PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 21:51:28 +00:00
Code Issues Projects Releases Wiki Activity
4,399 Commits 2 Branches 0 Tags
68fd970ec1a49c96f9c93b16744f64b51ee59990
Commit Graph

673 Commits

Author SHA1 Message Date
drazen
a99aa3b53b Added a check for the MS07-029 vulnerability within "smb-check-vulns". 
Made some small changes to the function descriptions.
 2010-06-13 02:55:26 +00:00
djalal
2ad517622b Add the nfs-ls script entry to the script.db 2010-06-12 23:53:20 +00:00
djalal
921f052f0b Merge r17766:18060 from /nmap-exp/djalal/nselib and nmap-exp/djalal/scripts contains new scripts nfs-ls.nse and lot of new code to the rpc.lua library to check files type and attributes to marshall/unmarshall file attributes and some new high level functions to manipulate NFS objects. 2010-06-12 23:45:59 +00:00
drazen
48ead20324 Added a NOTUP notification if the target service is down (not started). 2010-06-12 22:13:30 +00:00
drazen
0f4d199b1e Fixed a simple bad gameplay in which I attempt to close 
an already closed SMB session.
 2010-06-12 21:45:16 +00:00
drazen
62c2d97f93 MS06-025: 
-- Finished, tested and merged into smb-check-vulns
	-- msrpc.lua contains the code required to interface with the RASRPC interface
 2010-06-12 19:32:50 +00:00
david
e4162e6771 o [NSE] Added dns-cache-snoop.nse by Eugene Alexeev. This script does 
cache snooping by either sending non-recursive queries or by measuring
  response times.
 2010-06-12 02:25:44 +00:00
fyodor
35a28ea343 canonicalize some license text that differed in whitespace or quote character or line-ending or (in a couple cases) the slightly older wording 2010-06-11 06:54:56 +00:00
fyodor
3ceb44b4f7 Moved some information from the license field of these two scripts to the description field. I felt this was a better place since the URL leads to a description of the service rather than license information 2010-06-11 06:49:15 +00:00
fyodor
46a819b034 changed a URL to use %28 and %29 rather than ( and ) to fix an nsedoc parsing issue noted by Jason DePriest 2010-06-10 05:36:39 +00:00
robert
565d6a524d Improved anonymous ftp detection. Now supports ACCT and has improved parsing of server responses. 2010-06-05 12:37:39 +00:00
kris
3a0aa06db1 Fix a bug in qscan.nse which kept a confidence level of 0.9995 from working; 
Marcin Hoffmann reported the problem.
 2010-06-05 00:46:48 +00:00
jah
722f10670a Some improvements based on a review by David: comments, less convoluted code and 
a silly mistake. Also removed some length checks for Mode 7 implementation 2
data which are no longer used.
 2010-06-04 10:05:32 +00:00
jah
cb879a313f Update script.db with added ntp-monlist.nse 2010-06-03 12:37:05 +00:00
jah
5bdc8cda93 ntp-monlist discovers NTP server, peer and client hosts associated with a 
scanned target by sending NTPv2 Private Mode 'monitor' and 'peers' commands to
the target.
 2010-06-03 12:14:15 +00:00
patrik
e411e35fc6 Fixed a bug that would prevent the rpcinfo script from returning any results 
if the rpc program could not be matched to a name.
 2010-06-01 14:09:58 +00:00
fyodor
fb943a04f6 Move some script description text out of the script output section and into the user summary 2010-05-24 03:21:49 +00:00
jah
e307ee691e IANA have moved the IPv4 and IPv6 assignments tables and slightly altered their 
content.
 2010-05-20 19:17:43 +00:00
patrik
b830a036ad o [NSE] Add new DB2 library and two scripts 
- db2-brute.nse uses the unpwdb library to guess credentials for DB2
  - db2-info.nse re-write of Tom Sellers script to use the new library
  [Patrik]
 2010-05-18 21:11:38 +00:00
david
ee5b14967b Set the port state open when dns-resursion.nse gets a response. This 
patch was sent by Olivier Médoc.
 2010-05-03 15:20:25 +00:00
david
52400c1f88 Normalize indentation in dns-recursion.nse. 2010-05-03 15:16:10 +00:00
david
5291f8586d Updates to smtp-commands.nse from Jason DePriest. 
o [NSE] Improved smtp-commands.nse to work against more mail servers,
  made it take an smtp-commands.domain script argument, and rewrote it
  in the style of other smtp scripts. [Jason DePriest]
 2010-04-29 16:42:11 +00:00
robert
fafbf5c704 Removed a duplicate require for stdnse. 2010-04-25 17:35:54 +00:00
patrik
71ca5cceba o [NSE] Improved error handling and reporting and re-designed communication 
class in RPC library with patch from Djalal Harouni. [Patrik]
 2010-04-22 20:25:38 +00:00
ron
cb60803ad1 Fixed a couple bugs in the smb-* scripts involving undeclared variables. These only cropped up if the guest/anonymous accounts were disabled, which I'd never seen before. 2010-04-18 13:43:27 +00:00
david
3915ed94e4 Remove explicit timelimit checking from ms-sql-brute, pgsql-brute, 
mysql-brute, ldap-brute, and afp-brute. The unpwdb library does this
automatically now.
 2010-04-16 02:11:12 +00:00
david
a6e014d42e Change these script arguments to use stdnse.parse_timespec: 
qscan.delay
dns-fuzz.timelimit
mssql.timelimit
A side effect is that the default units for qscan.delay are seconds, not
milliseconds. 0 is now the magic value to disable the time limit in
dns-fuzz.
 2010-04-13 23:09:23 +00:00
kris
f51f1b0154 Add "username" and "password" script args to ftp-bounce.nse 
It has scoped args in the straight form of "ftp-bounce.<arg>" which is
apparently how this works now (at least what other scripts seem to use) instead
of using actual subtables like in http://seclists.org/nmap-dev/2008/q2/567
 2010-04-13 05:13:49 +00:00
david
a34a91f9c5 Add an @output section to auth-spoof.nse contributed by Brandon Enright. 2010-04-13 02:36:56 +00:00
david
22d8aec1ef Add additional @output examples to ftp-bounce.nse, contributed by Gutek. 2010-04-13 02:35:20 +00:00
patrik
bd5e91ffcc o [NSE] Added sorting on port number to dns-service-discovery script. [Patrik] 2010-04-12 10:43:06 +00:00
patrik
112f8f5340 o [NSE] Added snmpWalk function to SNMP library and updated scripts to use it 
[Patrik]
 2010-04-12 10:30:24 +00:00
david
8a26459cfd Add @output sections for http-passwd, db2-info, db2-das-info, and 
pptp-version.
 2010-04-08 19:44:20 +00:00
david
d183a334a2 Add or fix @output sections in ms-sql-config, oracle-sid-brute, 
iax2-version, pop3-brute, and skypev2-version.
 2010-04-08 06:09:39 +00:00
ron
ab654ecc34 Fixed a bug in dhcp-discover -- the read_boolean() function appears to never have worked, but I didn't run into anything that returned a boolean value until Brandon tried running it. It now handles booleans properly, along with a lot of extra debug output (especially on -d2 and higher) 2010-04-07 21:47:22 +00:00
ron
398ecbcb62 Improved error handling (and messages) on dhcp-discover.nse. Hoping to track down a problem reported to me by Brandon Enright. 2010-04-07 21:03:51 +00:00
david
4332937a74 Fix typo. 2010-04-07 14:35:31 +00:00
david
db2a7826ab Fix NSEDoc comments in ms-sql-config and ms-sql-query. They need three 
dashes.
 2010-04-06 21:42:17 +00:00
david
3b34c84de7 Add dns-fuzz script from Michael Pattrick. 2010-04-04 13:41:32 +00:00
patrik
1d26975ede o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new 
scripts are:
  - ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL
  - ms-sql-config retrieves various configuration details from the server		
  - ms-sql-empty-password checks if the sa account has an empty password
  - ms-sql-hasdbaccess lists database access per user
  - ms-sql-query add support for running custom queries against the database
  - ms-sql-tables lists databases, tables, columns and datatypes with optional
    keyword filtering
  - ms-sql-xp-cmdshell adds support for OS command execution to privileged
    users
  [Patrik]
 2010-04-04 10:11:54 +00:00
david
baeb2e8f98 Add @output sections to realvnc-auth-bypass.nse and sql-injection.nse 
from Gutek. Also documents the @args of sql-injection.nse.
 2010-04-02 15:31:24 +00:00
david
d2f232396e Make smtp-commands.nse run for the services {"smtp", "smtps", 
"submission"}, like the other smtp scripts.
 2010-04-01 04:10:40 +00:00
david
5f5b0fd0b0 Add @output to finger.nse and telnet-brute.nse thanks to Gutek. 2010-03-31 23:25:39 +00:00
david
9795ea0399 Add @output for ftp-bounce.nse, thanks to Gutek. 2010-03-31 23:03:17 +00:00
jah
f97dc21865 Fix file-level nsedoc block. 2010-03-31 22:08:16 +00:00
david
bbcfc79538 Add @output sections to these scripts: 
dns-recursion.nse
snmp-brute.nse
daytime.nse
x11-access.nse
smb-enum-domains.nse
dns-random-txid.nse
p2p-conficker.nse
jdwp-version.nse
dns-random-srcport.nse
sshv1.nse
ms-sql-info.nse

Some of these just needed fixed NSEDoc syntax.
 2010-03-31 21:45:21 +00:00
david
5fa554266b Fix NSEDoc. 2010-03-31 20:28:14 +00:00
david
3ef4f3f017 o [NSE] Added the afp-serverinfo script that gets a hostname, IP 
addresses, and other configuration information from an AFP server.
  The script, and a patch to the afp library, were originally
  contributed by Andrew Orr and were subsequently enhanced by Patrik
  and David.

I added an @output section to the script and made it hex-encode a binary
string for the sever signature (previous versions of the afp patch did
the hex-encoding in the library, but I thought it was better to do it in
the script.)
 2010-03-30 19:26:23 +00:00
david
65331759cc Remove afp-path-exploit.nse (which doesn't exist) from script.db. It was 
an earlier version of afp-path-vuln.nse.
 2010-03-29 17:53:32 +00:00
patrik
b1e64b3161 o [NSE] Updated the AFP library to support several new AFP functions and added 
authentication support. Updated the afp-showmount script and added two new
  scripts:
  - afp-brute attempts to guess passwords against the AFP service
  - afp-path-vuln detects the AFP directory traversal vulnerability 
    CVE-2010-0533
  [Patrik]
 2010-03-29 17:41:00 +00:00