PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-31 11:59:03 +00:00
Code Issues Projects Releases Wiki Activity
5,019 Commits 2 Branches 0 Tags
3f15b93e98a6905853d1271594c45b51eb669fe0
Commit Graph

5019 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
008a43e7e0 User shortport.version_port_or_service instead of just 
shortport.port_or_service in netbus-version.nse.
 2010-12-13 18:00:07 +00:00
david
573088f99c Change categories of netbus-auth-bypass from {"default", "vuln", "safe"} 
to {"auth", "intrusive", "vuln"}. The first categories are the same as
in realvnc-auth-bypass, which would seems to be a very similar script,
but netbus-auth-bypass can have the additional side effect of breaking
future authentication attempts for all users, which is solidly
intrusive.
 2010-12-13 18:00:06 +00:00
david
d6a89a6674 Fix capitalization of NetBuster. 2010-12-13 18:00:04 +00:00
david
90a2819a04 o [NSE] Added scripts by Toni Ruotto communicating with the NetBus 
remote administration/backdoor program.
  - netbus-info: gets configuration information.
  - netbus-brute: guesses passwords.
  - netbus-version: distinguishes NetBus from NetBuster, a program
    that mimics the protocol but doesn't actually allow any
    operations.
  - netbus-auth-bypass: Checks for a bug in the server that allows
    connecting without a password.
 2010-12-13 18:00:02 +00:00
david
a7e80b4cf3 Update script.db. 2010-12-13 17:30:08 +00:00
david
ccd901f918 Put realvnc-auth-bypass.nse in "auth" category. 2010-12-13 17:30:06 +00:00
ron
3ded2339e8 Fixed an issue in script dependencies that caused the later scripts to begin without waiting for the earlier scripts to finish. Patch written by Patrick Donneley. 2010-12-13 16:22:14 +00:00
david
00652cb231 o [NSE] Added stuxnet-detect.nse by Mak Kolybabi, which detects 
infections of the Stuxnet worm and can optionally download the
  Stuxnet executable.
 2010-12-12 22:40:42 +00:00
david
a9e4947411 Make msrpc.call_function a public function. stuxnet-detect.nse is about 
to need this, and Dražen had to do it too while he was working on the
NDR library.
 2010-12-12 22:40:41 +00:00
patrik
b484d08cfa Merged Martin Swende's patch to domino-enum-passwords that splits output 
based on different hash types.
 2010-12-11 06:47:49 +00:00
david
d93415029f Add a few more OS fingerprints from someone who got back to me. 2010-12-11 00:11:11 +00:00
patrik
46cdf28fce o [NSE] Added a new iSCSI library and the two scripts iscsi-info and 
iscsi-brute. [Patrik]
 2010-12-10 23:20:59 +00:00
david
f45c1c3968 83 OS corrections. 2010-12-10 23:19:40 +00:00
patrik
38a21c4d17 o [NSE] Add new script broadcast-ms-sql-discover and removed broadcast 
support from ms-sql-info. [Patrik]
 2010-12-10 23:12:27 +00:00
david
f422529759 Last 152 OS submissions. 2010-12-10 22:09:29 +00:00
david
dd0b80c3ef 200 OS submissions. 2010-12-10 20:14:04 +00:00
robert
eedd069c9e Added the new hash for PHP 5.3.4 credits and extended the elephant logo hash to include this new version. 2010-12-10 12:14:25 +00:00
david
7133bc1e38 200 OS submissions. 2010-12-10 01:55:38 +00:00
david
cc31b38861 200 OS submissions. 2010-12-10 00:03:12 +00:00
david
756e6e8e8c 200 OS submissions. 2010-12-08 23:04:00 +00:00
david
6c62fe9e0f 200 OS submissions. 2010-12-08 23:03:57 +00:00
batrick
47e6012b15 remove old commented code 2010-12-08 14:19:08 +00:00
batrick
86993d74d5 Use better construction for iterating lines. 2010-12-08 14:18:45 +00:00
batrick
bfa052c2f3 Changed (commented) debug statements to use stdnse.print_debug instead of 
io.write.
 2010-12-08 14:17:11 +00:00
batrick
47e3a20aa8 use better construction to iterate lines of a file 2010-12-08 14:11:48 +00:00
batrick
6fb600782f Don't use io.write to print error information. 2010-12-08 14:08:35 +00:00
fyodor
e9697cb936 Remove an excess space in output 2010-12-08 08:02:22 +00:00
david
44c37eb3d2 200 OS submissions. 2010-12-08 06:49:09 +00:00
david
92d4f185a3 200 OS submissions. 2010-12-08 06:49:05 +00:00
david
528681c04a Take out "other" in "X other hosts had status Y" in http-vhosts.nse. It 
looks funny when it's the only line and I think it still looks fine this
way when there are multiple lines.
 2010-12-08 00:54:46 +00:00
david
e947e5dedf Patch to http-vhosts.nse from Carlos Pantelides: collapse multiple 
responses bearing the same code into one line.
 2010-12-08 00:54:45 +00:00
david
722fd3a89a Fix script argument name. ftp-proftpd-backdoor.cmd 
instead of ftp-proftp-backdoor.cmd.
 2010-12-07 22:44:06 +00:00
david
4744f6b747 Patch from Mak Kolybabi: let ftp-proftpd-backdoor bail out early if 
version detection has been done and doesn't show a potentially
backdoored version. Also update strings to match the new script name.
 2010-12-07 22:44:04 +00:00
david
3f35888405 Fix a service match line on information from Corey Quinn. I found the 
"Connection too fast, throttled" message in the source code of ratbox,
charybdis, and ircd-seven, but not Unreal ircd.
 2010-12-07 22:36:50 +00:00
david
2c16870941 100 OS submissions. 2010-12-07 07:51:33 +00:00
david
adc460fc22 o [NSE] Added the ftp-proftpd-backdoor.nse script by mak Kolybabi, 
which checks for a backdoor in ProFTPD 1.3.3c.
 2010-12-07 00:22:01 +00:00
david
ee0cca5f07 200 OS submissions. 2010-12-07 00:13:11 +00:00
david
f8530814ab o [NSE] Added http-vhosts.nse from Carlos Pantelides. This script 
brute-forces virtual hosts by sending different Host headers to the
  same server.
 2010-12-06 05:19:35 +00:00
kris
39ac0e4eda relatively large ip_is_reserved() update: 5/8, 23/8, 37/8 and 100/8 allocated 2010-12-04 00:16:38 +00:00
david
c822f62d84 Typo fix. 2010-12-03 21:29:59 +00:00
david
bc55d41b9a Add a comment explaining why we can unconditionally set the id and seq 
fields in build_icmp_raw, even though not all ICMP types have them. All
the types handled by the function do have them, and in the same place.
 2010-12-02 22:46:56 +00:00
fyodor
c1daed771c Some changes from chat w/David 2010-11-30 22:43:47 +00:00
robert
e43a866bea Tweaked the versions slightly (removed 4.3.1 from the bunny hash as it looks wrong and hasn't been corroborated), based on 0php.com data. 2010-11-30 09:25:04 +00:00
david
b8346c1d82 o [Ncat] Ncat now uses case-insensitive string comparison when 
checking authentication schemes and parameters. Florian Roth found a
  server offering "BASIC" instead of "Basic", and the HTTP RFC
  requires case-insensitive comparisons in most places. [David]
 2010-11-30 09:06:28 +00:00
fyodor
6c62ce69e8 note some of the information obtained from hddtemp service 2010-11-30 01:56:39 +00:00
batrick
03c7e9d00e Have stdnse.make_buffer read chunks instead of lines [1] so we do not implicitly 
buffer based on the presence of new lines.

[1] http://seclists.org/nmap-dev/2010/q4/554
 2010-11-29 22:51:51 +00:00
david
33f3645ecd Don't define HAVE_SYS_SOCKET_H in dnet_winconfig.h. That it was wrongly 
defined was noticed by Gisle Vanem. It makes no difference because this
macro isn't used in any source files for Windows (or any platform).
 2010-11-29 20:30:52 +00:00
david
77a4235fc4 Fixes to firewalk.nse from Henri Doreau: "The first one was due to my 
ignorance that the first index of lua arrays is 1 (and not 0). Because
of that, I was setting a too high ttl value when retrieving it from
traceroute results. The second one was a syntax error on a
nmap.log_write() call."
 2010-11-29 19:16:49 +00:00
david
f8b17ae441 o [NSE] Added the hddtemp-info script from Toni Ruotto, which gets 
hard drive temperatures from the hddtemp service.
 2010-11-29 19:00:11 +00:00
robert
a92eacec1d Added all missing PHP 5.x hashes and tidied up the output (grouped ranges and made it consistently use a dash). 
Hashes are now arranged in order, to make it easier to find manually.

For a list of all the PHP 5 hashes I generated see: http://seclists.org/nmap-dev/2010/q4/518
 2010-11-27 11:21:36 +00:00