PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity
6,526 Commits 2 Branches 0 Tags
7a4ffa429e914e47aedbde3070042380cf67c5cd
Commit Graph

26 Commits

Author SHA1 Message Date
ron
1dadea9407 added documentation for new script-arg 2011-01-03 03:51:11 +00:00
ron
229f118fdd Added a 'category' script-arg to http-enum.nse, which lets the user filter the fingerprints they want. This was requested by a user. 2011-01-03 03:48:48 +00:00
ron
fef25e6a42 Made some big style changes to clean up HTTP library. Primarily focused on improving the interface, NSEDoc, and pipline support 2010-11-02 02:07:01 +00:00
ron
13bb98b8b8 Bring in changes from my experimental brange, nmap-http 2010-10-27 03:08:08 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
david
b9633ed69b Do copyediting of NSEDoc. This is a first pass up to ms-sql-xp-cmdshell. 2010-07-09 23:32:18 +00:00
robert
fafbf5c704 Removed a duplicate require for stdnse. 2010-04-25 17:35:54 +00:00
kris
c6508cceb6 Fix http-enum.nse so it uses the full pathname for the fingerprints file (from 
fetchfile) so it doesn't throw an error and quit running.

Reported by Ron Meldau and Brandon:

http://seclists.org/nmap-dev/2010/q1/222
 2010-01-22 18:38:46 +00:00
fyodor
77ab5c4305 Remove email addresses from scripts as discussed in this thread: http://seclists.org/nmap-dev/2009/q4/466 2009-11-24 08:49:02 +00:00
ron
08da8db7f0 Importing changes from my branch. There are two major updates: 
1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do. 
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.
 2009-11-20 16:05:06 +00:00
ron
f4458c1917 Added the ability (off by defaultk, since it generates 20x requests) for http-enum.nse to generate variants of each file. This would probably be more useful to use after running a spider script than here, but the code should be essentially the same. I'm hoping it'll be used somewhere more appropriate, eventually. 
Also added a couple fingerprints.
 2009-09-08 19:51:53 +00:00
ron
46d95b5913 Added a 'path' argument to http-enum.nse. Also added the ability to give an array of fingerprints files or an array of paths to search 2009-08-29 15:34:09 +00:00
ron
5da8f8199e Added http-headers.nse script to database 2009-08-26 00:23:26 +00:00
ron
91518a5222 Added a script-arg to http-enum.nse allowing the user to give a custom fingerprint file. Also changed script to use straight nmap.fetchfile(filename) then to use nmap.fetchfile('nselib/data/' .. filename) to find the fingerprints file, which lets a user give his fingerprints file in the current folder. 
It might be better to give priority the other way, though, I'm not really sure.
 2009-08-25 23:55:05 +00:00
ron
c1d48010a1 Added caching for the HTTP fingerprint files. It mimics similar code from http-usedir-enum.nse, storing the fingerprints in the registry and checking if it exists before reading them. 2009-08-25 23:45:48 +00:00
ron
fbf2c3d6a7 Print the http status along with the result, if it isn't 200 OK. This was the original behaviour, but it got lost along the way. 2009-08-23 16:58:53 +00:00
ron
fbc8e180ca Converted http-userdir-enum.nse to use my http-enum.nse logic (from http.lua). Also moved the 'displayall' script-arg back into the script, not http.lua, because http-userdir-enum.nse actually wants to find non-200 pages (403 Access Denied, for instance). 2009-08-23 00:43:46 +00:00
ron
cf33de55f3 Moved the definition for the 'displayall' argument into http.lua. 2009-08-23 00:24:23 +00:00
ron
77e7738545 Moved the meat of the http-enum.nse code (the 404-detection, HEAD-detection, etc) into http.lua. It may be a better idea to use http-helper.lua or something similar, but for now http.lua works. I'm open to suggestiosn. 2009-08-23 00:22:20 +00:00
ron
4616e62760 Fix some tabs 2009-08-22 23:55:43 +00:00
ron
a546ebc84f Clean up a lot of the http-enum.nse code; add some comments; abstract the 'is this a 404?' logic into a function (so it can eventually used by other scripts 2009-08-22 23:54:27 +00:00
ron
c9a62acf31 A major overhaul of the http-enum.nse script: 
* Cleaned up and function-ized the code. Planning to move the functions to http.lua or similar to let other scripts (like http-userdir-enum.nse) use them. 
* Better support for different HTTP error codes
* Significantly improved detection of 404 pages to prevent false positives. Some of the techniques used:
  - Request a non-existent page and check the status code
    - If it's 200, try to remove anything that may change (times, URI, filenames, etc), md5 it if ssl is available, and store it. Request a second 404 page and do the same. If they don't match, abort. 
    - If it's any other error code, store it, and look for it in addition to 404 Not Found
  - Request the root folder, /
    - If it returns a 301 Move Permanently or 401 Authentication Required, abort
* Abstracted the fingerprints into files in the nselib/data directory:
  - http-fingerprints: common files/folders
  - yokoso-fingerprints: common applications (from the Yokoso project, by InGuardians -- used under the Nmap license with pemission from Kevin Johnson -- http://seclists.org/nmap-dev/2009/q3/0685.html)
* Added a script-arg that can display all output (except known 404s), instead of just 200 OK and 401 Authentication Required
* Added a lot of debugging messages
 2009-08-22 23:19:16 +00:00
batrick
5e362ac43d Changed a global variable to a local to avoid an error from the strict 
module.
 2009-08-15 14:57:52 +00:00
joao
bf4599385e Added pipeline support to http-enum.nse 2009-08-12 01:52:03 +00:00
joao
8e145d6994 Fixing script categories 2009-08-10 11:17:52 +00:00
joao
53cefe9de0 Included Rob Nicholl's http-enum.nse script 2009-07-24 09:18:34 +00:00