PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-28 18:39:03 +00:00
Code Issues Projects Releases Wiki Activity
6,307 Commits 2 Branches 0 Tags
6827d787b4e3f171d0503e35d1d784ca2d44bfab
Commit Graph

1276 Commits

Author SHA1 Message Date
fyodor
6827d787b4 In my tests, doubling the timeout only increased the number of properly detected telnet servers from 669 to 679. That is only an increase of ~1.5%, so I'm dialing it back down to 7.5s 2011-12-28 01:52:54 +00:00
fyodor
ea33a885a3 increase the timeout from 5s to 10s because many servers seem to respond slowly 2011-12-28 01:18:25 +00:00
fyodor
93c0ae4f44 Add new telnet-encryption script 2011-12-28 00:57:48 +00:00
fyodor
12019c6773 combine two @output sections into one 2011-12-27 21:05:57 +00:00
patrik
fa5f2ebb3c Tried to work-around a nsedoc bug with multiple outputs [Patrik] 2011-12-27 21:03:11 +00:00
patrik
5c816cb2a2 Added a second @output example containing a list of supported services 
[Patrik]
 2011-12-27 20:57:44 +00:00
patrik
4ad62b1cdf Fixed a bug that would prevent listing services unless an IP was specified as 
argument [Patrik]
 2011-12-27 20:55:19 +00:00
patrik
07e0426629 o [NSE] Changed the dhcp-discover script to use the DHCPINFORM request to query 
dhcp servers instead of DHCPDISCOVER. Cleaned up some code in the DHCP
  library. [Patrik]
 2011-12-27 18:48:34 +00:00
patrik
b085ba0283 Fixed a bug that would prevent the script from running through the hostrule 
as it would fail to validate the IP. [Patrik]
 2011-12-26 19:52:44 +00:00
patrik
ecd9a38210 Corrected sample output in dns-blacklist [Patrik] 2011-12-26 14:31:36 +00:00
patrik
bb7d5a526f o [NSE] Added script dns-blacklist that performs DNSBL checks of given or 
scanned IP addresses against multiple DNSBL services. [Patrik]
 2011-12-26 14:22:25 +00:00
patrik
ff9d0eabab o [NSE] Applied patch to snmp-brute that solves problems with handling errors 
that occur when parsing files with community lists. [Duarte Silva]
 2011-12-25 22:51:56 +00:00
patrik
67338201c1 o [NSE] Fixed a bug with an undeclared variable in snmp-ios-config.nse [Patrik] 2011-12-25 19:38:08 +00:00
david
8080f1dd41 Exclude ::1 from being an IPv4-compatible address (0.0.0.1) in address-info. 
It said:
|_address-info: IPv4-compatible; IPv4 address: 0.0.0.1
which is not right.
 2011-12-23 21:14:53 +00:00
patrik
5d0db9c7fc o [NSE] Applied patch to add additional version information to Mongodb scripts 
[Martin Swende]
 2011-12-20 18:54:03 +00:00
patrik
d3797510ee o [NSE] Added path argument to the http-auth script and changed so that script 
output was returned using stdnse.format_output [Duarte Silva, Patrik]
 2011-12-19 18:39:18 +00:00
patrik
c7231cf96f Reverted previous http-auth patch. [Patrik] 2011-12-19 06:57:51 +00:00
patrik
b6a56e9fa0 o [NSE] Modified http-auth to support multiple authentication mechanism and to 
allow for a path to be specified as an argument. [Patrik]
 2011-12-18 19:25:24 +00:00
patrik
ca63146635 o [NSE] Added the script http-open-redirect that finds web pages that do not 
properly validate parameters used for HTTP redirects. [Martin Swende]
 2011-12-18 12:58:56 +00:00
patrik
3f50f9c95c o [NSE] Added the script broadcast-pc-anywhere that discovers host running the 
PC-Anywhere remote control software on the LAN. [Patrik]

o [NSE] Added the script broadcast-pc-duo that discovers hosts running the
  PC-Duo remote control software on the LAN. [Patrik]

o Added probes for discovering PC-Duo and PC-Anywhere hosts. [Patrik]
 2011-12-18 09:33:38 +00:00
patrik
f749c7cd45 o [NSE] Added the script broadcast-wake-on-lan that wakes systems from sleep 
by sending a Wake On Lan packet. [Patrik]
 2011-12-16 18:00:34 +00:00
patrik
844929ce64 o [NSE] Added the script http-unsafe-output-escaping that checks if parameter 
contents are reflected in responses, aiding in discovering potential XSS
  vulnerabilities. [Martin Swende]
 2011-12-15 06:19:20 +00:00
patrik
4214307364 o [NSE] Added the script http-grep that attempts to match web pages and urls 
against a given pattern. [Patrik]
 2011-12-11 19:44:26 +00:00
patrik
3e8440f5f6 o [NSE] Fixed issue in path encoding in the http-backup-finder script. [Patrik] 2011-12-11 09:17:21 +00:00
patrik
5183478e8c o [NSE] Added the script http-backup-finder that searches for backup copies 
of files discovered by crawling a website. [Patrik]
 2011-12-10 10:32:18 +00:00
patrik
a94535a1c4 added missing license variable to http-email-harvest 2011-12-10 10:16:56 +00:00
patrik
8254da793e o [NSE] Added getLimitations function to httpspider that returns any 
limitations imposed on the crawler. [Patrik]
 2011-12-10 10:11:56 +00:00
patrik
e20a1b5174 o [NSE] Modified the httpspider library to prefetch links in the queue and 
change how script arguments are processed. Script and library arguments are
  now processed from within the library. [Patrik]
 2011-12-09 15:48:19 +00:00
patrik
9d5875e245 o [NSE] Added the script http-apache-negotiation that detects if the Apache 
module mod_negotiate is enabled. [Hani Benhabiles]
 2011-12-08 20:50:12 +00:00
patrik
25a54f58cb o [NSE] Applied patch that corrects an issue where the http-method-tamper 
script would fail to properly detect JBoss servers vulnerable to the
  CVE-2010-0738 vulnerability. [Hani Benhabiles]
 2011-12-08 19:04:42 +00:00
patrik
682a9a746b o [NSE] Added a new httpspider library and the script http-email-harvest that 
collects e-mail addresses by spidering a website. [Patrik]
 2011-12-06 22:47:11 +00:00
patrik
0340c7321c o [NSE] Applied patch to the ssl-cert script that adds support for getting SSL 
certificates from FTP servers. [Matt Selsky]
 2011-12-06 15:49:36 +00:00
david
30af606588 Light copyediting of NSEDoc in ssl-google-cert-catalog.nse. 2011-12-06 05:01:18 +00:00
david
028345e871 Improve the wording in the output of ssl-google-cert-catalog.nse. 2011-12-06 05:01:17 +00:00
patrik
171c917b37 o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The 
script connects to a Vuze node and gets protocol, vendor and network
  information. [Patrik]
 2011-12-03 09:18:58 +00:00
patrik
4c525b584d o [NSE] Added the script reverse-index that creates creates a reverse index 
showing which hosts run a particular service rather than the services for
  each host. [Patrik]
 2011-11-29 00:48:59 +00:00
patrik
b2513a2aaf o [NSE] Added whitelist capabilities to the unusual-port script to be able 
to handle legitimate services on dynamic ports and discrepancies between
  names of services. [Patrik]
 2011-11-29 00:41:07 +00:00
patrik
95af3f1937 o [NSE] Added the script unusual-port that compares a detected service on a 
port against the expected service listed in nmap-services [Patrik]
 2011-11-25 21:09:19 +00:00
patrik
510ebe0eb7 o [NSE] Added the script broadcast-sybase-asa-discover that discovers Sybase 
SQL Anywhere servers on the local LAN. [Patrik]
 2011-11-20 12:33:53 +00:00
patrik
9b2d03d633 o [NSE] Added maxdb-info script that tries to enumerate version and database 
information from a SAP MaxDB database [Patrik]
 2011-11-17 22:12:59 +00:00
patrik
4c0ed27d89 o [NSE] Added nexpose-brute a script that performs password auditing against 
the Nexpose vulnerability scanner. [Vlatko Kosturjak]
 2011-11-17 19:46:42 +00:00
patrik
4b64da4f14 o [NSE] Added http-vuln-cve2011-3368 a script that attempts to detect whether 
the remote web server is vulnerable to the Apache reverse proxy bypass
  vulnerability CVE-2011-3368. [Ange Gutek, Patrik]
 2011-11-17 19:33:19 +00:00
patrik
ceb89b459f Removed e-mail address from author variable in rtsp-methods and irc-brute 
[Patrik]
 2011-11-11 15:31:50 +00:00
patrik
1aa3e7c456 o [NSE] Re-enabled support for guessing the username in addition to password 
that was incorrectly removed from the metasploit-xmlrpc-brute in previous
  commit. [Patrik]
 2011-11-11 05:52:52 +00:00
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
0fa0ef41d5 Added missing usage and output documentation [Patrik] 2011-11-09 19:15:17 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
djalal
8a175d127d o [NSE] added a debug message in the prerule to show that some arguments are missing. 2011-11-09 12:39:01 +00:00
djalal
5ea6fe675d o [NSE] check script arguments in the prerule to avoid running the script if they are missing. 2011-11-09 12:31:48 +00:00