PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 23:49:03 +00:00
Code Issues Projects Releases Wiki Activity
8,232 Commits 2 Branches 0 Tags
4685d44ff8a32770604d7e66a5799f32b5f3d59c
Commit Graph

8232 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
81c777abfd Simplify connect-mode stdin EOF handling. 2013-02-09 08:29:37 +00:00
david
9a10429474 Round out EOF and shutdown tests. 
The existing tests here didn't make much sense, and didn't cover all the
situations we care about. The 8 tests now check each of

client !--send-only EOF on stdin
client  --send-only EOF on stdin
server !--send-only EOF on stdin
server  --send-only EOF on stdin

client !--recv-only EOF on socket
client  --recv-only EOF on socket
server !--recv-only EOF on socket
server  --recv-only EOF on socket

The other thing we care about is whether the client/server keeps running
after the EOF. That is now checked in each of the tests too.
 2013-02-09 08:29:36 +00:00
david
61255ee01e Retab ncat-test.pl. 2013-02-09 08:29:35 +00:00
david
842f9e6804 Revert "Lower-case scheme comparisons." 
Handle it at the url.parse level.
 2013-02-07 23:43:50 +00:00
david
4fb61350d8 url.parse should convert all schemes to lower case. 
RFC 3986 section 3.1:
Although schemes are case-insensitive, the canonical form is lowercase
and documents that specify schemes must do so with lowercase letters.
An implementation should accept uppercase letters as equivalent to
lowercase in scheme names (e.g., allow "HTTP" as well as "http") for the
sake of robustness but should only produce lowercase scheme names for
consistency.
 2013-02-07 23:43:47 +00:00
david
5273567981 Lower-case scheme comparisons. 
I'm seeing redirects to "HTTP://example.com/".
 2013-02-07 23:37:48 +00:00
david
a1cc3690cc Include the targetname if possible in NSE diagnostic messages. 2013-02-07 23:26:18 +00:00
david
9434dd7d2f parse_redirect: fill in port number even if authority but not scheme is present. 
For example "//example.com/en/": the function needs to return with
u.port set, just as it would with "http://example.com/en/".
 2013-02-07 23:12:41 +00:00
david
a210d38769 Allow empty path in url.parse. 
I got a redirect of "?p=indisponible" and url.parse returned
{query="p=indisponible"}. Now it returns
{path="", query="p=indisponible"}.
 2013-02-07 22:37:38 +00:00
david
4cdb5301dd 300 and 303 are also HTTP redirects. 2013-02-07 22:28:10 +00:00
david
ac5a479a73 Treat empty port in URL the same as absent. 
RFC 3986 says that these URLs are equivalent:

http://example.com/
http://example.com:/

url.parse was returning port="" for the latter. Make it instead return
port=nil like the former.
 2013-02-07 03:06:30 +00:00
david
1c7c414fbb URL ports have to be decimal digits. 
RFC 3986 section 3.2.3.
 2013-02-07 03:06:29 +00:00
david
45b5d92f3d Don't treat an empty string as an invalid URL. 
To me, this is a relative URL with a path of "". I.e., it refers to the
same document as wherever the URL appeared, like when people do
<form action="" enctype="multipart/form-data" method="POST">
 2013-02-07 02:28:23 +00:00
david
fd7cabf7db Remove some old Linux compatibility code from connect scan. 
This code was quite old (dating from r854 in 2000) and may not serve a
purpose anymore. Let's try removing it.

Apart from being obsolete, the code had a race condition where the
connection could be closed with a RST before getpeername was called,
leading to a fatal error message.
 2013-02-05 04:55:29 +00:00
fyodor
71a6c878ac Add a task suggested by David 2013-02-05 00:03:07 +00:00
david
7c7ffdb756 Typo. 2013-02-02 01:41:50 +00:00
david
2318ff2e70 Remove a too-generic service fingerprint for which we need more data. 
It was listed as "Microsoft UPnP", but was also matching a trivial
golang web server.
 2013-02-01 20:45:12 +00:00
david
37e0241276 CHANGELOG for route metrics. 2013-02-01 05:02:00 +00:00
david
5ab6c9fa93 Sort by metric. 2013-02-01 05:01:59 +00:00
david
8e20e6a65b Show route metrics in --iflist. 2013-02-01 05:01:58 +00:00
david
e2387e4693 Add metric to struct sys_route. 2013-02-01 05:01:57 +00:00
david
f55171a088 Add metric to struct route_entry. 
Actually getting a nonzero value for the metric is supported only on
Linux and Windows.
 2013-02-01 05:01:56 +00:00
paulino
913fbac6d1 Adds entry to detect SCADA SIMATIC S7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/SIEMENS-Simatic-HMI-miniweb.nse 2013-01-31 18:04:40 +00:00
paulino
b3d3553330 Adds entry to detect SCADA Siemens PCS7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/Siemens-PCS7.nse 2013-01-31 18:00:11 +00:00
david
5fd515b039 Get rid of ntohs in ip6_ntop. 
Byte-swapping is handled by the initial loop that reads into an array of
16-bit integers. That initial loop was added by me in r29708.
 2013-01-30 08:47:24 +00:00
david
570a77b414 Use binary strings, not hex strings, internally in ike-version. 
Patch by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/152
 2013-01-30 06:25:32 +00:00
fyodor
1164b75588 Note some done tasks 2013-01-29 00:42:06 +00:00
david
dbdee4792e Keep min/max/avg rtt outputs down to -q. 2013-01-28 22:55:31 +00:00
david
93a245d6e7 Require -v for 'Tx time' and friends in Nping. 2013-01-28 22:55:29 +00:00
david
41b397200b Show ICMP ID and seqno in packet trace by default. 
This was previously limited to ippackethdrinfo's medium detail and
above, which required -v in Nping and -d2 in Nmap.
 2013-01-28 22:34:37 +00:00
patrik
d79e431e7a nse_check_globals cleanup 2013-01-28 04:28:38 +00:00
david
37ab88e840 Change 'VPN' to 'security-misc' in ike-fingerprints. 
We don't have a 'VPN' device type.
http://nmap.org/book/osdetect-device-types.html
 2013-01-28 03:11:21 +00:00
david
710b460ac1 Add ike-version and ike library by Jesper Kückelhahn. 
http://seclists.org/nmap-dev/2013/q1/49
 2013-01-28 03:06:39 +00:00
david
7cb2946d60 Actually set the base addr in NetBlockIPv6Netmask. 
This is needed for proper copying of the scope_id.
 2013-01-26 05:31:33 +00:00
david
249c566196 Have NetBlock::next return the socklen. 
This matters on OS X; with the wrong size, connect scans give "Invalid
argument".
Reported by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/84
 2013-01-26 05:31:33 +00:00
david
010969b77f Set sa_len of IPv4 to sizeof(sockaddr_in), not sizeof(sockaddr_storage). 2013-01-26 05:31:32 +00:00
david
94fd369de7 Clear the sockaddr_in before filling it in. 2013-01-26 05:31:31 +00:00
david
b8e4f8832c Initialize NetBlock members. 2013-01-26 05:31:30 +00:00
dmiller
fd2130bae1 Update categories for jdwp-exec and jdwp-inject 
Categories for both: exploit, intrusive

per http://seclists.org/nmap-dev/2013/q1/105
 2013-01-25 21:23:02 +00:00
david
9827b75f82 Whitespace in http-headers. 2013-01-25 17:43:29 +00:00
david
60600a5a77 Update http-headers output. 2013-01-25 17:43:28 +00:00
david
ac2cf33113 http-headers uses HEAD by default, not GET. 2013-01-25 17:43:27 +00:00
david
6784954eee Use more automatic memory management in nmap_dns.cc. 2013-01-25 06:26:23 +00:00
david
c11ceacc1f Get rid of some struct typedefs. 
C++ does this automatically. We don't need typedefs here, just some
forward declarations.
 2013-01-25 06:26:22 +00:00
david
50a4817671 Remove dynamically allocated fakeargv. 
This used to be used to hold the original argv before quashing with -q.
Now that -q is gone, it was just a copy of argv.

fakeargv was also causing Valgrind to complain about leaked memory. it
wasn't a real leak, but now it's out of the report anyway.
 2013-01-25 06:26:21 +00:00
david
e77a084790 Restore original docs for ip-forwarding.target. 
It was hidden as a @param isntead of an @args.
 2013-01-24 18:11:06 +00:00
david
67fdf7fd63 CHANGELOG for Matousek NSEDoc fixes. 2013-01-24 18:04:43 +00:00
david
67aa5516f4 Fix various NSEDoc problems. 
Found by David Matousek.
http://seclists.org/nmap-dev/2013/q1/88
 2013-01-24 18:04:42 +00:00
david
11ba3ef045 Check NMAP_PRIVILEGED and NMAP_UNPRIVILEGED in Zenmap is_root. 
You won't get the "you're not root" dialog if NMAP_PRIVILEGED is set.
Patch by Tyler Wagner.
http://seclists.org/nmap-dev/2013/q1/87
 2013-01-24 17:18:13 +00:00
fyodor
572c5cf0cc note some new Nping tasks that David and I discussed today and also some debugging results related to a potential nping issue previously discussed 2013-01-23 23:47:38 +00:00