PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-02 12:59:02 +00:00
Code Issues Projects Releases Wiki Activity
8,227 Commits 2 Branches 0 Tags
67bc0819b4959c5481f1eb1f10a7433a6fe63f61
Commit Graph

8227 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
67bc0819b4 Use get_localaddr_string in the connect bind log message. 
This includes the port number, not just the address.
 2013-04-27 16:22:09 +00:00
david
21077a93e1 Add get_localaddr_string. 2013-04-27 16:22:07 +00:00
david
d6d2a832db Factor out the guts of get_peeraddr_string. 2013-04-27 16:22:06 +00:00
david
f0b2e10664 Add service probe for Hazelcast from Pavel Kankovsky. 
http://seclists.org/nmap-dev/2013/q2/7
 2013-04-27 08:02:42 +00:00
paulino
fc431f8df5 -Adds an administration password reset vulnerability in Seagate BlackArmor 110, 220 and 440. 2013-04-26 23:59:28 +00:00
dmiller
93eee124c2 Fix usage of nmap.fetchfile in several scripts 
Discussion thread: http://seclists.org/nmap-dev/2013/q2/121

Existing behavior preserved and preferred, but absolute and local paths
should also work now. Notably, smb-psexec's locate_file function claimed
to check current directory but did not.
 2013-04-26 12:14:44 +00:00
dmiller
666de7b83f Clarify nmap.fetchfile only searches Nmap's paths 2013-04-26 12:14:42 +00:00
dmiller
a606766d88 Allow dns-brute.hostlist to be a relative path 2013-04-26 12:14:40 +00:00
david
8a8be1e9f9 Revision of telnet-brute by nnposter. 
http://seclists.org/nmap-dev/2013/q2/101

- Changed line termination from \r\0 to \r\n.

- Changed response to the telnet server ECHO "will" / "will not" from
  outright "do not" to an agreement with whatever the server proposes
  to make the script work with some daemons.

- Removed use of receive_lines(), which was causing either time-outs or
  unnecessary connection tear-downs due to waiting on a line
  termination. This change improved the script success rate and/or
  performance (5x in some cases).

- Exposed the connection time-out value as a configurable parameter
  (telnet-brute.timeout). It defaults to 5s.

- Improved handling of connection errors, which were occassionally
  causing credential combinations to be skipped.

- Updated the logged-in status detection logic to make the script work
  with some daemons.

- Avoided overlapping connections to make the script work with daemons
  that allow only one connection at a time.

- Replaced a locally defined routine with stdnse.string_or_blank() for
  printing out credentials. Changed printing of tested credentials in
  the debug output to be consistent with script results.

- Script will now report if it senses password-only authentication.

- Implemented detailed debug messages (e.g. "Sending password") at
  debug level 3 (configurable).

- Expanded the script documentation.
 2013-04-26 05:23:12 +00:00
paulino
70dfe708e9 Adds http-vuln-cve2013-0156.nse: Detects Ruby on Rails servers vulnerable to object injection, remote 
command executions and denial of service attacks. (CVE-2013-0156)
 2013-04-25 03:15:33 +00:00
david
aa76963dcd Check for an address family mismatch after parsign NetBlocks. 
This caused a segfault in reverse DNS resolution when the v4hostip of an
IPv6 target was accessed:
./nmap -sL 2001:500:88:200::10
 2013-04-22 21:56:09 +00:00
david
4e70079eb2 Assert that we are dealing with IPv4 targets in reverse DNS. 2013-04-22 21:56:08 +00:00
henri
2b093d6ada ChangeLog for nsock proxy support. 2013-04-22 19:37:09 +00:00
henri
a687f70af3 Removed our copy of mkstr, which has been moved to nbase. 2013-04-22 19:37:03 +00:00
henri
b867fa4721 Fixed ID type in format string. 2013-04-22 19:36:55 +00:00
henri
c8f7d4b7ac Refactored the proxy object model to enforce speration between operations and data. 2013-04-22 19:36:47 +00:00
henri
03ff0651c7 Made proxy handlers return errors to caller when unable to handle proxy replies. 
Errors are returned internally as -1 * <errno code>.
 2013-04-22 19:36:38 +00:00
henri
eda720a389 Style fixes 2013-04-22 19:36:30 +00:00
henri
1780d0a655 Refactored HTTP proxy code to highlight execution flow. 2013-04-22 19:36:22 +00:00
henri
8a260bc209 Refactored code to highlight execution flow. 2013-04-22 19:36:15 +00:00
henri
7c1f9aa780 Removed a kinda brutal assert(0); 
Don't abort when a socks4 proxy returns an invalid message,
just ignore it instead.
 2013-04-22 19:36:07 +00:00
henri
157922dfe0 Replaced proxy_chain->specstr by node->nodestr. 
The global proxy chain specification string wasn't
used anywhere, and I'd need a string to represent
each node of the chain.
 2013-04-22 19:35:59 +00:00
henri
5cf3780a93 Added a nsock log message to nsock_connect_internal. 
Explicitely indicates that a connection is about to be
redirected through the proxy chain.
 2013-04-22 19:35:50 +00:00
henri
1b45bfef14 Made NSE use proxychains too. 2013-04-22 19:35:42 +00:00
henri
1455bf0624 Declare local constant string as array instead of pointer to 
follow coding best practices. Also made string static.
 2013-04-22 19:35:30 +00:00
henri
5be3de1477 Minor style fixes. 2013-04-22 19:35:22 +00:00
henri
9d8c84b17f Replaced hardcoded value by a sizeof() call. 2013-04-22 19:35:14 +00:00
henri
b54590c344 Don't artificially increase timeouts to establish proxy 
connections. It's now up to the caller to adjust timeout
values accordingly.
 2013-04-22 19:35:07 +00:00
henri
a729e0047c Reworked expression for readability. 2013-04-22 19:34:58 +00:00
henri
4998b3f20a Updated email addresses in licence terms of the new files. 2013-04-22 19:34:50 +00:00
henri
a5fee3f2b4 Updated nsock_proxy to use nsock_log_* 2013-04-22 19:34:41 +00:00
henri
141184b7e8 Added a TODO entry for socks5 support. 2013-04-22 19:34:34 +00:00
henri
7e49052ded Added a branch-specific todo file. 2013-04-22 19:34:26 +00:00
henri
11fdeed8fb Restrict proxying to TCP operations. 2013-04-22 19:34:18 +00:00
henri
ab6a7a4f9e Added SOCKS4 support 
Beware socks4a extention is not supported. Target hostnames
therefore need to be resolved somehow.

Initial patch by David and sed :)
 2013-04-22 19:34:11 +00:00
henri
a3fbe7d7d6 Style change, neater syntax. 2013-04-22 19:34:01 +00:00
henri
af59333757 Perform the proxy connexion hook in connect_internal(). 
This allows to generically handle all kinds of connexions instead of manually
providing a handler for tcp connect, ssl connect...

The drawback is that would it makes it harder to implement support of SSL
proxies. Not sure whether there's a need though, looks like regular clients
don't handle them at least.
 2013-04-22 19:33:53 +00:00
henri
f1cfcb3126 Added a --proxy option as an alias of --proxies as I'm getting tired of always 
typing it wrong.
 2013-04-22 19:33:44 +00:00
henri
5906c97ff9 Enfore node=NULL on error. 2013-04-22 19:33:37 +00:00
henri
8902a7c1bb Let our DNS resolver use nsock proxy chains. 2013-04-22 19:33:28 +00:00
henri
19a01d75ab Let FPEngine use nsock proxy chains. 2013-04-22 19:33:22 +00:00
henri
18cf677548 Let NSE use nsock proxy chains. 2013-04-22 19:33:15 +00:00
henri
6700abe1e8 Added svn properties. 2013-04-22 19:33:08 +00:00
henri
71e23318e9 Removed list of todo items from source. 2013-04-22 19:33:00 +00:00
henri
6e8b30d721 Added support to resolve proxy hostnames. 2013-04-22 19:32:52 +00:00
henri
b7b3b4bd3e Default port is set to -1 (and not zero) when not specified in proxy specification string. 2013-04-22 19:32:44 +00:00
henri
99258673ad Added handling of the new NSE_STATUS_PROXYERROR case. 2013-04-22 19:32:36 +00:00
henri
c9d237f26b Added a new NSE_STATUS_PROXYERROR status type to report proxy-related errors 
back to caller.
 2013-04-22 19:32:29 +00:00
henri
da1559b237 Replaced a couple macros by corresponding static inline functions. 
Removed unused PROXY_CTX_NODES() macro.
 2013-04-22 19:32:20 +00:00
henri
6c0d537efb Removed unused http_proxy_info structure. 2013-04-22 19:32:11 +00:00