PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 19:59:02 +00:00
Code Issues Projects Releases Wiki Activity
5,056 Commits 2 Branches 0 Tags
5349d1619e7c2ac30a88183c693ac4f489f8ffbc
Commit Graph

873 Commits

Author SHA1 Message Date
david
5349d1619e Don't use strbuf to build payloads; it's unnecessary for these short 
strings.
 2011-02-22 04:32:54 +00:00
david
b1aaf2da8d Remove a level of indentation. 2011-02-22 04:32:53 +00:00
david
288c9c88bb Use data-driven XML grepping instead of repeating the same code many 
times.
 2011-02-22 04:32:53 +00:00
david
f751c0c386 Whitespace, spelling. 2011-02-22 04:32:52 +00:00
david
7ad53deb42 Add servicetags script. 2011-02-22 04:32:51 +00:00
david
73e80d1a0a Whitespace, typos. 2011-02-22 02:51:09 +00:00
david
cd4833f2a8 Rename firewalk-path to firewalk. 2011-02-22 02:51:08 +00:00
david
db50d964d4 Update firewalk.nse: add max-probed-ports argument and use 
stdnse.get_timespec to parse time specifications.
 2011-02-22 02:51:06 +00:00
david
da4a064291 Update firewalk.nse by Henri Doreau. (firewalk-path version from 
http://seclists.org/nmap-dev/2011/q1/63.)
 2011-02-22 02:51:04 +00:00
david
c3ab2d5ea4 Create a shortport.ssl function like shortport.http. Use it in ssl 
scripts.
 2011-02-22 00:46:28 +00:00
david
0b4de98d24 Whitespace. 2011-02-21 22:59:34 +00:00
patrik
562ee68df0 Applied patch recieved from Josh Amishav-Zlatin that addresses the problem 
with the 550 User Unkown message being handled incorrectly as described here:
http://seclists.org/nmap-dev/2011/q1/585
http://seclists.org/nmap-dev/2011/q1/511
[Patrik]
 2011-02-20 20:49:58 +00:00
djalal
0a9764709f Use the correct script name in the usage example of the smtp-enum-users. Reported by Jamuse, who also contributed the patch. 2011-02-17 18:41:51 +00:00
tomsellers
01bbf58b67 Fixed an undeclared variable. 2011-02-16 00:25:40 +00:00
tomsellers
c8fb3889e6 Addressed a condition in db2-das-info.nse where the script would crash 
if the DB2 DAS service had discovery mode disabled.  While the service
would be listening, the data would be in an unexpected format.  This 
caused the script to crash at line 412 when it tried to extract the 
server profile from the DB2 response (db2response.info variable).

I will likely tweak the hard setting of the ports in the block that
follows after I perform more testing to verify that it behaves as
expected - Tom
 2011-02-16 00:13:38 +00:00
david
4c358b171a Back-merge r22229:22234 from /nmap-releases/5.51. 
------------------------------------------------------------------------
  r22234 | david | 2011-02-11 14:33:33 -0800 (Fri, 11 Feb 2011) | 4 lines
  
  Add an openssl guard around the require of tns in oracle-brute and
  oracle-enum-users. The tns library makes a call to
  openssl.rand_pseudo_bytes at its top level.
  
  ------------------------------------------------------------------------
  r22232 | david | 2011-02-11 14:28:18 -0800 (Fri, 11 Feb 2011) | 4 lines
  
  Put an openssl guard around the importing of ssh2 in
  ssh2-enum-algos.nse. Otherwise it fail in --script-updatedb when
  configured --without-openssl.
  
  ------------------------------------------------------------------------
  r22230 | david | 2011-02-11 13:38:49 -0800 (Fri, 11 Feb 2011) | 3 lines
  
  Allow whitespace at the end of the go_to_host pattern. On Windows,
  there's a '\r' at the end of the string, so the pattern didn't match.
 2011-02-11 23:09:04 +00:00
patrik
e94bdc7f5f Updated all ms-sql scripts to use proper script name argument prefixes with 
fallback to old argument names. [Patrik]
 2011-02-09 20:48:42 +00:00
patrik
b3a3501190 Changed the script documentation in order to reflect the recent change of the 
ms-sql-xp-cmdshell.cmd parameter.
 2011-02-09 16:28:23 +00:00
patrik
3f15b93e98 Fixed typo in ms-sql-xp-cmdshell.cmd argument. Changed from mssql-xp-cmdshell 
to ms-sql-xp-cmdshell. [Patrik]
 2011-02-09 16:25:42 +00:00
david
31935a45d4 o [NSE] Fixed some portrules that used shortport functions incorrectly 
and always returned true in dns-zone-transfer and
  ftp-proftpd-backdoor. [Jost Krieger]
 2011-02-04 08:46:14 +00:00
david
21113fdfa9 Fix the nrpe-enum portrule. It was returning a function, thus always 
true.
 2011-02-01 21:25:46 +00:00
david
84c4899414 In snmp-interfaces.nse, move the check for the required script argument 
snmp-interfaces.host into the prerule and out of the action. Otherwise,
being default, this is the only script that runs during the prescan by
default.
 2011-02-01 18:16:28 +00:00
david
620dc0e32d splay an error when a directory listing can't be found in ftp-anon, 
instead of throwing an exception (and losing the fact that anonymous FTP
was allowed).
 2011-01-31 09:46:32 +00:00
david
f2dac38381 Gracefully handle EOF in ftp-anon.nse. 2011-01-31 09:46:31 +00:00
djalal
d1b34654b8 Fix a bug which caused some NSE scripts to fail, due to the absence of 
the NSE SCRIPT_NAME environment variable when the scripts are loaded.
Reported by Michael Pattrick.
 2011-01-30 23:31:57 +00:00
robert
d50c58dcc1 Force a match against "^PHP/" (i.e. now with a trailing forward slash) to prevent the "Version from header" from incorrectly matching against the Set-Cookie header with the value "PHPSESSID". This should match PHP/2.x onwards; I'm not sure about earlier versions of PHP as I can't find any references. 
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.

We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
 2011-01-30 11:15:48 +00:00
patrik
a139a26fd7 Fix for bug that would make Nmap fail to run when compile without SSL support. 
The wsdd library incorrectly assumed OpenSSL to always be available and the
ssh-hostkey used the undeclared SCRIPT_NAME in message when evaluating SSL
support. The bug was reported by Michael Pattrick on nmap-dev:
http://seclists.org/nmap-dev/2011/q1/312

[Patrik]
 2011-01-30 10:39:17 +00:00
david
b53b5fced0 Add a missing period to NSEDoc. 2011-01-28 17:54:49 +00:00
david
181951a2c6 Move db2-discover out of "discovery" and into "safe", like the other 
scripts that behave like it does.
 2011-01-24 07:22:07 +00:00
fyodor
2dd295a266 Minor NSEDoc summary cleanup 2011-01-21 08:28:38 +00:00
fyodor
f037a54cd7 Update Nmap version number to 5.36TEST4 in prep for the next release in a day or two and regenerate relevant files 2011-01-20 10:29:18 +00:00
patrik
7f95274f68 replaced -np with -p in usage as Linux reports the following error: 
nmap: option '-np' is ambiguous
 2011-01-18 19:41:05 +00:00
fyodor
b27c8e29d7 Apply a patch from Toni Ruottu with some small misc. improvements to the netbus-* scripts. Also I changed netbus-auth-bypass to the safe category as recommended by Toni 2011-01-15 21:28:45 +00:00
david
aef6f90991 Add gopher-ls and hddtemp-info @usage, adapted from Toni Ruotto. 2011-01-15 16:33:06 +00:00
fyodor
c0aa648851 Apply some nsedoc improvements sent in by Andrew Orr 2011-01-14 21:17:44 +00:00
fyodor
dc1f583a03 I've been putting periods at the end of these single sentence fragment descriptions for consistency, although I don't really know which way is best. When there are multiple setences in that first paragraph, we obviously need the paragraph even after an initial fragment. So I figured that we might as well include it when the fragment is all there is. But maybe when there is just one fragment, it looks better without a period. Who knows, and I guess it's not a particularly critical decision. But dns-update.nse now has a period in any case :) 2011-01-14 21:06:28 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
fyodor
b2598bc73d remove an email address so that Henri's author line for firewalk is the same as for his other new script (targets-traceroute). If he wants the email address there, we can add it to both. 2011-01-14 10:26:14 +00:00
fyodor
a84c2e4498 Did some NSEDoc cleanup on many of the 45 NSE scripts which are new since the 5.35DC1 Nmap release. Emphasis was on the first paragraph of the description, since that is shown on the front page of http://nmap.org/nsedoc and I'm planning to use that description verbatim (except for removing tags like <code>) for the CHANGELOG 2011-01-14 10:20:51 +00:00
fyodor
ed12841d70 minor NSEDoc updates 2011-01-14 06:32:16 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
303123205e Updates to gopher-ls.nse from Toni Ruotto: 
* Added gopher-ls.maxfiles script argument.
* Included file descriptions.
 2011-01-08 05:12:01 +00:00
ron
fa5725ed05 Fixed a typo in the documentation 2011-01-08 00:25:48 +00:00