PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity
6,463 Commits 2 Branches 0 Tags
6f95d9fabe8b18c220b9dd29e23cda632d77a91a
Commit Graph

88 Commits

Author SHA1 Message Date
patrik
bd1b7dfaad o [NSE] Applied patch to http-fingerprints adding support for identifying DCVS 
systems Git, Mercurial and Bazaar. [Hani Benhabiles]
 2011-12-25 21:57:11 +00:00
patrik
215f697171 o Added new fingerprints to http-enum for Subversion, CVS and Apache Archiva 
[Duarte Silva]
 2011-12-18 19:11:24 +00:00
patrik
acb1455874 o [NSE] Applied patch that replaces a number of GET requests to HEAD in http- 
fingerprints.lua where no matching was performed on the returned contents.
  [Hani Benhabiles]
 2011-12-06 15:57:21 +00:00
david
46bcc85069 Add some more JBoss fingerprints. 
These are from a talk I saw recently (page 19).
http://www.matasano.com/research/OWASP3011_Luca.pdf
 2011-12-02 19:28:54 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
paulino
859e35bc2e Adds entry for Easy Hosting Control Panel. There are a lot of vulnerable installations and an auth bypass vulnerability: 
http://www.1337day.com/exploits/17010
 2011-10-04 07:46:16 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
44fcc2f455 ssl-enum-ciphers update for cipher strength from Gabriel Lawrence. 2011-09-14 17:57:47 +00:00
patrik
ae75aa7fd3 o [NSE] Added new default credential list for Oracle and modified the 
oracle-brute script to make use of it. [Patrik]
 2011-09-05 08:13:34 +00:00
patrik
a1d515e548 o [NSE] Added script broadcast-listener that attempts to discover hosts by 
passively listening to the network. It does so by decoding ethernet and IP
  broadcast and multicast messages. [Patrik]
 2011-08-10 16:46:55 +00:00
gorjan
d509ad055a Adding the optimized snmp-brute script, unpwdb library , snmpcommunities wordlist 2011-08-03 21:37:27 +00:00
paulino
deded46038 Adds apache axis2 login signature. 2011-07-15 23:43:10 +00:00
paulino
6a8a10794f Adds more paths for Coldfusion and Apache Axis2 2011-07-15 23:33:03 +00:00
paulino
b291f28e62 Added new entries for awstats totals under 'general' 2011-07-11 07:48:16 +00:00
paulino
248b53abfa Adds entries under 'attack' for: 
-OrangeHRM: http://www.exploit-db.com/exploits/17212/
-Tikiwiki: http://www.exploit-db.com/exploits/1244/
 2011-07-09 20:44:22 +00:00
paulino
0528868eb9 Includes new fingerprints for Joomla submitted by Hani, moves drupal signatures to the cms section and adds new ones for Cisco, Airaya and Cirronet routers 2011-07-09 20:29:11 +00:00
paulino
84a4bb2506 Added signature of a Cisco router 2011-07-08 18:44:23 +00:00
paulino
4348f6fa07 Adds fingerprints for Drupal and Arris 2307 2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d Adds new fingerprint and new login template. 2011-07-04 20:56:06 +00:00
paulino
4f21388faa Adds http-default-accounts fingerprint database 2011-07-01 21:43:53 +00:00
paulino
5fcfb8abc6 * Adds Wikipedia path to the wiki signatures. 2011-07-01 20:47:06 +00:00
paulino
47a338c85a * Adds note about a desired feature: cache system for http pipelines 
* Adds note about the new signatures added to http-enum
 2011-07-01 20:45:28 +00:00
paulino
d69d7aa820 No more duplicates in this database. 2011-07-01 19:27:53 +00:00
paulino
fb07b4082a Moves lotus domino fingerprints under the same one 2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5 Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009. 2011-07-01 19:02:34 +00:00
paulino
e420332846 Adds 120 new entries under the categories: general, attacks, cms, security, management and database. 2011-07-01 10:18:10 +00:00
paulino
29ff392125 Added new entries under 'general' and 'cms' . Extracted from exploit-db archives so the new software added is known to be vulnerable. 2011-06-27 03:40:22 +00:00
paulino
c8bb5ac526 Added more fingerprints under 'general' 2011-06-26 21:43:25 +00:00
paulino
0c3728edd2 Added more fingerprints under 'cms' and 'general' 2011-06-25 23:24:14 +00:00
paulino
baba2fe7c5 Adds fingerprint data for the following routers: 
-Huawei HG530
-Thomson 585v8
-2WIRE 1701HG
 2011-06-22 03:39:17 +00:00
paulino
90153308cb Adds around 350 new entries that look for: 
-admin directories
-jboss
-tomcat
-tikiwiki
-majordomo2
-microsoft sql
-wordpress
 2011-06-18 04:09:04 +00:00
patrik
0a3bf95897 o [NSE] Added a MySQL audit script and a rulebase that supports auditing a 
subset of the MySQL CIS 1.0.2 Benchmark. [Patrik]
 2011-06-17 06:12:01 +00:00
ron
c9a964d8a3 Added some updated http-fingerprints checks from Ange Gutek 2011-06-16 22:38:54 +00:00
paulino
7e2e4bc591 Added information to fingerprint versions of CakePHP applications. 2011-05-20 09:26:31 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
7a2b7781f7 Add an http-enum fingerprint for /crossdomain.xml, which is used to 
grant permission to Adobe Flash players to make connections.
 2011-04-17 18:32:37 +00:00
david
6142158b43 Updates to ssl-known-key by Mak Kolybabi, 
http://seclists.org/nmap-dev/2011/q1/934. Change the database format.
Change the output.
 2011-03-22 19:44:45 +00:00
david
0e970b4bc6 ssl-known-key.nse: Use shortport.ssl. Rename ssl-fingerprints.txt to 
ssl-fingerprints; no extension appears to be the prevailing convention
in nselib/data. Allow comments and blank lines in ssl-fingerprints. Add
Little Black Box copyright and attribution to ssl-fingerprints. Boost
some print_debug thresholds.
 2011-03-22 19:44:42 +00:00
david
47557a108b o [NSE] Added ssl-known-key.nse, which checks SSL certificates against a 
list of certificates with known keys that have been extracted from
  firmware files. [Mak Kolybabi]
 2011-03-22 19:44:40 +00:00
robert
e7e40bb43a Added some extra Microsoft fingerprints for FrontPage and Remote Desktop Web. 2011-03-09 09:34:02 +00:00
fyodor
0074b626cc o Integrated cracked passwords from the Gawker.com compromise 
(http://seclists.org/nmap-dev/2010/q4/674) into
  Nmap's top-5000 password database. A team of Nmap developers, lead
  by Brandon Enright has cracked 635,546 out of 748,081 password
  hashes so far (85%). Gawker users' top passwords are are "123456",
  "password", "12345678", "lifehack", "qwerty", "abc123", "12345",
  "monkey", "111111", "consumer", and "letmein".
 2011-01-12 08:38:39 +00:00
ron
4e5f8799e1 Added a bunch of CMS checks for http-enum.nse submitted to me by Robert Rowley 2011-01-09 18:51:03 +00:00
ron
684c7e0229 Added credit for the new fingerprints 2010-11-18 23:36:41 +00:00
ron
d40bdc8139 Added fingerprints for WRT54g, Prinenergy Dashboard, and Adobe Acrobat Connect Pro 2010-11-18 23:35:27 +00:00
ron
38f1689e82 Added a leading '/' to paths where it was missing before. 2010-11-17 23:57:17 +00:00
ron
bfd642c6fb Removed a line that causes a lot of false positives 2010-11-06 07:34:32 +00:00
ron
d73016e41f Added a bunch of fingerprints from @jhaddix 2010-11-05 16:16:54 +00:00
ron
2957b4d733 Added http-fingerprint matches for Nessus's HTTP server 2010-11-02 15:42:28 +00:00
ron
13bb98b8b8 Bring in changes from my experimental brange, nmap-http 2010-10-27 03:08:08 +00:00