PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 07:29:01 +00:00
Code Issues Projects Releases Wiki Activity
4,860 Commits 2 Branches 0 Tags
43d1a0516b639f48e79232616c5b3eeeb37a9d1c
Commit Graph

4860 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
aef511d890 o [Nsock] Added a new function, nsi_set_hostname, to set the intended 
hostname of the target. This allows the use of Server Name
  Indication in SSL connections. This was suggested by Nuno Goncalves.
 2010-08-13 21:35:20 +00:00
ron
39318fd843 Fixed the same small bug in smbv2-enabled.nse (was still using the wrong variable for an error message) 2010-08-13 20:39:20 +00:00
ron
af5d750a34 Fixed a small bug in smbv2-enabled.nse (was using the wrong variable for an error message) 2010-08-13 20:35:22 +00:00
fyodor
1ea691c4e3 regen man pages (there were some changes for nping to add echo mode) 2010-08-13 18:55:30 +00:00
fyodor
b3bef8f7a2 Fix some syntax errors (mostly misspelled tags and wrongly closed tags) in scripting.xml to get it to compile 2010-08-13 18:49:16 +00:00
batrick
47bbbfdcea Fixed some local declarations. 2010-08-13 18:40:00 +00:00
fyodor
cc5a8ee7fc Add an NSE script idea (new MSRPC bug) 2010-08-13 09:37:56 +00:00
fyodor
291d25bbb9 add openssl windows binary upgrade task 2010-08-13 05:56:01 +00:00
david
1290fad780 o [NSE] Added default limits on the number of ports that qscan will 
scan. By default, it will do upt o 8 open ports and up to 1 closed
  port. These limits can be controlled with the qscan.numopen and
  qscan.numclosed script arguments. [David]
 2010-08-13 05:17:07 +00:00
djalal
d056a97b10 Merge r19288:r19697 from nmap-exp/djalal/nse-rules-docs. This will update NSE doc to show the new prerules and postrules. 2010-08-13 00:41:54 +00:00
batrick
7b40aa34c5 formatting 2010-08-12 18:29:40 +00:00
kirubakaran
68fd970ec1 Adding comments to nmap debug print message 2010-08-12 15:18:58 +00:00
robert
4ce404f214 Enabled ASLR and DEP for Nmap.exe, Ncat.exe and Nping.exe on Windows Vista and above. Visual C++ will set the /DYNAMICBASE and /NXCOMPAT flags in the PE header. Executables generated using py2exe or NSIS and third party binaries (OpenSSL, WinPcap) still don't support ASLR or DEP. Support for DEP on XP SP3, using SetProcessDEPPolicy(), could still be implemented. See http://seclists.org/nmap-dev/2010/q3/328 2010-08-12 14:01:16 +00:00
djalal
28e9cf600b Add a missing require('stdnse') 2010-08-12 03:54:13 +00:00
djalal
0ae240c1e8 Reset the script engine verbosity that was boosted when scripts are selected by name. 2010-08-11 22:37:16 +00:00
david
a12d595052 Add new version probes and matches from Patrik Karlsson. 
- Lotus Domino Console running on tcp/2050 (shows OS and hostname)
- IBM Informix Dynamic Server running native protocol (shows hostname, and file path)
- Database servers running the DRDA protocol
- IBM Websphere MQ (shows name of queue-manager and channel)
 2010-08-11 16:55:54 +00:00
david
8688fee2e2 Document that -g doesn't work for anything that uses normal OS sockets, 
including DNS resolution, connect scan, version detection, and NSE.
 2010-08-11 16:27:17 +00:00
david
852ad9440d Improve indentation and comments in init_socket. 2010-08-11 14:39:42 +00:00
david
c78dcce4d3 Move init_socket from nmap.cc to scan_engine.cc, because it is only used 
in the latter file.
 2010-08-11 14:34:54 +00:00
luis
6bce039909 Updated with the latest bugfixes and improvements 2010-08-11 13:57:05 +00:00
fyodor
6cdce4d008 add a leaked nsock pcap descriptor issue which shows up in nping and probably nmap 2010-08-11 06:15:55 +00:00
fyodor
8fc003be18 Changes from discussion w/David 2010-08-10 21:59:21 +00:00
david
d5edc49016 Add patch from Ange Gutek and Tom Sellers to make http-php-version only 
consider responses with a 200 status.
 2010-08-10 19:54:30 +00:00
batrick
f46908f0bd Require each Lua library explicitly (debug in particular). Requiring the "debug" 
library is necessary for Lua 5.2.
 2010-08-10 16:51:10 +00:00
batrick
7c7c30fc24 [NSE] (Global fix.) This fixes a spelling error. 2010-08-10 16:32:48 +00:00
kirubakaran
b35255c8e9 Adding verbosity to nmap debug option -d2 to print the whole path of scripts specified in rule 2010-08-10 16:20:07 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
david
fbe60bdcc9 Add a new function, shortport.http, that will be used as the portrule 
for HTTP scripts.
 2010-08-09 22:23:43 +00:00
david
123b018c9c Add some more information "telnetd" and "http config" to some of the new 
nmap-service-probes signatures.
 2010-08-09 21:51:47 +00:00
fyodor
1e91db1c72 add a little task discussed on nmap-dev 2010-08-09 21:45:02 +00:00
david
5809a30812 Add a handful of new service matches that came through experimentation 
with CPE.
 2010-08-09 20:12:44 +00:00
david
9e38d22717 Canonicalize some nmap-service-probes entries, mostly with regard to 
case, using the command

egrep -o ' p/[^/]*/' nmap-service-probes | sort | uniq
 2010-08-09 19:19:57 +00:00
david
442958a7cc Change the service name from "http" to "oem-agent" for "Oracle 
Enterprise Manager Agent httpd".
 2010-08-09 03:08:31 +00:00
david
794611d9f1 o [NSE] Made sslv2.nse give special output when SSLv2 is supported, 
but no SSLv2 ciphers are offered. This happened with a specific
  Sendmail configuration. [Matt Selsky]
 2010-08-09 02:57:09 +00:00
ron
934cf2edf0 Significant changes, both bugfixes and best practice changes, to smb-psexec.nse. Primarily: 
o It no longer uses the global environment to store the modules table
o It now uses loadfile() to load the configuration files, which follows best practices better
o The module() line at the top of the configuration files is no longer required, but if it exists all that happens is a warning is printed
o Worked around what appears to be a bug in one person's Nmap install where absolute paths didn't resolve properly -- I couldn't replicate, but he confirmed it was fixed
 2010-08-07 19:36:47 +00:00
djalal
1f9b7228ee Add a 'prerule' support to dns-zone-transfer.nse script, with this change dns-zone-transfer can run now at differenent Nmap scan phases: at the Script Pre-scanning phase and at the classic Script scanning one. 2010-08-06 16:47:11 +00:00
djalal
f0c5e154c3 Merge r18689:r19511 from /nmap-exp/djalal/nse-rules. 
o Add two new Script scan phases:
  Script Pre-scanning phase: before any Nmap scan operation, activated by the new "prerule".
  Script Post-scanning phase: after all Nmap scan operations, activated by the new "postrule".
o New environment variables:
  SCRIPT_PATH
  SCRIPT_NAME
  SCRIPT_TYPE: the type of the rule that activated the script.
 2010-08-06 16:40:03 +00:00
david
eb699270e9 Add a match line for an individually submitted service, Oracle 
OVSAgentServer. This looks like standard Python SimpleXMLRPCServer with
BaseHTTP except that it can be distinguished by the HTML title. Also add
a related fingerprint for SimpleXMLRPCServer when it is used in its
DocXMLRPCServer mode, which distinguishes it from plain BaseHTTP.
 2010-08-06 15:43:58 +00:00
luis
5bc0e1439e Added a couple of items 2010-08-06 15:25:21 +00:00
luis
7d63375baa Add a note about a possible memory leak in libnetutil 2010-08-06 12:59:24 +00:00
luis
8f13e328e9 Added a note about a possible nsock_pcap_close() 2010-08-06 11:56:26 +00:00
kris
9b4f8013e8 updating ip_is_reserved(): 49/8 and 101/8 allocated 2010-08-06 11:29:02 +00:00
fyodor
3eedade0d8 add ipv6 task 2010-08-06 03:20:23 +00:00
fyodor
77c4bc5f4f another target-adding script idea 2010-08-05 22:11:06 +00:00
fyodor
50ac2bfca9 add an idea from Drazen 2010-08-05 21:50:58 +00:00
jah
d67b6d9c10 Fix a test for the return value of ipOps.isPrivate in the hostrule which was 
causing an unnecessary debug message: "Error in Hostrule: 127/8".
 2010-08-05 20:36:27 +00:00
david
919f13738a Use literal tags around the names of keys of the host.times table. 2010-08-05 02:21:48 +00:00
kris
412fcbcca0 o [NSE] Added a "times" table to the host table passed to scripts. 
This table contains Nmap's timing data (srtt, the smoothed round
  trip time; rttvar, the rtt variance; and timeout), all represented
  as floating-point seconds.  The ipidseq and qscan scripts were
  updated to utilize the host's timeout value instead of the very
  conservative guess of 3 seconds for read timeouts. [Kris]
 2010-08-05 01:55:05 +00:00
david
02e612c596 Make data_file_record::operator< const. The lack of this might have been 
causing a compile error reported by Nuno Gonçalves:

error: passing 'const data_file_record' as 'this' argument of 'bool data_file_record::operator<(const data_file_record&)' discards qualifiers
make[4]: *** [output.o] Error 1
 2010-08-04 21:05:02 +00:00
fyodor
583076fedf Do some reprioritization and adding detail to the TODO list during chat w/Luis 2010-08-04 20:25:43 +00:00