PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-08 14:36:33 +00:00
Code Issues Projects Releases Wiki Activity
9,974 Commits 2 Branches 0 Tags
54bd372ccfc970f6aa93b577e8583d75e5a2df49
Commit Graph

1355 Commits

Author SHA1 Message Date
dmiller
9840973b60 Fix format string argument mismatches 
Cases where the format string does not contain any placeholders, but
values are given anyway. Cases where string.format is used without any
placeholders or arguments.
 2015-09-18 12:40:32 +00:00
dmiller
a954950b5a Remove some unneeded local declarations of loop variables 2015-09-18 12:40:30 +00:00
dmiller
6752546ef5 Fixes #212 http.get_url with https 2015-09-18 03:54:59 +00:00
dmiller
ddc5762ca9 Fix reporting of DH and ECDH param sizes 
Finite-field (traditional) DH parameter strength should be reported in
bits. ECDH key strength is the size (log base 2) of the order of the
base point G (see NIST SP 800-57 rev 3 section 5.6.1)
 2015-09-16 04:51:49 +00:00
dmiller
dd4b840be0 Catch socket errors in iscsi scripts 2015-09-12 03:31:14 +00:00
paulino
d1a2bf1d60 Fixes #195: Fixes XML output overwrite when reporting multiple vulnerabilities from the same script. Patch submitted by jgajek 2015-09-10 05:59:37 +00:00
paulino
40cfbdb0f3 Fixes #195: Fixes XML output overwrite when reporting multiple vulnerabilities from the same script. Patch submitted by jgajek 2015-09-10 05:57:29 +00:00
dmiller
829fbef715 Fix human-readable sizes in ls.lua 
First, enforce significant digits when converting, e.g. 1.1K to bytes.
Next, use the server-returned human-readable format instead of
converting to bytes by default. The conversion to bytes is still done to
get total byte count.

Also changed how boolean options work to better match existing
convention: --script-args ls.human or --script-args ls.human=1 now work.
You must explicitly say "false", "no", or "0" to make a boolean flag
false (or just leave it out).
 2015-09-04 14:23:14 +00:00
dmiller
998da3d070 Fix an assertion error in ls.lua: size is a number, not a string 2015-09-04 12:52:09 +00:00
dmiller
087fadf2a9 Add ls.lua library. Closes #106 2015-09-04 12:52:08 +00:00
gio
569e954a96 nselb/creds: Fix #159, Add support for credential multitag 2015-08-20 20:05:28 +00:00
gyani
695edff47e I made the unescape function public. This function can be used 
to convert html entities to their normal forms. For exmaple
lt; to <.
 2015-08-14 11:24:30 +00:00
gyani
ba873c28c0 http-drupal-enum replaces http-drupal-modules. 
The script now supports drupal theme listing as well.
Updated drupal-modules.lst and added drupal-themes.lst.
 2015-08-13 11:58:44 +00:00
dmiller
7c08cf9c4f Clean up nested list in nsedoc 2015-08-04 14:21:48 +00:00
paulino
c24322ff9a Adds globalcatssl port to LIKELY_SSL_PORTS. Closes #179 2015-07-20 04:07:41 +00:00
gyani
759d944397 Modified the debug string that is passed when ssl is not present to 
include ntlm.
 2015-07-04 08:22:08 +00:00
gyani
3d2a008cef Modified smbauth.lua to create ntlmv2 session response. 
http.lua now allows NTLM authentication.
 2015-07-04 08:19:17 +00:00
gyani
e5b3f98611 Applied Jacob Gajek's patch that allows a list of tables to be passed 
to fields in the vuln report table.
 2015-07-04 07:25:54 +00:00
dmiller
f846e7c818 Allow make nse_check to pass when configured --without-openssl 2015-06-25 14:00:53 +00:00
dmiller
6a38678b56 re-sync TLS ciphersuite names that changed in r34683 2015-06-23 00:08:58 +00:00
gyani
3ef7d71863 Merge branch 'fingerprints' 2015-06-20 17:27:22 +00:00
gyani
eba83f60af The utf8_enc function had a missing referrence to the unicode library. 
Fixed that.
 2015-06-20 06:40:13 +00:00
dmiller
ba38345c32 Mark some TLS ciphersuites as draft 2015-06-19 21:36:53 +00:00
dmiller
9c99b80d73 New RTSP urls for Logitech WiLife cameras [Dustin Miller] 2015-06-19 21:36:52 +00:00
dmiller
ce9eb6b0f3 Fix DH parameter extraction in tls.lua (Jacob Gajek) 2015-06-17 21:17:43 +00:00
gyani
5550411330 Messed up the author field in the last commit. Fixed that. Hopefully that last slaxml.lua commit for the the day. Sorry for the multiple commits 2015-06-14 06:47:36 +00:00
gyani
21f8b14798 Added better indentation 2015-06-14 06:41:25 +00:00
gyani
ce84a003a4 Added documentation for parseDOM. Fixed a few typos in the original documentation 2015-06-14 06:20:06 +00:00
gyani
be7e57f80d Removed WhiteSpace 2015-06-14 05:55:58 +00:00
gyani
92af09d39c Added slaxml, hnap-info and modified script.db to show the same 2015-06-14 05:55:46 +00:00
gio
f893f2032b Fixes #122 SNMP library and scripts use creds library to handle community 2015-06-13 17:58:55 +00:00
gio
308c213099 NSE snmp manually rebase #122 provided patch 2015-06-13 17:58:49 +00:00
gyani
d32f3b9c52 on line 525 unicode was assigned to a string and a function was being called[unicode.utf8to16]. removed the assginment 2015-06-04 15:58:58 +00:00
dmiller
4ead75cee7 Remove ahbl.org blacklists after site shutdown 2015-06-03 03:28:36 +00:00
robert
fe63fe2662 Added support for SQL Server 2014, and added version numbers for service packs from the last couple of years. 2015-06-02 09:43:34 +00:00
dmiller
00064a1809 Whitespace/reindent cleanup in NSE. https://secwiki.org/w/Nmap/Code_Standards 2015-05-31 17:37:51 +00:00
dmiller
63ad40fb74 Fix a bug in creds.lua, comparing creds without users 
When creds.lua is used without usernames (like in snmp-brute.nse), the
credentials could not be sorted because they are sorted first by
username, which is nil and cannot be compared. Now the script first
checks that both values are non-nil (and true) before comparing them.
 2015-05-26 03:40:09 +00:00
dmiller
9781830ece Check for system files and directory traversal in tftp-enum.nse 2015-05-15 19:35:17 +00:00
henri
b1d6bcd9be nselib/smb: fix find_files function (next_item coroutine) 
Patch by Pierre LALET <pierre.lalet@cea.fr>
 2015-04-30 17:58:13 +00:00
dmiller
c8db85bc4a Fix some documentation about comm.lua timeouts 2015-04-28 13:18:21 +00:00
dmiller
1033287ccd Fix unpwdb.filter_iterator (http://seclists.org/nmap-dev/2015/q2/44) 2015-04-17 03:26:58 +00:00
paulino
fba4bc85c6 Make the library vulns use HTTPS by default when generating CVE links. 2015-04-15 20:29:47 +00:00
dmiller
54543b303c Clean up some documentation regarding http redirects 2015-04-10 12:56:05 +00:00
dmiller
2e55f5d3b8 Allow redirect_ok to be a number of redirects to follow (http.lua) 2015-04-10 03:42:44 +00:00
dmiller
dab7b10ebe Add 3389 as an SSL port; Enhanced RDP Security requires TLS 2015-04-02 04:40:26 +00:00
dmiller
ab5b346352 Obey TLSv1.2 RFC regarding anonymous signature type 2015-03-25 19:35:20 +00:00
dmiller
170a45f21d Fix a typo in a debug message 2015-03-25 14:30:18 +00:00
dmiller
04fee3d14c Move TLSv1.2 signature_algorithms extension defaults into tls.lua 2015-03-25 02:29:25 +00:00
dmiller
ed86473b0c Send supported signature algorithms for TLSv1.2 2015-03-24 23:22:19 +00:00
dmiller
1fd4b3edd8 Use some sane defaults in tls.client_hello 2015-03-06 19:59:59 +00:00