PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 07:29:01 +00:00
Code Issues Projects Releases Wiki Activity
4,197 Commits 2 Branches 0 Tags
32c8ee9f1f74b5583dc69473d0ff895cf020d0d0
Commit Graph

633 Commits

Author SHA1 Message Date
david
32c8ee9f1f Fix some NSEDoc. 2010-06-24 17:01:55 +00:00
david
acb92d0494 Add Gutek's modifications to http-passwd.nse that enable it to check for 
boot.ini.
 2010-06-23 02:29:24 +00:00
david
5b4e171444 o [NSE] Added ftp-libopie.nse by Gutek. This script checks for an 
off-by-one stack overflow vulnerability in libopie by giving the FTP
  service an overlong name. See
  http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc for
  details.
 2010-06-21 20:25:11 +00:00
david
c50c7a2c0b o Added http-php-version.nse from Gutek. This script retrieves 
version-specific pages through a couple of magic PHP queries, which
  can identify the PHP version even when a server doesn't advertise
  it.
 2010-06-18 22:12:17 +00:00
patrik
b6744a3b6c Fixes crash when attempting to sort services that have no port. 2010-06-15 18:18:09 +00:00
fyodor
fabe05eae6 Change the term 'stolen from' in comments to 'inspired by', which sounds a little less felonious :) 2010-06-15 08:05:28 +00:00
fyodor
1428a1644b We generally put scripts in either safe or intrusive categories, but not both. So I removed intrusive. I also added discovery, as that seems to fit the ssh-hostkey script 2010-06-15 07:49:45 +00:00
drazen
124b4ef13c Merge from /nmap-exp/drazen/nmap-msrpc. This adds checks for MS06-025 and MS07-029 to smb-check-vulns.nse. 2010-06-14 18:42:54 +00:00
drazen
88a1653d72 Revert r18104. This was a broken merge that still had conflict markers. 2010-06-14 17:32:22 +00:00
drazen
79c14d935c Merged smb-check-vulns from my branch to trunk. 2010-06-14 17:03:15 +00:00
drazen
a99aa3b53b Added a check for the MS07-029 vulnerability within "smb-check-vulns". 
Made some small changes to the function descriptions.
 2010-06-13 02:55:26 +00:00
djalal
2ad517622b Add the nfs-ls script entry to the script.db 2010-06-12 23:53:20 +00:00
djalal
921f052f0b Merge r17766:18060 from /nmap-exp/djalal/nselib and nmap-exp/djalal/scripts contains new scripts nfs-ls.nse and lot of new code to the rpc.lua library to check files type and attributes to marshall/unmarshall file attributes and some new high level functions to manipulate NFS objects. 2010-06-12 23:45:59 +00:00
drazen
48ead20324 Added a NOTUP notification if the target service is down (not started). 2010-06-12 22:13:30 +00:00
drazen
0f4d199b1e Fixed a simple bad gameplay in which I attempt to close 
an already closed SMB session.
 2010-06-12 21:45:16 +00:00
drazen
62c2d97f93 MS06-025: 
-- Finished, tested and merged into smb-check-vulns
	-- msrpc.lua contains the code required to interface with the RASRPC interface
 2010-06-12 19:32:50 +00:00
david
e4162e6771 o [NSE] Added dns-cache-snoop.nse by Eugene Alexeev. This script does 
cache snooping by either sending non-recursive queries or by measuring
  response times.
 2010-06-12 02:25:44 +00:00
fyodor
35a28ea343 canonicalize some license text that differed in whitespace or quote character or line-ending or (in a couple cases) the slightly older wording 2010-06-11 06:54:56 +00:00
fyodor
3ceb44b4f7 Moved some information from the license field of these two scripts to the description field. I felt this was a better place since the URL leads to a description of the service rather than license information 2010-06-11 06:49:15 +00:00
fyodor
46a819b034 changed a URL to use %28 and %29 rather than ( and ) to fix an nsedoc parsing issue noted by Jason DePriest 2010-06-10 05:36:39 +00:00
robert
565d6a524d Improved anonymous ftp detection. Now supports ACCT and has improved parsing of server responses. 2010-06-05 12:37:39 +00:00
kris
3a0aa06db1 Fix a bug in qscan.nse which kept a confidence level of 0.9995 from working; 
Marcin Hoffmann reported the problem.
 2010-06-05 00:46:48 +00:00
jah
722f10670a Some improvements based on a review by David: comments, less convoluted code and 
a silly mistake. Also removed some length checks for Mode 7 implementation 2
data which are no longer used.
 2010-06-04 10:05:32 +00:00
jah
cb879a313f Update script.db with added ntp-monlist.nse 2010-06-03 12:37:05 +00:00
jah
5bdc8cda93 ntp-monlist discovers NTP server, peer and client hosts associated with a 
scanned target by sending NTPv2 Private Mode 'monitor' and 'peers' commands to
the target.
 2010-06-03 12:14:15 +00:00
patrik
e411e35fc6 Fixed a bug that would prevent the rpcinfo script from returning any results 
if the rpc program could not be matched to a name.
 2010-06-01 14:09:58 +00:00
fyodor
fb943a04f6 Move some script description text out of the script output section and into the user summary 2010-05-24 03:21:49 +00:00
jah
e307ee691e IANA have moved the IPv4 and IPv6 assignments tables and slightly altered their 
content.
 2010-05-20 19:17:43 +00:00
patrik
b830a036ad o [NSE] Add new DB2 library and two scripts 
- db2-brute.nse uses the unpwdb library to guess credentials for DB2
  - db2-info.nse re-write of Tom Sellers script to use the new library
  [Patrik]
 2010-05-18 21:11:38 +00:00
david
ee5b14967b Set the port state open when dns-resursion.nse gets a response. This 
patch was sent by Olivier Médoc.
 2010-05-03 15:20:25 +00:00
david
52400c1f88 Normalize indentation in dns-recursion.nse. 2010-05-03 15:16:10 +00:00
david
5291f8586d Updates to smtp-commands.nse from Jason DePriest. 
o [NSE] Improved smtp-commands.nse to work against more mail servers,
  made it take an smtp-commands.domain script argument, and rewrote it
  in the style of other smtp scripts. [Jason DePriest]
 2010-04-29 16:42:11 +00:00
robert
fafbf5c704 Removed a duplicate require for stdnse. 2010-04-25 17:35:54 +00:00
patrik
71ca5cceba o [NSE] Improved error handling and reporting and re-designed communication 
class in RPC library with patch from Djalal Harouni. [Patrik]
 2010-04-22 20:25:38 +00:00
ron
cb60803ad1 Fixed a couple bugs in the smb-* scripts involving undeclared variables. These only cropped up if the guest/anonymous accounts were disabled, which I'd never seen before. 2010-04-18 13:43:27 +00:00
david
3915ed94e4 Remove explicit timelimit checking from ms-sql-brute, pgsql-brute, 
mysql-brute, ldap-brute, and afp-brute. The unpwdb library does this
automatically now.
 2010-04-16 02:11:12 +00:00
david
a6e014d42e Change these script arguments to use stdnse.parse_timespec: 
qscan.delay
dns-fuzz.timelimit
mssql.timelimit
A side effect is that the default units for qscan.delay are seconds, not
milliseconds. 0 is now the magic value to disable the time limit in
dns-fuzz.
 2010-04-13 23:09:23 +00:00
kris
f51f1b0154 Add "username" and "password" script args to ftp-bounce.nse 
It has scoped args in the straight form of "ftp-bounce.<arg>" which is
apparently how this works now (at least what other scripts seem to use) instead
of using actual subtables like in http://seclists.org/nmap-dev/2008/q2/567
 2010-04-13 05:13:49 +00:00
david
a34a91f9c5 Add an @output section to auth-spoof.nse contributed by Brandon Enright. 2010-04-13 02:36:56 +00:00
david
22d8aec1ef Add additional @output examples to ftp-bounce.nse, contributed by Gutek. 2010-04-13 02:35:20 +00:00
patrik
bd5e91ffcc o [NSE] Added sorting on port number to dns-service-discovery script. [Patrik] 2010-04-12 10:43:06 +00:00
patrik
112f8f5340 o [NSE] Added snmpWalk function to SNMP library and updated scripts to use it 
[Patrik]
 2010-04-12 10:30:24 +00:00
david
8a26459cfd Add @output sections for http-passwd, db2-info, db2-das-info, and 
pptp-version.
 2010-04-08 19:44:20 +00:00
david
d183a334a2 Add or fix @output sections in ms-sql-config, oracle-sid-brute, 
iax2-version, pop3-brute, and skypev2-version.
 2010-04-08 06:09:39 +00:00
ron
ab654ecc34 Fixed a bug in dhcp-discover -- the read_boolean() function appears to never have worked, but I didn't run into anything that returned a boolean value until Brandon tried running it. It now handles booleans properly, along with a lot of extra debug output (especially on -d2 and higher) 2010-04-07 21:47:22 +00:00
ron
398ecbcb62 Improved error handling (and messages) on dhcp-discover.nse. Hoping to track down a problem reported to me by Brandon Enright. 2010-04-07 21:03:51 +00:00
david
4332937a74 Fix typo. 2010-04-07 14:35:31 +00:00
david
db2a7826ab Fix NSEDoc comments in ms-sql-config and ms-sql-query. They need three 
dashes.
 2010-04-06 21:42:17 +00:00
david
3b34c84de7 Add dns-fuzz script from Michael Pattrick. 2010-04-04 13:41:32 +00:00
patrik
1d26975ede o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new 
scripts are:
  - ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL
  - ms-sql-config retrieves various configuration details from the server		
  - ms-sql-empty-password checks if the sa account has an empty password
  - ms-sql-hasdbaccess lists database access per user
  - ms-sql-query add support for running custom queries against the database
  - ms-sql-tables lists databases, tables, columns and datatypes with optional
    keyword filtering
  - ms-sql-xp-cmdshell adds support for OS command execution to privileged
    users
  [Patrik]
 2010-04-04 10:11:54 +00:00