PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 07:29:01 +00:00
Code Issues Projects Releases Wiki Activity
5,148 Commits 2 Branches 0 Tags
5a32f584d452efdce23d5ebbf80b958d01b51a94
Commit Graph

5148 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
batrick
47e6012b15 remove old commented code 2010-12-08 14:19:08 +00:00
batrick
86993d74d5 Use better construction for iterating lines. 2010-12-08 14:18:45 +00:00
batrick
bfa052c2f3 Changed (commented) debug statements to use stdnse.print_debug instead of 
io.write.
 2010-12-08 14:17:11 +00:00
batrick
47e3a20aa8 use better construction to iterate lines of a file 2010-12-08 14:11:48 +00:00
batrick
6fb600782f Don't use io.write to print error information. 2010-12-08 14:08:35 +00:00
fyodor
e9697cb936 Remove an excess space in output 2010-12-08 08:02:22 +00:00
david
44c37eb3d2 200 OS submissions. 2010-12-08 06:49:09 +00:00
david
92d4f185a3 200 OS submissions. 2010-12-08 06:49:05 +00:00
david
528681c04a Take out "other" in "X other hosts had status Y" in http-vhosts.nse. It 
looks funny when it's the only line and I think it still looks fine this
way when there are multiple lines.
 2010-12-08 00:54:46 +00:00
david
e947e5dedf Patch to http-vhosts.nse from Carlos Pantelides: collapse multiple 
responses bearing the same code into one line.
 2010-12-08 00:54:45 +00:00
david
722fd3a89a Fix script argument name. ftp-proftpd-backdoor.cmd 
instead of ftp-proftp-backdoor.cmd.
 2010-12-07 22:44:06 +00:00
david
4744f6b747 Patch from Mak Kolybabi: let ftp-proftpd-backdoor bail out early if 
version detection has been done and doesn't show a potentially
backdoored version. Also update strings to match the new script name.
 2010-12-07 22:44:04 +00:00
david
3f35888405 Fix a service match line on information from Corey Quinn. I found the 
"Connection too fast, throttled" message in the source code of ratbox,
charybdis, and ircd-seven, but not Unreal ircd.
 2010-12-07 22:36:50 +00:00
david
2c16870941 100 OS submissions. 2010-12-07 07:51:33 +00:00
david
adc460fc22 o [NSE] Added the ftp-proftpd-backdoor.nse script by mak Kolybabi, 
which checks for a backdoor in ProFTPD 1.3.3c.
 2010-12-07 00:22:01 +00:00
david
ee0cca5f07 200 OS submissions. 2010-12-07 00:13:11 +00:00
david
f8530814ab o [NSE] Added http-vhosts.nse from Carlos Pantelides. This script 
brute-forces virtual hosts by sending different Host headers to the
  same server.
 2010-12-06 05:19:35 +00:00
kris
39ac0e4eda relatively large ip_is_reserved() update: 5/8, 23/8, 37/8 and 100/8 allocated 2010-12-04 00:16:38 +00:00
david
c822f62d84 Typo fix. 2010-12-03 21:29:59 +00:00
david
bc55d41b9a Add a comment explaining why we can unconditionally set the id and seq 
fields in build_icmp_raw, even though not all ICMP types have them. All
the types handled by the function do have them, and in the same place.
 2010-12-02 22:46:56 +00:00
fyodor
c1daed771c Some changes from chat w/David 2010-11-30 22:43:47 +00:00
robert
e43a866bea Tweaked the versions slightly (removed 4.3.1 from the bunny hash as it looks wrong and hasn't been corroborated), based on 0php.com data. 2010-11-30 09:25:04 +00:00
david
b8346c1d82 o [Ncat] Ncat now uses case-insensitive string comparison when 
checking authentication schemes and parameters. Florian Roth found a
  server offering "BASIC" instead of "Basic", and the HTTP RFC
  requires case-insensitive comparisons in most places. [David]
 2010-11-30 09:06:28 +00:00
fyodor
6c62ce69e8 note some of the information obtained from hddtemp service 2010-11-30 01:56:39 +00:00
batrick
03c7e9d00e Have stdnse.make_buffer read chunks instead of lines [1] so we do not implicitly 
buffer based on the presence of new lines.

[1] http://seclists.org/nmap-dev/2010/q4/554
 2010-11-29 22:51:51 +00:00
david
33f3645ecd Don't define HAVE_SYS_SOCKET_H in dnet_winconfig.h. That it was wrongly 
defined was noticed by Gisle Vanem. It makes no difference because this
macro isn't used in any source files for Windows (or any platform).
 2010-11-29 20:30:52 +00:00
david
77a4235fc4 Fixes to firewalk.nse from Henri Doreau: "The first one was due to my 
ignorance that the first index of lua arrays is 1 (and not 0). Because
of that, I was setting a too high ttl value when retrieving it from
traceroute results. The second one was a syntax error on a
nmap.log_write() call."
 2010-11-29 19:16:49 +00:00
david
f8b17ae441 o [NSE] Added the hddtemp-info script from Toni Ruotto, which gets 
hard drive temperatures from the hddtemp service.
 2010-11-29 19:00:11 +00:00
robert
a92eacec1d Added all missing PHP 5.x hashes and tidied up the output (grouped ranges and made it consistently use a dash). 
Hashes are now arranged in order, to make it easier to find manually.

For a list of all the PHP 5 hashes I generated see: http://seclists.org/nmap-dev/2010/q4/518
 2010-11-27 11:21:36 +00:00
david
26636d3cf7 Remember the forward DNS name and non-scanned addresses for IPv6, just 
as for IPv4. This makes the output more uniform and gives NSE access to
host.targetname for IPv6 hosts.

This is what IPv4 output looks like:

$ nmap -sL www.kame.net
Nmap scan report for www.kame.net (203.178.141.194)
rDNS record for 203.178.141.194: orange.kame.net
Nmap done: 1 IP address (0 hosts up) scanned in 0.16 seconds

$ nmap -sL www.debian.org
Nmap scan report for www.debian.org (128.31.0.51)
Other addresses for www.debian.org (not scanned): 206.12.19.7
rDNS record for 128.31.0.51: senfl.debian.org
Nmap done: 1 IP address (0 hosts up) scanned in 0.17 seconds

Here is the output before this change. Notice that the target name is
missing and there is no separate "rDNS" line.

$ nmap -6 -sL www.kame.net
Nmap scan report for 2001:200:dff:fff1:216:3eff:feb1:44d7
Nmap done: 1 IP address (0 hosts up) scanned in 0.04 seconds

$ nmap -6 -sL www.debian.org
Nmap scan report for bellini.debian.org (2607:f8f0:610:4000:211:25ff:fec4:5b28)
Nmap done: 1 IP address (0 hosts up) scanned in 0.11 seconds

Here is the output after this change:

$ ./nmap -6 -sL www.kame.net
Nmap scan report for www.kame.net (2001:200:dff:fff1:216:3eff:feb1:44d7)
Nmap done: 1 IP address (0 hosts up) scanned in 1.04 seconds

$ ./nmap -6 -sL www.debian.org
Nmap scan report for www.debian.org (2607:f8f0:610:4000:211:25ff:fec4:5b28)
rDNS record for 2607:f8f0:610:4000:211:25ff:fec4:5b28: bellini.debian.org
Nmap done: 1 IP address (0 hosts up) scanned in 0.07 seconds
 2010-11-26 04:06:25 +00:00
david
1f333be278 Fix compilation with --without-liblua. This was reported by Nuno 
Gonçalves and Henri Doreau.
 2010-11-24 23:37:42 +00:00
batrick
4b481939b3 Reverting 21172, it was actually correct. 2010-11-24 21:10:20 +00:00
batrick
ce8c422f7d Fixed debug format. 2010-11-24 21:05:13 +00:00
patrik
a8efdad527 fixed usage typo. change port number from 5900 to 1352. 2010-11-24 20:56:43 +00:00
robert
485ee4aded Added a new credits hash for PHP/5.2.2 based on testing with php-5.2.2-Win32.zip. 2010-11-24 15:51:39 +00:00
david
21d0324c5b Updates to rmi-dumpregistry.nse and rmi.lua from Martin Holst Swende. 2010-11-23 17:45:58 +00:00
patrik
f3641ee649 lowered the timeout from 30 seconds to 5 for new connections 
add new functionality for discovering servers using the MSSQL Browser service
add new functionality to decode version data received from the browser service
[Patrik]
 2010-11-20 18:54:50 +00:00
ron
f14a179b44 Fixed a bug in stdnse.format_output() where the 'name' attribute of the top-most table wouldn't display 2010-11-20 16:18:18 +00:00
david
c12e4c93fb Remove the call to sort the runlevel table. Patrick changed this code so 
that it is built sorted, and also changed the structure of the table so
that sorting it raises an error. Patrik noticed the error.
 2010-11-20 15:35:58 +00:00
robert
33a6a0a49b Added the py2exe, share and licenses folders to be removed during an installation over the top of an existing Nmap installation. This clears out any bad DLLs that might have been installed in older versions of Nmap (e.g. 5.36TEST1). 2010-11-20 09:04:49 +00:00
fyodor
f715da890e Fix a bug in the Makefile which used slightly the wrong path name in trying to delete a .svn directory 2010-11-20 08:57:33 +00:00
fyodor
050548f562 Change version number from 5.36TEST1 to TEST2 2010-11-20 08:36:49 +00:00
fyodor
51bfc9d384 Remove a .svn directory which was getting left in the builds (problem noted by Rob Nicholls 2010-11-20 08:34:55 +00:00
david
59a32cf9ce Add html-title and robots.txt to OLD_SCRIPT_NAMES. 2010-11-20 05:03:10 +00:00
fyodor
3652bd6939 Rename a couple http scripts to make it more clear that they use the http protocol and for consistency with other script names 2010-11-20 04:22:51 +00:00
fyodor
ddcc972443 Update some text in scripts in preparation for rename of these two scripts 2010-11-20 04:19:16 +00:00
fyodor
10d85c1a6b Removed broadcast-upnp-info and broadcast-dns-service-discovery from the default category. With these running by default, I was getting a bunch of information about printers and stuff on my LAN. Which is great info, and I love the scripts, but that's not what I'm really looking for when just trying to scan scanme.nmap.org 2010-11-20 02:04:00 +00:00
fyodor
5160013905 Note that port 5351/udp is nat-pmp service 2010-11-20 01:49:40 +00:00
fyodor
f0a52e8f65 Actually 5.36TEST1 is a better version number than 5.36RC1, IMHO 2010-11-20 01:47:03 +00:00
fyodor
280205b01b Update the Nmap version number since the 5.35DC18 release was quite a while ago 2010-11-20 01:07:30 +00:00