PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity
12,989 Commits 2 Branches 0 Tags
74a88c080402fb751491f0b8f4bde6bb0077c34a
Commit Graph

2975 Commits

Author SHA1 Message Date
dmiller
74a88c0804 Let ssl-cert grab certs from DTLS services. Fix rules for TCP-only scripts 2024-06-03 19:00:33 +00:00
dmiller
929a29d310 Fix a crash in rpc-grind when scanning a non-RPC service 2024-06-03 19:00:29 +00:00
dmiller
453f9a7e25 Use stdnse.get_script_interfaces() for all relevant scripts 2024-05-24 19:01:16 +00:00
dmiller
9ef418af4e Allow lltd-discovery to work in IPv6 mode and add IPv6 addresses 2024-05-21 18:49:39 +00:00
dmiller
881d741dab Remove NSEdoc for newtargets arg, provided by targets.lua instead 2024-05-21 18:49:38 +00:00
dmiller
8dfa9aef41 Note some future IPv6 possibilities 2024-05-21 18:49:38 +00:00
dmiller
41ec64ab14 Enable IPv6 capability for broadcast-bjnp-discover 2024-05-21 18:49:37 +00:00
dmiller
1c751cf6d3 Check for connected socket before continuing 2024-04-25 17:12:27 +00:00
dmiller
c4a4e0db45 Add 4 scripts from the DINA Community 2024-04-11 16:02:48 +00:00
dmiller
b7ee15c186 Add ssh banner to ssh-auth-methods 2024-03-27 19:51:37 +00:00
nnposter
004bb4f3e9 Add new ALPN protocol IDs. Closes #2758 2024-03-16 02:25:56 +00:00
nnposter
96dcf4e9ed Remove various "the the" repeats. Closes #2804 2024-03-16 01:16:34 +00:00
nnposter
6814bc4cdd Correct packet size testing in KNX scripts. Fixes #2727, fixes #2728 2023-11-12 23:02:33 +00:00
dmiller
1a7a96274a Avoid format-string bugs. Fixes #2634 2023-07-20 17:24:16 +00:00
fyodor
57461ac06b Change example usage since multiple --script-args arguments apparently don't work (reported by Eric Thomas) 2023-02-13 22:44:54 +00:00
nnposter
e4fd4bd2fe Fix misplaced parentheses. Closes #2544 2022-10-23 22:42:11 +00:00
dmiller
894bfd4976 New script tftp-version. Closes #548 2022-09-28 20:52:47 +00:00
dmiller
a3c725acd4 Prevent smb-flood from using all sockets. Fixes #947 2022-09-22 20:16:44 +00:00
dmiller
3df8c7d79c TLS registry number updates from IANA 2022-08-29 22:06:37 +00:00
dmiller
d66644be63 Vulners.nse: respect mincvss unless cvss is missing or is 0 for exploits 2022-07-29 15:21:15 +00:00
nnposter
7d1c26968c Use promiscuous mode in broadcast-dhcp-discover. Closes #2470 2022-06-08 23:10:28 +00:00
nnposter
f0e85baf85 Add support for DHCP client identifier 
see https://datatracker.ietf.org/doc/html/rfc2132#section-9.14
Closes #2468
 2022-06-08 22:59:30 +00:00
nnposter
97ec8d2de2 Improve parsing of CLUSTER NODES responses 
- Avoid crash due to potentially unrecognized format
- Fix parsing of node flags, which may contain non-alphabetic characters
  Example: "failed?"
- Fix parsing of field ip:port@cport
- Add support for IPv6 nodes
- Remove parsing of unused node ID field
 2022-05-11 21:58:28 +00:00
nnposter
b49c927c78 Fix off-by-one bug in limit enforcement 2022-05-11 21:39:01 +00:00
nnposter
f7899f3292 Remove dead code branch 2022-05-11 21:33:47 +00:00
dmiller
4c240122a9 Convert test data in comment to assertion checks 2022-05-09 17:33:41 +00:00
nnposter
1c8336c55e Correct and expand VSNNUM test data 2022-05-06 19:50:21 +00:00
nnposter
4671f5da12 Change VSNNUM parsing to account for versions greater than 15 
Fixes #2331, closes #2471
 2022-05-06 02:49:25 +00:00
nnposter
a5d57b3280 Improve parsing of CLIENT LIST responses 
- Avoid crash due to unhandled connection line termination
    (fixes #2296, closes #2342)
  - Gracefully handle absence of the "addr" attribute
  - Avoid false negative matching if the "addr" attribute was the last listed
  - Avoid false positive matching on the "laddr" attribute
 2022-04-25 18:46:04 +00:00
nnposter
35b543b291 Use the same endianness for IP ID and DHCP transaction ID 2022-04-24 02:07:22 +00:00
nnposter
e73041f34b Optimize BPF to capture only DHCP responses 2022-04-24 01:22:54 +00:00
nnposter
81088425f3 Remove unused variables 2022-04-24 01:17:46 +00:00
dmiller
2543f2dd3c Refactor to avoid using packet.lua local functions. See #2464 2022-04-14 23:06:02 +00:00
nnposter
639efbd214 Refactor IP ID capture loop. Fixes #2464 
Rectify use of inaccessible library function packet.u16, incidentally
introduced in r38135 (041838d986)
 2022-04-10 20:13:06 +00:00
nnposter
be89acce39 Do not include whitespace in the size string 2022-02-04 02:27:15 +00:00
nnposter
9de580fe6f Allow more whitespace between HTML tags. Closes #2434 2022-02-04 02:17:39 +00:00
dmiller
0af0b822a1 Send DHCP requests on all interfaces, not only the lowest-metric one 2022-01-13 22:30:21 +00:00
dmiller
c3d54f1fac Change how ms-sql NSE scripts run 
MS SQL NSE scripts run on database instances, which can be TCP or named
pipes. With this change, all TCP instances on scanned ports will have
script output attached under the port as a portrule script. Named pipe
instances and TCP instances on unscanned ports will be displayed in the
hostrule script output at the end of the host's output. Utility function
mssql.Helper.InitScript makes it easy to write scripts that just work on
a per-instance basis, without bothering where to put the output.
Discovery will be done once per host, regardless of how many scripts are
run, and can be guaranteed to be done before the script's action takes
place.
 2022-01-03 21:08:52 +00:00
dmiller
33405fcfb5 Remove an unused include [ci skip] 2022-01-03 21:08:51 +00:00
dmiller
02c0354744 Avoid TOCTOU by checking discovery state in mssql.Discover 
A script might check WasDiscoveryPerformed and get a negative response,
then call Discover, during which time another script already called
Discover. Instead, check the condition *after* acquiring the mutex.
 2021-12-15 23:44:41 +00:00
dmiller
9b71516919 Better socket error handling in rdp-vuln-ms12-020 
Try to receive enough bytes for the next unpack. If any socket operation
fails, or if it doesn't receive enough for the unpack, a Lua error is
thrown. The pcall in the action function will catch that and interpret
it as not-vuln.

Fixes #2355
 2021-12-13 20:14:07 +00:00
dmiller
dd82097c80 Merge changes from 7.92 release branch 2021-08-08 21:20:19 +00:00
dmiller
51180ec958 Make a variable local 2021-07-02 20:01:31 +00:00
dmiller
7c61f7c9c3 TLS 1.3 support for NSE. Fixes #1691 2021-07-02 20:01:30 +00:00
nnposter
4b46fa7097 Label the function as intentionally empty 
See https://seclists.org/nmap-dev/2021/q1/31
 2021-04-07 18:42:28 +00:00
nnposter
068e77a37f Restore Supported Point Formats Extension. Fixes #1187 
Some servers are not compliant with RFC 4492, section 4,
and abort the handshake when the extension is missing.
 2021-03-21 02:37:18 +00:00
nnposter
58617a79f7 SMB2 dialect refactoring. Fixes #2203, closes #2208 2021-01-18 21:21:43 +00:00
fyodor
3bb502fcb0 Update author name/email 2021-01-14 18:26:56 +00:00
dmiller
9a3a8d1593 Check for output before returning. See #2212 2020-12-30 23:31:36 +00:00
nnposter
77f764fe72 Add script nbns-interfaces. Closes #2201 2020-12-30 03:51:21 +00:00