PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-13 08:56:34 +00:00
Code Issues Projects Releases Wiki Activity
6,107 Commits 2 Branches 0 Tags
7c648687415d2d8d0439e3bd2e54ca8f4d4e2f2c
Commit Graph

721 Commits

Author SHA1 Message Date
david
7c64868741 Fix logic errors in comm.opencon when data is not supplied. 
It looks like this code never worked, because the debug message was
using a nonexistent function (nsedebug.print_debug).
 2011-11-09 01:41:34 +00:00
patrik
b66a4849c4 o [NSE] Modified the http library to support servers that don't return valid 
chunked encoded data, such as the Citrix XML service. [Patrik]
 2011-11-07 06:04:13 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
cbf71a1668 o [NSE] Fixed a bug where the brute library would not abort even after all 
retries were exhausted [Patrik]
 2011-11-02 09:48:33 +00:00
tomsellers
41145a414c Added support for the LDAP extensibleMatch filter to ldap.lua. LDAP searches using this take the following format: 
attributename:ruleOID:=value

for example the following finds AD Domain controllers:

(userAccountControl:1.2.840.113556.1.4.803:=8192)

Also added the above as a quickfilter (ad_dcs) to ldap-search.nse to serve as a code example.

Added documentation to explain the values used in some field.
 2011-10-31 00:27:03 +00:00
david
ef5dfd8479 Compress strings of zeros in packet.toipv6. 
I do this just by passing the uncompressed names through nmap.resolve.

Before:
fe80:0000:0000:0000:0000:0000:0000:0001, 2001:0470:1f05:155e:0000:0000:0000:0003
After:
fe80::1, 2001:470:1f05:155e::3
 2011-10-29 19:40:19 +00:00
david
622e2e08a7 Standardize on ip6_nhdr in packet.lua. 
Some places were using ip6_nxt_hdr and some were using ip6_nhdr.
ip6_nhdr seemed to be the prevailing usage.
 2011-10-29 19:40:14 +00:00
tomsellers
bca60ba8de Added support for LDAP substring searches to ldap.lua. These can now be performed alone or in conjunction with other LDAP query types. 
Added a new quick filter (qfilter) to ldap-search.nse that allows the user to specify, on the command line, an attribute and corresponding value to search the LDAP directory for.  The use of the asterisk '*' as a wildcard is permitted in the value parameter.

Updated asn1.lua with some minor notes on a hex value that was used.
 2011-10-29 10:18:52 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
patrik
188209bc62 o [NSE] Fixed an error in the mssql library that was causing the 
broadcast-ms-sql-discover script to fail when trying to update port version
  information. [Patrik]
 2011-10-24 16:42:02 +00:00
djalal
0d6051880b o [NSE] Added a vulnerability management library (vulns.lua) to store and to 
report discovered vulnerabilities.
 2011-10-22 08:40:08 +00:00
patrik
33333da283 Added a new function setStopOnError to the ASN1 library. The function allows 
the library to be set to a mode that will stop trying to decode a ASN1
structure as soon as it runs into a decoding error. [Patrik]
 2011-10-20 02:44:20 +00:00
patrik
005322c8d4 o [NSE] Added a new script http-put.nse that allows uploading of local files 
to remote web servers using the HTTP PUT method. Added HTTP PUT support to
  the http library. [Patrik]
 2011-10-20 02:32:51 +00:00
patrik
c5ee5ec365 o [NSE] Applied patch that fixes a nil table index bug discovered in the 
mongodb library. [Thomas Buchanan]
 2011-10-18 20:38:50 +00:00
patrik
68646bd590 Applied marshalling patch from Chris Woodbury to TNS library 
http://seclists.org/nmap-dev/2011/q4/29
 2011-10-07 01:32:01 +00:00
david
15d0871a5a Add XMPP support to ssl-cert by Vasiliy Kulikov. 2011-10-04 19:32:45 +00:00
paulino
859e35bc2e Adds entry for Easy Hosting Control Panel. There are a lot of vulnerable installations and an auth bypass vulnerability: 
http://www.1337day.com/exploits/17010
 2011-10-04 07:46:16 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
43180f6154 Add amqp-info by Sebastian Dragomir. 2011-10-03 18:04:18 +00:00
henri
b7df13296e Fix a bug in dns.lua: ensure that dns.query() always return two values (status and response). 
Update asn-query.nse accordingly.
 2011-09-22 18:00:44 +00:00
batrick
2511cd1d2a fixed wrong (global) variable name 2011-09-16 18:33:52 +00:00
david
44fcc2f455 ssl-enum-ciphers update for cipher strength from Gabriel Lawrence. 2011-09-14 17:57:47 +00:00
djalal
0b20e734b4 Define 'State.DISABLED_VALID' value. 2011-09-12 14:21:21 +00:00
tomsellers
4e87a1df42 Added string for .PARAM account status, this will be useful later. 2011-09-11 21:28:28 +00:00
tomsellers
198fd3b3bb Changing account status strings for consistency. Adding two new account states, LOCKED_VALID & LOCKED_DISABLED. 2011-09-11 21:23:34 +00:00
fyodor
726022d23f Slightly improve the nsedoc for a couple libraries 2011-09-11 21:21:17 +00:00
batrick
c4d6d12be7 \x is not a valid escape sequence... 2011-09-09 19:08:13 +00:00
tomsellers
c193cadac7 Fix a typo 2011-09-05 22:44:08 +00:00
tomsellers
f6dc7a160d ldap.lua - added support for saving search results to CSV. 
Also added support for decoding certain time formats found in Microsoft AD such as lastLogon,pwdLastSet, etc
 2011-09-05 22:39:03 +00:00
patrik
ae75aa7fd3 o [NSE] Added new default credential list for Oracle and modified the 
oracle-brute script to make use of it. [Patrik]
 2011-09-05 08:13:34 +00:00
patrik
4e9265b883 fixed a bug that would prevent the library from authenticating against 
Oracle 10.2.0.1.0 XE [Patrik]
 2011-09-05 07:52:30 +00:00
tomsellers
5b6d151787 Add function saveToFile to allow scripts to save credential tables to a file. 
Extend the account state tables to include expired, host and time limited accounts.
 2011-09-04 17:43:42 +00:00
tomsellers
b5cb7a96fc Modified start_session_basic so as to return the 
status code text when the variable status is not
nil.  This mimics the behavior of start_session_extended.

This should provide more reliable results to smb-brute
concerning the nature of login failure reasons.

More detail has been sent to the mailing list.
 2011-09-03 17:01:13 +00:00
patrik
6c864bd9f8 Changed command line processing to assume cred mode if credfile was supplied 
and no mode was explicitly given [Patrik]
 2011-09-02 06:12:39 +00:00
david
2c45aa3b8a Add Weilin's patch to packet.lua to handle IPv6. 2011-09-02 04:10:59 +00:00
patrik
bce29f44cd Fixed typo in supported versions matrix in the TNS library [Patrik] 2011-08-27 08:12:59 +00:00
patrik
a52d443841 o [NSE] Fixed authentication problems in the TNS library that would prevent 
authentication from working against Oracle 11.2.0.2.0 XE [Chris Woodbury]
 2011-08-27 08:05:10 +00:00
djalal
02b7d6e563 o [NSE] Use a table to store the output results, and use table.concat() 
to concat data instead of classic concatenation. This can have a huge
  performance boost, check this thread:
  http://seclists.org/nmap-dev/2011/q3/623
 2011-08-23 09:26:06 +00:00
patrik
5e2f67ae2e o Fixed bugs that would prevent connections against certain versions 
o Improved support for 64-bit database servers
o Tested the code against a larger number of databases running on both
  32/64-bit Windows/Linux
o Improved library documentation
[patrik]
 2011-08-21 19:18:53 +00:00
gorjan
aec7e1ab94 Add the architecture description in the bittorrent.lua library. 2011-08-11 09:54:38 +00:00
patrik
00b72547cf Fixed bugs with empty resultsets returning data [Patrik] 2011-08-11 09:28:09 +00:00
patrik
b593d0778a o [NSE] Added basic query support to the Oracle TNS library making it possible 
for scripts to query the database server using SQL. [Patrik]
 2011-08-10 20:33:13 +00:00
patrik
a1d515e548 o [NSE] Added script broadcast-listener that attempts to discover hosts by 
passively listening to the network. It does so by decoding ethernet and IP
  broadcast and multicast messages. [Patrik]
 2011-08-10 16:46:55 +00:00
gorjan
88e8647381 Adding the bittorrent library and bittorrent-discovery script which enables you to add bittorrent peers and DHT nodes as targets for scanning 2011-08-09 16:56:13 +00:00
gorjan
d509ad055a Adding the optimized snmp-brute script, unpwdb library , snmpcommunities wordlist 2011-08-03 21:37:27 +00:00
djalal
a9bbb27a54 o [NSE] Added a missing function parameter for registry_add_table(). 2011-07-30 12:02:24 +00:00
patrik
1097d0c42d Added documentation for credentials passed through script-args. [Patrik] 2011-07-27 12:05:42 +00:00
paulino
ec63b8a647 Adds support for passing arguments without the script name. 2011-07-27 04:32:01 +00:00
patrik
89d1f3b8d3 o [NSE] Added the library xmpp.lua and the script xmpp-brute that performs 
brute force password auditing against XMPP (Jabber) servers. [Patrik]
 2011-07-26 06:54:19 +00:00
djalal
3ce7d52800 o [NSE] Improved the NSEDoc of the print_hex() function. [Chris Woodbury] 2011-07-25 23:12:51 +00:00