PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity
5,148 Commits 2 Branches 0 Tags
5a32f584d452efdce23d5ebbf80b958d01b51a94
Commit Graph

335 Commits

Author SHA1 Message Date
david
e73605e40a Add missing version fields to a gpsd match line. 2011-03-01 16:41:19 +00:00
patrik
d6bbc6da8f o [NSE] Added probe for Apple iPhoto (DPAP) and the dpap-brute script that 
performs password guessing against a shared iPhoto library. [Patrik]
 2011-02-26 16:24:54 +00:00
david
6d65382a24 Fix a double ^^ at the beginning of a match line. 2011-02-23 17:15:10 +00:00
david
38acaa80e5 Change a literal hostname in an ftp service match into a pattern. This 
was probably accidentally left in during integration.
 2011-02-19 00:38:55 +00:00
tomsellers
4d3a2ecef9 Consolidated and grouped matchlines related to the FTP service on 
Lexmark (and rebranded) laser printers.  There was a near perfect
matchline that was being skipped due to an extra \d in the capture
pattern.  I moved it down with some others, removed some lines that
had included in the hostname and model in the discrete text and 
expanded the hostname match character set.

The format for the banner is:

220 <hostname> Lexmark <model> FTP Server <firmware revision> ready.
 2011-02-19 00:24:37 +00:00
tomsellers
73a4a10769 Consistency change - edited all Apache TomCat related matchlines 
to return "Apache Tomcat" as opposed to being split between "Apache Tomcat"
and "Apache Tomcat httpd".  Tomcat can run on top of Apache HTTPD, Microsoft
IIS, and Apache Coyote. - Tom
 2011-02-19 00:01:32 +00:00
tomsellers
916ddc73f8 Adding three match lines for two embedded device httpd: 
Tridium Niagara httpd - embedded control systems, HVAC, etc
   http://www.tridium.com/

Knoplerfish - various devices, included printers
   http://www.knopflerfish.org/
 2011-02-18 23:55:04 +00:00
tomsellers
abeaffea33 Minor changes to nmap-service-probes to improve consistency with naming 
Trend Micro products.
 2011-02-18 23:47:47 +00:00
tomsellers
972a72e130 Add a softmatch line for SMTP returning a 550 code as well as a 
x.x.x format error code.  Discovered on Cisco gear but other SMTP
services may use the format as well. - Tom
 2011-02-15 23:44:47 +00:00
tomsellers
21ee742ca3 Addition Tomcat/Coyote match line to capture Tomcat version data 
when the server provides it.
 2011-02-09 11:55:02 +00:00
fyodor
dd9ae71020 Add a service signature I created for Nping echo 2011-01-20 10:09:04 +00:00
david
1ef55b81d1 Add a Quake3_master_getservers service probe from Toni Ruotto. 2011-01-08 05:03:44 +00:00
david
12b762517d Canonicalize some nmap-service-probes entries using the 
nmap-service-probes-report.py script.
 2010-12-28 20:58:33 +00:00
david
c77761b0b1 All 10 service corrections. 2010-12-28 18:52:31 +00:00
david
84fb8f2bb3 A few miscellaneous service probe changes. 2010-12-28 18:52:30 +00:00
david
016bea6276 Rearrange the ssh match lines so that the uncategorized ones are towards 
the bottom of the file. This is how other blocks of matches are
arranged.
 2010-12-28 18:52:28 +00:00
tomsellers
54657f0fc4 Added IBM HTTP Server match line, improved consistency among the 
match output for this product.
 2010-12-28 18:36:53 +00:00
david
68f14b9f5a The last 100 service submissions. 2010-12-28 05:52:02 +00:00
david
da6ed2d39a 100 service submissions. 2010-12-28 03:16:00 +00:00
david
4b14ccf8f8 100 service submissions. 2010-12-27 17:41:05 +00:00
david
c6721aae80 100 service submissions. 2010-12-21 16:59:46 +00:00
david
0b21a33414 100 more miscellaneous service submissions. 2010-12-21 05:04:45 +00:00
david
e36fe37c87 A bunch of miscellaneous service submissions. 2010-12-21 00:51:45 +00:00
david
3b849d64e1 upnp service submissions; also reclassify some "http" as "upnp". 2010-12-19 18:57:02 +00:00
david
f448f62b82 The last of the http service submissions. 2010-12-18 15:20:47 +00:00
david
bb55769fb4 More http submissions. 2010-12-18 05:02:37 +00:00
david
1a2a892610 This is about 75% of the http service submissions. 2010-12-17 05:25:40 +00:00
david
dd7f04aebc Service submissions for 
bittorrent pop3 afp imap time backupexec-remote backupexec beremote.exe
domain vnc-http vnc teamviewer mysql irc irc-proxy skype rtorrent nessus
bitcoin printer icecast 3dm-http.
 2010-12-16 06:00:39 +00:00
david
4e018f1638 unknown and ssl service submissions. 2010-12-15 20:13:40 +00:00
david
3af5da503f sip service submissions. 2010-12-15 02:16:17 +00:00
david
80308fb84f smtp service submissions. 2010-12-14 23:03:41 +00:00
david
5642029a4c telnet service submissions. 2010-12-14 23:03:38 +00:00
david
6710b2deff ssh service submissions. 2010-12-14 19:42:11 +00:00
david
e8a9ff65e8 Do ftp service submissions. 2010-12-14 09:12:06 +00:00
david
3f35888405 Fix a service match line on information from Corey Quinn. I found the 
"Connection too fast, throttled" message in the source code of ratbox,
charybdis, and ircd-seven, but not Unreal ircd.
 2010-12-07 22:36:50 +00:00
bmenrigh
df99409651 The dominoconsole match is too general and can match things that it 
shouldn't.  Also, because of the use of ([...]*), captures can be too
long to fill into the template.  This change forces hostname and
domain name to be non-empty.  This match should be made more specific
but without example content any changes would involve guessing.
 2010-09-30 23:14:57 +00:00
patrik
0ef84cf443 o [NSE] Added nat-pmp-info script that uses the nat-pmp service to 
discover the external IP address of a router. [Patrik]
 2010-09-28 19:43:06 +00:00
bmenrigh
5ead386c07 Added a bunch of Apple and Netatalk AFP service matches. There are a 
few mystery variations in bytes that don't match up with the
descriptions in the submissions or what users have told me they are
running.  I've done my best to get the OS X versions correct.
Corrections may be required to loosen the strict versioning in this
commit.
 2010-09-27 22:00:10 +00:00
tomsellers
c974a51d07 Single line update to correct spelling error in service field. 
shoutcase => shoutcast
 2010-09-26 19:27:45 +00:00
tomsellers
04e0b3b4f6 Two modifications to APC PowerChute detection. One is to comment 
out a false positive that is likely java-rmi.  The other is to 
add an additional version to a version label.
 2010-09-26 15:51:00 +00:00
tomsellers
6b75d40ae7 Fixed a few spelling errors and 1 consistency issue in the 
device labels in nmap-service-probes
 2010-09-26 13:15:45 +00:00
tomsellers
594e2dcacc Add 3 http service detection fingerprints: 
Rapidsite/Apa (customized Apache http)
 IBM HTTP Server using mod_jk
 RG4000 Access Control Gateway (limited info)

 The first two had existing fingerprints that were
 were similar but that matched version information 
 that was not always present or had a different 
 modules (PHP vs mod_jk).  - Tom
 2010-09-26 04:13:21 +00:00
tomsellers
70c9266359 Small change to restore whitespace in nmap-service-probes. 2010-09-25 14:03:54 +00:00
tomsellers
c4b3f17dcd 3 service version changes: 
2 for BMC/Marimba
  1 for a CANON HTTP service
 2010-09-24 23:39:08 +00:00
bmenrigh
72455a613c Added/updated a few service fingerprints. 2010-09-07 23:25:06 +00:00
bmenrigh
299b8e8f28 Added a match for psyBNC triggered by the SIPOptions probe when the 
daemon doesn't print any banner.
 2010-09-02 21:21:51 +00:00
bmenrigh
40e6bde4e0 Fixed the capitalization on LANRev -> LANrev and removed the 
**BACKDOOR* label. LANrev is remote management software just like
RAdmin, Dameware, etc.  LANrev has been used as a backdoor in the past
but that doesn't make it a backdoor any more than VNC, Dameware,
etc. are backdoors.
 2010-08-31 20:04:16 +00:00
patrik
527c5b2959 Modified the Domino Console match to separate out domain and include additional server info 2010-08-19 21:37:56 +00:00
patrik
aa49c23224 moved hostname from the info to the hostname field for Informix probes 2010-08-14 12:42:16 +00:00
david
a12d595052 Add new version probes and matches from Patrik Karlsson. 
- Lotus Domino Console running on tcp/2050 (shows OS and hostname)
- IBM Informix Dynamic Server running native protocol (shows hostname, and file path)
- Database servers running the DRDA protocol
- IBM Websphere MQ (shows name of queue-manager and channel)
 2010-08-11 16:55:54 +00:00