PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity
12,269 Commits 2 Branches 0 Tags
63c88b1a746e77df85a241ee6d6eb726b025da3d
Commit Graph

100 Commits

Author SHA1 Message Date
dmiller
17416feb5e New outlib library for output-related functions 2020-01-16 19:12:58 +00:00
dmiller
199c844d8a Remove unneeded requires 2018-08-27 22:00:14 +00:00
dmiller
bc0935a51a Warn if no ciphers support FS. See #1309 2018-08-27 15:02:48 +00:00
dmiller
073a3efb23 Let all ssl scripts check for SSL and cache/check SSL status. https://security.stackexchange.com/q/189268/9209 2018-07-11 05:03:13 +00:00
dmiller
cd3253f5a2 New script, https-redirect 2018-06-28 03:43:27 +00:00
dmiller
689ea0e05d Spelling corrections. Fixes #1160 2018-03-26 14:59:41 +00:00
dmiller
41199b7eea Use default EC curves instead of all throughout. 2017-10-31 04:26:59 +00:00
dmiller
ca91d27ae9 Add reference to SSL Labs Server Rating Guide 2017-10-18 20:26:41 +00:00
dmiller
75a873840c Avoid edge case where cipher chunk size could be less than 1. See #945 2017-07-28 04:03:55 +00:00
dmiller
dc6d29371f Avoid a crash when no compressors are listed. Closes #945 2017-07-27 03:17:42 +00:00
dmiller
a7c8d25c56 Consolidate error reporting 2017-02-26 03:49:07 +00:00
dmiller
233eb1d71c Only send one protocol version in client hello instead of indicating a range of supported versions. 2017-02-24 16:28:33 +00:00
dmiller
91dade9325 Ignore protocol mismatch in some more cases. 2017-02-24 16:28:33 +00:00
dmiller
189e6ac201 Revert to older logic allowing rejection of protocol if server chooses a different one 2017-02-24 15:47:50 +00:00
dmiller
6f8ec39063 Don't consider protocol mismatch for alerts other than protocol_version to be a protocol rejection. http://serverfault.com/q/832207/112426 2017-02-24 15:47:48 +00:00
dmiller
1790c9476c Note recommendation to use -sV with ssl-enum-ciphers 2017-02-01 14:03:19 +00:00
robert
8cc713e534 Resolved an "attempt to index a nil value (local 'certs')" error in find_ciphers_group that caused false negatives in script output. 2017-01-20 19:06:50 +00:00
dmiller
e4717fa068 Add tls.servername script-arg. Closes #540 2016-12-05 17:44:32 +00:00
dmiller
1bbd6c8e90 Fix a bug: forgot to pass in the protocol version 2016-08-31 02:32:25 +00:00
dmiller
8779c1e376 Fix a crash in ssl-enum-ciphers when parsing unsupported cert types 2016-08-30 16:07:08 +00:00
dmiller
d4ed90381f Update @output for ssl-enum-ciphers to reflect 3DES changes 2016-08-24 16:12:40 +00:00
dmiller
9a21104bd6 Clarify kex weakness warning with actual kex info 2016-08-24 16:07:58 +00:00
dmiller
fc948c437b Add warning for SWEET32 on CBC with block size <= 64 bits 2016-08-24 16:07:57 +00:00
nnposter
fb2fc62a0b Penalizes 3DES for SWEET32 attack (CVE-2016-2183) 2016-08-24 14:56:25 +00:00
dmiller
66fb5fba22 Avoid an error thrown in ssl-enum-ciphers with connect problems 2016-08-20 00:07:58 +00:00
nnposter
aaa4508ceb Updated @output and @xmloutput documentation sections in script ssl-enum-cpihers to be consistent. Fixes #475 2016-08-11 23:56:18 +00:00
nnposter
f3ee542683 Changed weak cipher strength threshold from 128 to 112 bits in script ssl-enum-ciphers. Fixes #474 2016-08-11 23:47:31 +00:00
dmiller
cb4b46bd53 Canonicalize authors as tables instead of comma-separated strings 2016-06-09 22:46:42 +00:00
dmiller
39018e3e91 Check for RSA exponent of 1, resulting in F score 2016-06-09 04:36:09 +00:00
dmiller
fb6d2a5567 Deprecate SHA-1 certs in ssl-enum-ciphers. Closes #370 2016-05-02 13:55:17 +00:00
dmiller
b341915722 Deprecate RC4 ciphersuites 2016-05-02 13:55:16 +00:00
dmiller
53d41055c7 Port r35354 changes to ssl-enum-ciphers internal probe 2015-12-07 17:45:55 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
bbee119188 Support fragmented TLS records. Closes #194 2015-10-29 22:18:32 +00:00
dmiller
e2bbf289d4 Display EC curve name in ssl-enum-ciphers 
Closes #173. See http://seclists.org/nmap-dev/2015/q3/254
 2015-09-17 13:00:23 +00:00
gyani
a59056e29e Fixed a spelling mistake. 2015-07-10 17:06:28 +00:00
gyani
29f57ea556 Gracefully handles case of openssl being missing. Cipherscores 
of those ciphers that require openssl are marked unkown.
Closes #115.
 2015-07-04 07:34:14 +00:00
dmiller
2e74e48a2b Work around long handshake intolerance in ssl-enum-ciphers 
https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
 2015-06-23 21:20:23 +00:00
dmiller
a881712e6b Add valid TLS1.2 probe and move checks to rule in ssl-enum-ciphers (#168) 2015-06-19 12:02:31 +00:00
dmiller
06e6062dba Prevent ssl-enum-ciphers from running on detected-non-ssl services 2015-06-18 23:32:35 +00:00
dmiller
d93945ea5c Let ssl-enum-ciphers run on any port when selected by name (#168) 2015-06-18 21:27:39 +00:00
dmiller
04fee3d14c Move TLSv1.2 signature_algorithms extension defaults into tls.lua 2015-03-25 02:29:25 +00:00
dmiller
ed86473b0c Send supported signature algorithms for TLSv1.2 2015-03-24 23:22:19 +00:00
dmiller
4d106cbe23 Remove unneeded requires 2015-02-28 12:43:59 +00:00
dmiller
ee4b2dfe5d A TODO note for ssl-enum-ciphers 
We recently became dependent on OpenSSL for some of ssl-enum-ciphers's
functionality (parsing certificates). We should have a decent fallback
(e.g. don't parse the certificate, issue a warning, and use a dummy
score).

[ci skip] This tells Travis to skip the CI build when this commit is
pushed, useful for documentation changes that don't affect the build.
 2015-01-01 21:09:05 +00:00
dmiller
c85bb0b54f Correct logic on checking for SHA1 certificate in ssl-enum-ciphers 2014-11-10 16:16:29 +00:00
dmiller
4e3baad093 Relax ssl-enum-ciphers' timeout to allow time for server processing 2014-11-10 16:16:27 +00:00
dmiller
e3024a6463 Documentation for new ssl-enum-ciphers rating system 2014-11-07 21:52:49 +00:00
dmiller
8f414cfc3a Correct conversion of DH key size to RSA bit strength equivalent 2014-11-07 21:41:38 +00:00
dmiller
222b2a009d Use internal cipher/handshake scoring system instead of static datafile 2014-11-07 16:39:26 +00:00