:34:25 +00:00
david
3150d2fff6
Don't set_port_version just from a 200 response.
...
Require a more positive page body match before doing that.
http://seclists.org/nmap-dev/2013/q1/304
2013-03-05 21:20:45 +00:00
david
5edcec7a9a
Make flume-master-info output nothing if it finds no page matches.
2013-03-05 21:20:44 +00:00
david
1493e74f63
Add missing set_port_version.
...
These scripts changed the port table but did not commit the changes with
set_port_version.
2013-03-05 21:20:37 +00:00
david
6d83daa08c
Check if an interface is known to pcap before adding its name servers.
...
Kenneth Frazier reported that sometimes Nmap would use name servers from
inactive interfaces. Let's try checking the interface GUIDs against
those known by libpcap.
http://seclists.org/nmap-dev/2013/q1/292
2013-03-05 06:14:02 +00:00
dmiller
6cb76e801f
Fix timeout handling for broadcast-listener
...
Documentation says broadcast-listener.timeout takes a time spec (s, m,
h), but it only took seconds. Now it obeys its own documentation.
2013-03-04 22:16:42 +00:00
dmiller
76307e992b
Add payload, probe, and matchline for svrloc
...
Service Location Protocol version 2 specified by RFC 2608. Partially
implemented by srvloc.lua library. Probe checks for
service:service-agent, which should be implemented by all Service Agents
(servers). Match line only matches version 2, since I don't have any
other versions to test. Expect we will get more service fingerprints to
clarify.
2013-03-04 19:06:53 +00:00
david
6afc8bf728
Put an initializer in the loop control.
2013-03-03 05:51:59 +00:00
david
28604535c4
Hardcode constant "CurrentControlSet" parameter.
...
I don't find anywhere in the history where this value has ever varied.
This is an old post from Doug where he mentions possibly different
values, but they appear to have been unused.
http://seclists.org/nmap-dev/2006/q1/147
2013-03-03 03:06:42 +00:00
tomsellers
5a54ce293b
Correct a copy error in a recently added match line at 5931
2013-03-02 14:24:48 +00:00
david
e408faae10
Fix signed/unsigned confusion in subprocess_thread_func.
...
Andrey Olkhin found that a test was always true because of the
signedness of a type.
http://seclists.org/nmap-dev/2013/q1/210
2013-03-02 08:32:28 +00:00
david
c3d079a584
Namespace subprocess pipes by PID.
...
Patch by Andrey Olkhin.
http://seclists.org/nmap-dev/2013/q1/210
2013-03-02 07:34:49 +00:00
david
c46ae4bc20
Reindent http-favicon.
2013-03-02 01:09:59 +00:00
