PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity
5,019 Commits 2 Branches 0 Tags
3f15b93e98a6905853d1271594c45b51eb669fe0
Commit Graph

855 Commits

Author SHA1 Message Date
patrik
3f15b93e98 Fixed typo in ms-sql-xp-cmdshell.cmd argument. Changed from mssql-xp-cmdshell 
to ms-sql-xp-cmdshell. [Patrik]
 2011-02-09 16:25:42 +00:00
david
31935a45d4 o [NSE] Fixed some portrules that used shortport functions incorrectly 
and always returned true in dns-zone-transfer and
  ftp-proftpd-backdoor. [Jost Krieger]
 2011-02-04 08:46:14 +00:00
david
21113fdfa9 Fix the nrpe-enum portrule. It was returning a function, thus always 
true.
 2011-02-01 21:25:46 +00:00
david
84c4899414 In snmp-interfaces.nse, move the check for the required script argument 
snmp-interfaces.host into the prerule and out of the action. Otherwise,
being default, this is the only script that runs during the prescan by
default.
 2011-02-01 18:16:28 +00:00
david
620dc0e32d splay an error when a directory listing can't be found in ftp-anon, 
instead of throwing an exception (and losing the fact that anonymous FTP
was allowed).
 2011-01-31 09:46:32 +00:00
david
f2dac38381 Gracefully handle EOF in ftp-anon.nse. 2011-01-31 09:46:31 +00:00
djalal
d1b34654b8 Fix a bug which caused some NSE scripts to fail, due to the absence of 
the NSE SCRIPT_NAME environment variable when the scripts are loaded.
Reported by Michael Pattrick.
 2011-01-30 23:31:57 +00:00
robert
d50c58dcc1 Force a match against "^PHP/" (i.e. now with a trailing forward slash) to prevent the "Version from header" from incorrectly matching against the Set-Cookie header with the value "PHPSESSID". This should match PHP/2.x onwards; I'm not sure about earlier versions of PHP as I can't find any references. 
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.

We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
 2011-01-30 11:15:48 +00:00
patrik
a139a26fd7 Fix for bug that would make Nmap fail to run when compile without SSL support. 
The wsdd library incorrectly assumed OpenSSL to always be available and the
ssh-hostkey used the undeclared SCRIPT_NAME in message when evaluating SSL
support. The bug was reported by Michael Pattrick on nmap-dev:
http://seclists.org/nmap-dev/2011/q1/312

[Patrik]
 2011-01-30 10:39:17 +00:00
david
b53b5fced0 Add a missing period to NSEDoc. 2011-01-28 17:54:49 +00:00
david
181951a2c6 Move db2-discover out of "discovery" and into "safe", like the other 
scripts that behave like it does.
 2011-01-24 07:22:07 +00:00
fyodor
2dd295a266 Minor NSEDoc summary cleanup 2011-01-21 08:28:38 +00:00
fyodor
f037a54cd7 Update Nmap version number to 5.36TEST4 in prep for the next release in a day or two and regenerate relevant files 2011-01-20 10:29:18 +00:00
patrik
7f95274f68 replaced -np with -p in usage as Linux reports the following error: 
nmap: option '-np' is ambiguous
 2011-01-18 19:41:05 +00:00
fyodor
b27c8e29d7 Apply a patch from Toni Ruottu with some small misc. improvements to the netbus-* scripts. Also I changed netbus-auth-bypass to the safe category as recommended by Toni 2011-01-15 21:28:45 +00:00
david
aef6f90991 Add gopher-ls and hddtemp-info @usage, adapted from Toni Ruotto. 2011-01-15 16:33:06 +00:00
fyodor
c0aa648851 Apply some nsedoc improvements sent in by Andrew Orr 2011-01-14 21:17:44 +00:00
fyodor
dc1f583a03 I've been putting periods at the end of these single sentence fragment descriptions for consistency, although I don't really know which way is best. When there are multiple setences in that first paragraph, we obviously need the paragraph even after an initial fragment. So I figured that we might as well include it when the fragment is all there is. But maybe when there is just one fragment, it looks better without a period. Who knows, and I guess it's not a particularly critical decision. But dns-update.nse now has a period in any case :) 2011-01-14 21:06:28 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
fyodor
b2598bc73d remove an email address so that Henri's author line for firewalk is the same as for his other new script (targets-traceroute). If he wants the email address there, we can add it to both. 2011-01-14 10:26:14 +00:00
fyodor
a84c2e4498 Did some NSEDoc cleanup on many of the 45 NSE scripts which are new since the 5.35DC1 Nmap release. Emphasis was on the first paragraph of the description, since that is shown on the front page of http://nmap.org/nsedoc and I'm planning to use that description verbatim (except for removing tags like <code>) for the CHANGELOG 2011-01-14 10:20:51 +00:00
fyodor
ed12841d70 minor NSEDoc updates 2011-01-14 06:32:16 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
303123205e Updates to gopher-ls.nse from Toni Ruotto: 
* Added gopher-ls.maxfiles script argument.
* Included file descriptions.
 2011-01-08 05:12:01 +00:00
ron
fa5725ed05 Fixed a typo in the documentation 2011-01-08 00:25:48 +00:00
robert
063e780e1f Updated the hash information to include PHP/5.2.17 (released yesterday). 2011-01-07 10:24:59 +00:00
robert
d8ddf59203 Updated the hash information to include PHP/5.3.5 (released today). 2011-01-06 15:39:35 +00:00
djalal
6f390be198 Separate NFS Export entries with newlines. 2011-01-04 20:09:43 +00:00
ron
1dadea9407 added documentation for new script-arg 2011-01-03 03:51:11 +00:00
ron
229f118fdd Added a 'category' script-arg to http-enum.nse, which lets the user filter the fingerprints they want. This was requested by a user. 2011-01-03 03:48:48 +00:00
david
a9a5869173 Normalize tab.lua usage so that a call to tab.nextrow comes after (not 
before) each group of tab.add, and there is no tab.nextrow before or
after tab.addrow. Also remove manual indenting that was accomplished by
padding the first column with spaces; this is done by
stdnse.format_output now.
 2010-12-30 21:08:25 +00:00
david
357c15a165 Remove the "cols" parameter from calls to tab.new. 2010-12-30 21:08:18 +00:00
david
1046dcab57 Patch to hddtemp-info by Toni Ruotto that keeps reading past the first 
byte if there's a delay and supports different separator characters.
 2010-12-29 22:37:20 +00:00
david
77c5cd9d9a Use ftp.read_reply in ftp-proftpd-backdoor. Also, do a read_reply after 
sending the magic shell string but before sending a shell command.
Michael Meyer reported that the script would sometimes fail to report a
backdoor; I tracked this down to the sends happening in too-close
succession. The ProFTPD process could receive both sends
("HELP ACIDBITCHEZ\r\nid;\r\n"), read the first line, and execute the
shell, but then the shell would get no input because the "id;\r\n" had
already been read.

This causes a delay up to the timeout when there is a backdoor, but it
still returns right away when there is no backdoor.
 2010-12-29 21:24:53 +00:00
david
e2f8d1f5cb Move the read_reply function out of ftp-anon.nse and into a new library 
ftp.lua.
 2010-12-29 21:24:52 +00:00
david
be20b513af Update @output of gopher-ls. 2010-12-29 18:47:17 +00:00
david
e6c8691007 Whitespace in gopher-ls.nse. 2010-12-29 18:46:20 +00:00
david
80f7754d01 Separate gopher-ls entries with newlines instead of commas. 2010-12-29 18:46:18 +00:00
david
0658e53070 Add gopher-ls.nse by Toni Ruotto. 2010-12-29 18:46:16 +00:00
robert
c2305f23a5 Added hashes for PHP 5.2.15 and 5.2.16. 2010-12-26 13:48:06 +00:00
david
87d8a793f3 Use stdnse.get_script_args for modbus-discover.aggressive. 2010-12-16 08:59:19 +00:00
david
41a81e1789 Documentation and whitespace in modbus-discover.nse. 2010-12-16 08:59:18 +00:00
david
ad40df2c9b Add modbus-discover.nse from Alexander Rudakov. 2010-12-16 08:59:16 +00:00