PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-28 18:39:03 +00:00
Code Issues Projects Releases Wiki Activity
6,463 Commits 2 Branches 0 Tags
6f95d9fabe8b18c220b9dd29e23cda632d77a91a
Commit Graph

765 Commits

Author SHA1 Message Date
patrik
222e8b9e42 o [NSE] Added SASL library created by Djalal Harouni and Patrik Karlsson 
providing common code for "Simple Authentication and Security Layer" to
  services supporting it. The algorithms supported by the library are:
  PLAIN, CRAM-MD5, DIGEST-MD5 and NTLM. [Patrik Karlsson, Djalal Harouni]
 2011-07-21 06:07:02 +00:00
patrik
c3f94727ad o [NSE] Added scripts cvs-brute.nse, cvs-brute-repository.nse and the cvs 
library. The cvs-brute-repository script allows for guessing possible
  repository names needed in order to perform password guessing using the
  cvs-brute.nse script. [Patrik]
 2011-07-21 06:01:19 +00:00
patrik
2faca7aed1 Added support for scripts to report invalid (non-existing) accounts back 
to the brute library. This way, they're removed from further guessing.
[Patrik]
 2011-07-21 05:56:58 +00:00
weilin
586b8464b2 Reverted the unintended changes on nselib/packet.lua@25009. 2011-07-21 02:32:47 +00:00
weilin
1dcf652410 Added ND ping for local IPv6 nets, merging from /nmap-exp/weilin/nmap-nd. 2011-07-19 02:31:54 +00:00
paulino
8215c3420f Fixes the way of creating the request line by changing string.format for regular string concatenation to allow null bytes in the requests. 2011-07-15 23:48:00 +00:00
paulino
deded46038 Adds apache axis2 login signature. 2011-07-15 23:43:10 +00:00
paulino
6a8a10794f Adds more paths for Coldfusion and Apache Axis2 2011-07-15 23:33:03 +00:00
patrik
4356fe16a5 * fixed a bug that would result in unnecessary connects and disconnect for 
discovered accounts

* documented engine options

* added new engine option (nostore) that instructs the library not to store
  the discovered credentials in the credential database
 2011-07-13 20:49:20 +00:00
patrik
c800c437a9 added check for unknown account state to avoid crash when retrieving accounts. 2011-07-13 20:46:15 +00:00
gorjan
70b09c9598 Small fix: missed an 'end' 2011-07-13 09:34:19 +00:00
gorjan
c08ca750fa Added default values for the index and length parameters if no value is supplied in the Packet:raw(index,length) function of the nselib/packet.lua library 2011-07-13 09:27:54 +00:00
patrik
aadac7c8d5 * Fixed a bug in the brute library prevented additional passwords from 
being found if run in passonly mode.

* Fixed a bug in the brute library preventing detection of duplicate
  credential entries requested from the iterator.
 2011-07-12 21:23:12 +00:00
patrik
23d2e0d31f o [NSE] Applied patch from Chris Woodbury that adds the following additional 
information to the output of smb-os-discovery:
  + Forest name
  + FQDN
  + NetBIOS computer name
  + NetBIOS domain name
 2011-07-12 06:08:43 +00:00
paulino
b291f28e62 Added new entries for awstats totals under 'general' 2011-07-11 07:48:16 +00:00
gorjan
25f00f01ec Another possible fix for the NSEDoc arguments in the brute.lua library 2011-07-10 16:20:49 +00:00
paulino
248b53abfa Adds entries under 'attack' for: 
-OrangeHRM: http://www.exploit-db.com/exploits/17212/
-Tikiwiki: http://www.exploit-db.com/exploits/1244/
 2011-07-09 20:44:22 +00:00
paulino
0528868eb9 Includes new fingerprints for Joomla submitted by Hani, moves drupal signatures to the cms section and adds new ones for Cisco, Airaya and Cirronet routers 2011-07-09 20:29:11 +00:00
patrik
5c43a48121 applied patch to json library from Daniel Miller adding the functions 
make_array and make_object:
http://seclists.org/nmap-dev/2011/q3/15

These functions add support for treating Lua tables as JSON arrays or objects.
 2011-07-09 19:49:05 +00:00
paulino
84a4bb2506 Added signature of a Cisco router 2011-07-08 18:44:23 +00:00
patrik
880f927fc0 fixed a statistic bug, cleaned up some code 
fixed a setMode bug that wouldn't accept mode 'creds'
changed the creds iterator to take a file handle instead of a table
[Patrik]
 2011-07-07 09:58:54 +00:00
gorjan
519d93da6d Fix for the NSEDoc missing @args 2011-07-06 20:19:20 +00:00
patrik
7059623d3a Fixed a bug, reported by Toni Ruottu, for retrieving command line credentials 
for services detected by port and where the service was not identified.
[Patrik]
 2011-07-06 13:11:59 +00:00
patrik
3a3ae7ede1 Added command line support to the creds library 
Changed getCredentials to allow a bitmask filter
Changed getCredentials to return an iterator instead of a table
Modified the brute library to support the changes
[Patrik]
 2011-07-06 12:16:43 +00:00
batrick
b209bfbdfe removed dead code 2011-07-05 18:37:09 +00:00
gorjan
abf2a20866 Adding the NSE nmap.list_interfaces() function that lists all interfaces available to Nmap. 2011-07-05 00:01:35 +00:00
paulino
4348f6fa07 Adds fingerprints for Drupal and Arris 2307 2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d Adds new fingerprint and new login template. 2011-07-04 20:56:06 +00:00
paulino
4f21388faa Adds http-default-accounts fingerprint database 2011-07-01 21:43:53 +00:00
paulino
5fcfb8abc6 * Adds Wikipedia path to the wiki signatures. 2011-07-01 20:47:06 +00:00
paulino
47a338c85a * Adds note about a desired feature: cache system for http pipelines 
* Adds note about the new signatures added to http-enum
 2011-07-01 20:45:28 +00:00
paulino
390eb9e4ab * Fixes bug when parsing script-args. The script was only using the value from the argument 'pipeline' but not from 'http-enum.pipeline'. 
* Makes clean_404 a public function. This function is used in the NSE script http-waf-detect to remove text that changes.
 2011-07-01 20:34:01 +00:00
paulino
d69d7aa820 No more duplicates in this database. 2011-07-01 19:27:53 +00:00
paulino
fb07b4082a Moves lotus domino fingerprints under the same one 2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5 Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009. 2011-07-01 19:02:34 +00:00
paulino
e420332846 Adds 120 new entries under the categories: general, attacks, cms, security, management and database. 2011-07-01 10:18:10 +00:00
djalal
fe981e5014 o [NSE] Added an ftp.connect() methode. 2011-06-30 22:14:58 +00:00
fyodor
009f3fb2e4 Just added a missing period 2011-06-29 06:24:17 +00:00
patrik
baa404b050 improved documentation and added sample code 
add getCredentials function
[Patrik]
 2011-06-27 21:00:11 +00:00
paulino
29ff392125 Added new entries under 'general' and 'cms' . Extracted from exploit-db archives so the new software added is known to be vulnerable. 2011-06-27 03:40:22 +00:00
paulino
c8bb5ac526 Added more fingerprints under 'general' 2011-06-26 21:43:25 +00:00
paulino
0c3728edd2 Added more fingerprints under 'cms' and 'general' 2011-06-25 23:24:14 +00:00
gorjan
fc2f88e2ed Added the nmap.get_ttl() which returns the TTL (time to live) specified with the --ttl option; 
Added the nmap.get_payload_length() function which returns the value specified with the --data-length option
 2011-06-24 01:03:23 +00:00
djalal
7c2b6d11cb o [NSE] Added the SMTP RCPT and DATA commands with their codes. 2011-06-22 22:04:14 +00:00
paulino
baba2fe7c5 Adds fingerprint data for the following routers: 
-Huawei HG530
-Thomson 585v8
-2WIRE 1701HG
 2011-06-22 03:39:17 +00:00
djalal
c57de44417 A small fix to the NSEDoc. 2011-06-21 20:24:57 +00:00
david
62c177b84b List formatting for get_interface_info NSEDoc. 2011-06-21 18:21:03 +00:00
david
873f2dbb64 Fix broken comment in nmap.luadoc. 
Preventing get_interface from appearing in documentation.
 2011-06-21 18:16:39 +00:00
patrik
5558837091 o [NSE] Added two new scripts broadcast-netbios-master-browser and smb-mbenum: 
- broadcast-netbios-master-browser attempts to discover master browsers in
    the broadcast domain
  - smb-mbenum lists servers registered with the master browser
  [Patrik]
 2011-06-19 18:47:19 +00:00
patrik
f4bf440b14 o [NSE] Added credential storage library (creds.lua) and modified the brute 
library and scripts to make use of it. [Patrik]
 2011-06-19 17:18:29 +00:00