PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-02 19:49:11 +00:00
Code Issues Projects Releases Wiki Activity
3,236 Commits 2 Branches 0 Tags
3bce03ad8dad4ce85dfad1095cb8a14a55eee451
Commit Graph

3236 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
bmenrigh
3bce03ad8d This commit adds a new routine to nbase_rnd.c that generates 32bit 
numbers in a collision-free way for a full 2^32 cycle.  This allows
Nmap to generate random IPs with -iR that don't have duplicates.

See:
http://seclists.org/nmap-dev/2009/q3/0695.html

How this is done is documented in the code.
 2009-09-02 02:03:22 +00:00
fyodor
e88a1d2b83 changes from discussion w/David 2009-09-01 21:31:32 +00:00
ron
4564ed7503 Added '400' as a potential 404 page. Ran into this while scanning a Fortigate device. 2009-09-01 19:23:17 +00:00
ron
4dea760d93 Added in a link we originally removed (but shouldn't have) 2009-09-01 16:30:58 +00:00
ron
c792776a7c Added signature for BeEF (Browser Exploitation Framework) 2009-09-01 16:22:27 +00:00
david
6a25f40b64 Use a temporary file when setting the version number in ncat.h to work 
around NetBSD sed that doesn't have the -i option.
 2009-09-01 15:44:55 +00:00
david
8686ca7c06 Remove redundant "Favicon" from the end of some favicon-db entries. 
Uncapitalize "Favicon" in some others.
 2009-08-31 23:52:11 +00:00
david
da8903dad9 Remove some verbosity in the output of http-favicon.nse. There's no need 
to say "Found favicon from". Only print out the digest of an
unrecognized icon with some verbosity.
 2009-08-31 23:42:42 +00:00
david
972533bca9 Install the nselib/data directory on "make install". For some reason 
this has been overlooked, and scripts that need data files would not
work after installation.
 2009-08-31 23:26:17 +00:00
david
1cdf49547c Have http-favicon.nse look for favicon-db in nselib/data like the other 
scripts look for their data files.
 2009-08-31 23:22:06 +00:00
david
e53657b4c8 Move favicon-db into nselib/scripts. 2009-08-31 23:21:26 +00:00
david
d99e5ec7ea Cast struct ifconf.ifc_buf to (char *) to fix a compiler error on 
NetBSD, where that member has type void *. Jay Fink reported the
problem.
 2009-08-31 18:55:57 +00:00
batrick
68a9147b69 [NSE] Fixed some bugs in the vhosts patch applied in 15342: 
o Stack indices for the 'ip' and 'targetname' strings were wrong.
  o Moved the lightuserdatum check right before done so a nil can't slip
    through.
 2009-08-29 20:21:58 +00:00
ron
46d95b5913 Added a 'path' argument to http-enum.nse. Also added the ability to give an array of fingerprints files or an array of paths to search 2009-08-29 15:34:09 +00:00
david
c7abca3a2e Make the checking of argument counts and types for the $P and $SUBST 
substitutions more explicit. Formerly the number of arguments was
checked implicitly by checking their type (that they had a specific type
and were not SUBSTARGS_ARGTYPE_NONE), but this makes it clearer.
 2009-08-29 15:21:52 +00:00
ron
5136ad0668 Fixed a NSEDoc comment on http-header.nse 2009-08-29 14:46:57 +00:00
david
32db650a4b Add some more comments to substvar in service_scan.cc. 2009-08-29 14:35:50 +00:00
batrick
325a5231a5 Fixed a compiler error I introduced in 15357. 2009-08-29 06:03:04 +00:00
batrick
d788c5e3be Added function comments for the C NSE API. The comments include changes made on 
the stack similar to Lua's C API.
 2009-08-29 05:42:09 +00:00
david
8605f18da4 Normalize indentation and whitespace in tcpip.cc with 
indent -kr -i2 -nut -brf tcpip.cc
followed by manual adjustment.
 2009-08-29 02:44:00 +00:00
david
cd5010893e Adapt part of the code I missed in r15354; the code for an address mask 
request did take into the account the size of the u32 in pointer
arithmetic, so it had to be changed with the change to u8.
 2009-08-29 01:50:31 +00:00
david
02c9cf42f7 Fix some pointer arithmetic in build_icmp_raw. There were two bugs. The 
first is a pointer was kept to the beginning of the packet payload, and
it was increased based on the varying size of the ICMP header. But its
type was pointer to u32 instead of pointer to u8, so the expression
datastart += 12 actually increased the pointer by 48 bytes, leaving
garbage in the first 36 bytes of the payload and making it possible for
the buffer to overflow. The second was that the remaining space left in
the buffer was not decreased when the datastart was increased, again
making it possible to overflow. I got a reliable segmentation fault with
the command
nmap -PP 1.2.3.4 --data-length 1480
 2009-08-29 01:45:28 +00:00
batrick
3c14c0d7b1 [NSE] Added 
nse_gettarget (lua_State *L, int index);
to replace the current_hosts static variable shared between nse_main.cc
and nse_nmaplib.cc. This improves locality and offers a clearer interface.
 2009-08-29 01:24:29 +00:00
batrick
9044a42c6b Fixed a format specifier warning (expected "long unsigned int"). 2009-08-29 01:14:33 +00:00
david
c7fccb4d0c Implement the proposed changes from docs/device-types.txt to being the 
device types in nmap-os-db and nmap-service-probes in line with that
document.
 2009-08-28 23:52:41 +00:00
joao
6375cf3759 Added argument related comments 2009-08-28 22:46:09 +00:00
joao
ec6be741b4 Added extra description to some invalid favicons 2009-08-28 22:40:03 +00:00
joao
5457ecf54e Fixing some indentation. 2009-08-28 22:26:56 +00:00
joao
9789a1c6a4 Adding http-favicon script. Also adding the script database with the 50 very common favicons. 
Updated script.db
 2009-08-28 22:22:14 +00:00
batrick
e807b92459 [NSE] Scripts are able to access hosts from a previous host group which were scanned 
and freed. This is unintended and may cause a segfault. We fix this by replacing
the current_hosts table with a new empty table when scanning a new host group.
See [1] for more information.

[1] http://seclists.org/nmap-dev/2009/q3/0782.html
 2009-08-28 21:01:29 +00:00
fyodor
5fdea68d09 Add DNS-based service discovery script idea 2009-08-28 07:49:58 +00:00
batrick
b61ed83e14 [NSE] Patch to allow virtual hosts (specified by name on the command line) 
which resolve to the same IP to have script output placed under the correct
(virtual) host.  Previously, all script output would be "randomly but
deterministically" placed under one of these hosts.  Other problems include
having port information changed for only one of the virtual hosts.
 2009-08-28 02:48:56 +00:00
fyodor
f54bb442c4 fix a typo in a comment 2009-08-27 21:45:05 +00:00
ron
37507349a3 Changed 'pairs' to 'ipairs' when looping through the header (thanks to Patrick for pointing this out) 2009-08-27 21:35:52 +00:00
david
ceb10ffe29 Add an extra blank line to nmap-service-probes for uniformity. 2009-08-27 20:43:09 +00:00
david
f6d8d8b290 Add an HP Printer Job Language version probe from Brandon Enright. It is 
inactive at the moment because its ports 9100-9107 are in the default
Exclude list. (In fact, they are the default exclude list.) Users will
have to comment out the Exclude line to test these.
 2009-08-27 20:37:15 +00:00
ron
7da313e8ac Added the status code to the rawheaders as well (so it's displayed in http-headers.nse). Also updated the @output in the nsedoc. 2009-08-27 15:47:10 +00:00
ron
62dedb9dc1 Added a 'path' script-arg to http-headers.nse. Changed it to use 'HEAD' by default, and fail to using 'GET' the same way other scripts do (also added a 'useget' script-arg to turn it off). Also fixed some print_debugs in http.lua that were prefixed with 'http-enum.nse:'. 2009-08-27 15:39:17 +00:00
ron
fc2b575fba Added 'rawheader' when parsing http requests. It saves the header fields, in order, preserving the case. Change http-headers.nse to read this instead of the processed headers. 2009-08-27 15:24:09 +00:00
david
d254c85b42 Fix XML traceroute output. I accidentally left in one part of the old 
stateful TraceProbes design, which was otherwise removed in r15197.
 2009-08-26 23:49:20 +00:00
ron
8a8ae22532 Fixing a fingerprint 2009-08-26 22:10:21 +00:00
ron
1ac3ea773b Adding a new fingerprint after finding a /backup.sql file in a test 2009-08-26 21:10:02 +00:00
david
7d6d5ada0b o [Zenmap] If you have any hosts or services selected, they will 
remain selected after aggregating another scan or running a filter
  (as long as they are still up and visible). Before the selection was
  lost whenever the scan inventory was changed.
 2009-08-26 20:10:14 +00:00
ron
46711fa004 Fixed a big in the http library that cropped up while scanning multiple hosts at the same ip address. The reason this occurred is because the result would be cached based on the ip address, not the target name, so different vhosts on the same ip address would be considered the same by the cache. 2009-08-26 16:01:00 +00:00
fyodor
48035974b0 2009-08-26 07:01:46 +00:00
ron
5da8f8199e Added http-headers.nse script to database 2009-08-26 00:23:26 +00:00
ron
91518a5222 Added a script-arg to http-enum.nse allowing the user to give a custom fingerprint file. Also changed script to use straight nmap.fetchfile(filename) then to use nmap.fetchfile('nselib/data/' .. filename) to find the fingerprints file, which lets a user give his fingerprints file in the current folder. 
It might be better to give priority the other way, though, I'm not really sure.
 2009-08-25 23:55:05 +00:00
ron
c1d48010a1 Added caching for the HTTP fingerprint files. It mimics similar code from http-usedir-enum.nse, storing the fingerprints in the registry and checking if it exists before reading them. 2009-08-25 23:45:48 +00:00
ron
0ed14b10b1 Added a script designed to display HTTP headers. 2009-08-25 23:36:49 +00:00
fyodor
58d8401b7c changes from chat w/David 2009-08-25 22:09:49 +00:00