PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity
7,281 Commits 2 Branches 0 Tags
6fec00655d679c20eaa777988ef82c96ccbe1c61
Commit Graph

401 Commits

Author SHA1 Message Date
patrik
0a3bf95897 o [NSE] Added a MySQL audit script and a rulebase that supports auditing a 
subset of the MySQL CIS 1.0.2 Benchmark. [Patrik]
 2011-06-17 06:12:01 +00:00
patrik
cf873707cd o [NSE] Added minimal Service Location Protocol (SLP) library and the script 
broadcast-novell-locate that detects servers running eDirectory. [Patrik]
 2011-06-15 06:23:30 +00:00
fyodor
9f04bd554b regen the script.db (there was no entry for mac-geolocation) 2011-06-08 06:06:07 +00:00
patrik
873cf47611 o [NSE] Added the Netware Core Protocol (NCP) library and the scripts 
ncp-serverinfo and ncp-enum-users. [Patrik]
 2011-05-28 09:01:31 +00:00
patrik
8b78ccf469 o [NSE] Added ldap-novell-getpass, a script that provides support for 
retrieving Universal Passwords in plain-text from Novell eDirectory.
[Patrik]
 2011-05-28 08:48:26 +00:00
paulino
1e0e438b09 Added http-cakephp-version.nse - NSE script for fingerprinting versions of CakePHP applications. 2011-05-20 09:25:22 +00:00
djalal
edda382a77 Add the smtp-vuln-cve2011-1720 script to the script.db file. 2011-05-19 18:31:34 +00:00
fyodor
20e03044bf Reran nmap --script-updatedb to catch new categories of smtp-check-vulns script 2011-05-17 17:43:35 +00:00
djalal
c1ba251135 o [NSE] Added smtp-check-vulns, which currently checks for the Postfix 
SMTP server Cyrus SASL authentication memory corruption (CVE-2011-1720).
 2011-05-15 15:57:10 +00:00
djalal
31310f43bc Add the backorifice-brute script entry to the script.db file 2011-05-14 13:12:18 +00:00
patrik
e8c5640dda o [NSE] Added a SIP library and two new scripts sip-brute.nse and 
sip-user-enum.nse providing brute and user enumeration support for the SIP
  protocol. [Patrik]
 2011-05-09 18:00:52 +00:00
djalal
9e60e88eca o [NSE] Added broadcast-avahi-dos.nse, which tries to detect if the 
hosts in the local network that are running Avahi are vulnerable to
  the NULL UDP packet denial of service (CVE-2011-1002).
 2011-05-02 23:38:18 +00:00
david
b1e8d47fee Put http-auth in "safe" now that it is not in "default". 2011-04-30 19:23:19 +00:00
david
3ae3339cb7 Make the set of script "default and intrusive" empty. 
These scripts got removed from default:
	dhcp-discover
	dns-zone-transfer

These scripts got removed from intrusive:
	dns-recursion
	ftp-bounce
	http-open-proxy
	socks-open-proxy

Thanks to Toni for noticing these.
 2011-04-30 19:21:38 +00:00
david
6920f6b913 Remove credential guessing from http-auth.nse. 
This was really lame compared to http-brute, only guessing two
username/password combinations. Also we shouldn't be guessing any
passwords in a default script.
 2011-04-30 19:21:36 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
fef214063a Add omp2-brute and omp2-enum-targets from Henri Doreau. 2011-04-20 23:44:16 +00:00
david
5726c875e9 Add backorifice-info.nse. 2011-04-20 07:45:10 +00:00
patrik
bbbccd4e01 o [NSE] Added the afp-ls script that lists files accessible on remote 
AFP Volumes. [Patrik]
 2011-04-05 08:31:34 +00:00
david
067d7d9660 Put targets-sniffer.nse in "broadcast". 2011-04-05 06:12:00 +00:00
david
aa3a9baac8 Add the targets-sniffer script by Nick Nikolaou. 2011-04-05 06:11:59 +00:00
david
d0ea18119c Add epmd-info script from Toni Ruottu. 2011-04-04 18:28:33 +00:00
david
f522332a89 Add http-affiliate-id.nse, originally from Hani Benhabiles, then patched 
by Daniel Miller.
 2011-03-31 20:32:50 +00:00
david
477bd66fc9 Merge r22369:22777 from /nmap-exp/david/nmap-nsec. This adds the 
dns-nsec-enum script, originally by John Bond and improved by him and
me.

Changes in dns.lua:
  Add dnssec option to dns.query that adds an OPT RR with the DO (DNSSEC
    okay) flag set.
  Add answer fetcher for NSEC records (unused currently).
  Add decoder for NSEC records.
  Add rudimentary handling of the additional section in dns.encode.
  Add a check that a decoder exists before trying to call it.
 
Also added a copy of the simplified BSD license that the new script is
under.
 2011-03-27 04:24:43 +00:00
david
ae11175ad8 Put ssl-known-key in {"safe", "discovery", "vuln"} (was {"discovery"}). 2011-03-22 19:44:46 +00:00
david
47557a108b o [NSE] Added ssl-known-key.nse, which checks SSL certificates against a 
list of certificates with known keys that have been extracted from
  firmware files. [Mak Kolybabi]
 2011-03-22 19:44:40 +00:00
patrik
4528f52188 Deleted the ms-sql-discover script per the following discussion: 
http://seclists.org/nmap-dev/2011/q1/725 [Patrik]
 2011-03-19 20:09:43 +00:00
fyodor
e896e27e8a Put rpcinfo in the default category and also improve the NSEDoc documentation for it slightly 2011-03-19 08:06:34 +00:00
david
a3ec901899 Add nping-brute.nse from Toni Ruottu. 2011-03-13 02:02:27 +00:00
david
3fe40dd995 Add dns-brute.nse. 2011-03-05 21:15:58 +00:00
david
987d5f19a4 --script-updatedb. 2011-03-05 21:05:28 +00:00
david
bb4a4203a5 Add ovs-agent-version.nse, a script to detect the ovs-agent service for 
which existing single probes are ambiguous.
 2011-03-02 07:39:31 +00:00
patrik
d6bbc6da8f o [NSE] Added probe for Apple iPhoto (DPAP) and the dpap-brute script that 
performs password guessing against a shared iPhoto library. [Patrik]
 2011-02-26 16:24:54 +00:00
david
e5717f259a Add quake3-master-getservers from Toni Ruottu. Move the 
quake3-master-protocols data file inside of
quake3-master-getservers.nse.
 2011-02-22 21:55:23 +00:00
patrik
e50d65755b * Add a new script snmp-ios-config that pulls the config from a Cisco devices 
using SNMP and tftp. The script was created by Vikas Singhal.
* Add tftp library, used by the snmp-ios-config script, that acts as a server
  and receives the config file from the device. [Patrik]
 2011-02-22 09:13:03 +00:00
david
181951a2c6 Move db2-discover out of "discovery" and into "safe", like the other 
scripts that behave like it does.
 2011-01-24 07:22:07 +00:00
fyodor
f037a54cd7 Update Nmap version number to 5.36TEST4 in prep for the next release in a day or two and regenerate relevant files 2011-01-20 10:29:18 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
0658e53070 Add gopher-ls.nse by Toni Ruotto. 2010-12-29 18:46:16 +00:00
david
ad40df2c9b Add modbus-discover.nse from Alexander Rudakov. 2010-12-16 08:59:16 +00:00
patrik
c9ba464c28 Renamed domino-enum-passwords script to http-domino-enum-passwords 2010-12-15 08:52:31 +00:00
david
573088f99c Change categories of netbus-auth-bypass from {"default", "vuln", "safe"} 
to {"auth", "intrusive", "vuln"}. The first categories are the same as
in realvnc-auth-bypass, which would seems to be a very similar script,
but netbus-auth-bypass can have the additional side effect of breaking
future authentication attempts for all users, which is solidly
intrusive.
 2010-12-13 18:00:06 +00:00