PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 04:09:01 +00:00
Code Issues Projects Releases Wiki Activity
4,399 Commits 2 Branches 0 Tags
68fd970ec1a49c96f9c93b16744f64b51ee59990
Commit Graph

439 Commits

Author SHA1 Message Date
batrick
7c7c30fc24 [NSE] (Global fix.) This fixes a spelling error. 2010-08-10 16:32:48 +00:00
david
fbe60bdcc9 Add a new function, shortport.http, that will be used as the portrule 
for HTTP scripts.
 2010-08-09 22:23:43 +00:00
ron
934cf2edf0 Significant changes, both bugfixes and best practice changes, to smb-psexec.nse. Primarily: 
o It no longer uses the global environment to store the modules table
o It now uses loadfile() to load the configuration files, which follows best practices better
o The module() line at the top of the configuration files is no longer required, but if it exists all that happens is a warning is printed
o Worked around what appears to be a bug in one person's Nmap install where absolute paths didn't resolve properly -- I couldn't replicate, but he confirmed it was fixed
 2010-08-07 19:36:47 +00:00
david
1e54009fb9 Change the "namevals" key in the return value of 
http.read_auth_challenge to "params" to match RFC 2617.
 2010-07-25 17:33:35 +00:00
david
bb1119e199 Make the indentation of new auth-related http function match that of the 
rest of the file.
 2010-07-25 17:30:32 +00:00
david
bd0f13c9a0 Move the http.get_default_timeout function out of the section for 
parsing header values. get_default_timeout seems to be completely
unused, so I've moved it right to the end until someone can check on
that.
 2010-07-25 17:29:36 +00:00
david
d053e1a6cc Add RFC section references to the new http auth-related functions. 2010-07-25 17:26:46 +00:00
david
42a1bd99ab Merge from /nmap-exp/david/nmap-http-brute. This adds Basic 
authentication support for http requests.
 2010-07-25 17:12:52 +00:00
david
e1607c5509 Add a favicon hash for "Sourcefire http admin" from Jason DePriest. 2010-07-24 23:24:52 +00:00
kris
33fa744392 fix function name typo in @usage doc 2010-07-24 20:24:55 +00:00
kris
cc33a59ca4 Add nmap.clock() for providing scripts with the current time in floating 
point seconds since the epoch, and add clock_ms() and clock_us() to stdnse
for convenience (millisecond and microsecond).

qscan.nse now provides microsecond resolution.
 2010-07-23 19:49:42 +00:00
kris
ee3c89afe4 o [NSE] When receiving raw packets from Pcap, the packet capture time 
is now available to scripts as an additional return value from
  pcap_receive().  It is returned as the floating point number of
  seconds since the epoch.  The qscan.nse script was updated to use
  this more accurate data instead of using the clock_ms() function
  (which returns the current time). [Kris]
 2010-07-23 10:43:04 +00:00
david
acd64e2921 Fix HTTP caching; every lookup was a cache miss. The problem was r16435, 
where I added a check to make sure that a GET request would hit a cache
entry for a HEAD request and vice versa. Because of a misnamed
identifier, the test was always false.
 2010-07-21 20:36:03 +00:00
david
8811bdb6cc Reflow NSEDoc for PDF inclusion. 2010-07-18 19:41:04 +00:00
david
7d0c08a097 Brief copyediting of NSEDoc for modules. 2010-07-12 19:42:43 +00:00
djalal
81d927513d Make value_follows variable local 2010-07-08 20:21:24 +00:00
djalal
53b2b629dc Merge r18534:r18591 from nmap-exp/djalal/nse-nfs/ 2010-07-06 00:29:54 +00:00
jah
e651aced8c Strip newlines from the the portion of the http status line starting after a 
space.
 2010-07-02 11:35:18 +00:00
djalal
72a06a3b5c Merge r18160:18278 from nmap-exp/djalal/nmap-nse/ to fix NSE not honoring the exclude directive bug. 2010-06-29 21:56:59 +00:00
djalal
1c100da16b Merge r18143:18422 from nmap-exp/djalal/nse-nfs/nselib 2010-06-29 21:00:03 +00:00
david
32c8ee9f1f Fix some NSEDoc. 2010-06-24 17:01:55 +00:00
david
1038dc8bcd Fix an error in the documentation for get_ssl_certificate. 2010-06-13 23:34:13 +00:00
drazen
a99aa3b53b Added a check for the MS07-029 vulnerability within "smb-check-vulns". 
Made some small changes to the function descriptions.
 2010-06-13 02:55:26 +00:00
djalal
921f052f0b Merge r17766:18060 from /nmap-exp/djalal/nselib and nmap-exp/djalal/scripts contains new scripts nfs-ls.nse and lot of new code to the rpc.lua library to check files type and attributes to marshall/unmarshall file attributes and some new high level functions to manipulate NFS objects. 2010-06-12 23:45:59 +00:00
drazen
62c2d97f93 MS06-025: 
-- Finished, tested and merged into smb-check-vulns
	-- msrpc.lua contains the code required to interface with the RASRPC interface
 2010-06-12 19:32:50 +00:00
ron
f91c3d0136 Added a minor patch contributed by the Nepenthes Development Team. It changes the 'alloc hint' argument to be the expected value, which happens to be the size of the arguments, instead of the static value I was using. No target I've ever seen cares about the value of this argument, but this brings us slightly more in line with the standard 2010-06-09 01:31:28 +00:00
patrik
b830a036ad o [NSE] Add new DB2 library and two scripts 
- db2-brute.nse uses the unpwdb library to guess credentials for DB2
  - db2-info.nse re-write of Tom Sellers script to use the new library
  [Patrik]
 2010-05-18 21:11:38 +00:00
djalal
951667ffb4 [NSE] Cache the Portmapper list into the NSE registry 2010-05-18 01:09:21 +00:00
ron
50b9af97b6 Added extra 'overrides' calls all over smb.lua. They're required for some modifications to smb-check-vulns.nse I'm planning. 2010-05-15 15:57:01 +00:00
drazen
f41a94622a --A small formating fix. 2010-05-11 18:31:47 +00:00
fyodor
ec24af9020 Add the standard Nmap copyright header 2010-05-03 22:31:40 +00:00
ron
12fe785185 Added the script-arg 'smbnoguest' to the smb scripts. It disables use of the guest account. Andrew Smith on nmap-dev commented that trying the guest account raised an IDS flag, and asked for a way to disable it. 2010-04-29 11:46:58 +00:00
patrik
242bfadfef o [NSE] Improved error handling and reporting with patch from Djalal Harouni. [Patrik] 2010-04-25 18:44:21 +00:00
batrick
148fa94265 whitespace/formatting consistency 2010-04-24 03:29:29 +00:00
fyodor
543ad818ff remove an extra blank line 2010-04-23 08:05:06 +00:00
patrik
71ca5cceba o [NSE] Improved error handling and reporting and re-designed communication 
class in RPC library with patch from Djalal Harouni. [Patrik]
 2010-04-22 20:25:38 +00:00
fyodor
84c97b9dd6 Improve the list by mixing in some data sent by Solar Designer. 2010-04-21 21:57:33 +00:00
jah
cb0f4a6134 Add some special use IPv4 addresses to isPrivate which are described in RFC 5736 
and RFC 5737, published in Jan 2010. Improve performance of isPrivate for IPv4
addresses by using ip_in_range less frequently. Add an extra return value to
isPrivate - when the first return value is true, the second return value will
now be a string representing the special use assignment in which the supplied
address is located.
 2010-04-18 18:55:30 +00:00
ron
cb60803ad1 Fixed a couple bugs in the smb-* scripts involving undeclared variables. These only cropped up if the guest/anonymous accounts were disabled, which I'd never seen before. 2010-04-18 13:43:27 +00:00
david
84d99961a9 Add a missing return in unpwdb.timelimit. 2010-04-16 01:52:28 +00:00
david
dc03a70c79 Fix some NSEDoc. Some libraries had @copyright and @author right at the 
top of the first comment, so the entire description got stuffed into the
@author field. I also discovered a limitation in the NSEDoc parser: the
first non-empty line following the first --- comment must be the
"module" call, or else the block isn't recognized as belonging to a
module. This was preventing @args from appearing in certain libraries.
Djalal Harouni told me about this.
 2010-04-15 19:21:13 +00:00
david
a6e014d42e Change these script arguments to use stdnse.parse_timespec: 
qscan.delay
dns-fuzz.timelimit
mssql.timelimit
A side effect is that the default units for qscan.delay are seconds, not
milliseconds. 0 is now the magic value to disable the time limit in
dns-fuzz.
 2010-04-13 23:09:23 +00:00
david
68186c2007 Use parse_timespec in unpwdb.lua. 2010-04-13 20:01:38 +00:00
david
b7428619cf Add a stdnse.parse_timespec function. 2010-04-13 17:06:34 +00:00
patrik
112f8f5340 o [NSE] Added snmpWalk function to SNMP library and updated scripts to use it 
[Patrik]
 2010-04-12 10:30:24 +00:00
jah
a9c5d3391c Changed erroneous RFC1918 Private Address assignment from 172.15/12 to 172.15/12. My bad. 2010-04-11 23:38:06 +00:00
jah
19117c80be Fixed error in dns.lua reported by Eugene Alexeev: 
nselib/dns.lua:110: attempt to get length of field 'dtype' (a number value)
 2010-04-10 21:25:50 +00:00
jah
4554312eb6 Added UDP header support. 2010-04-10 00:16:32 +00:00
patrik
a783565970 o [NSE] Correct global access errors in afp.lua reported by Patrick Donnelly 
[Patrik]
 2010-04-08 20:55:20 +00:00
batrick
9537366a74 Fixed global access error with fix proposed by Matrin Swende [1]. 
[1] http://seclists.org/nmap-dev/2010/q1/459
 2010-04-08 20:40:20 +00:00