PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity
5,266 Commits 2 Branches 0 Tags
7da53c5147a3d1dd1d966f3b3422bcb51d94b71a
Commit Graph

959 Commits

Author SHA1 Message Date
djalal
9e60e88eca o [NSE] Added broadcast-avahi-dos.nse, which tries to detect if the 
hosts in the local network that are running Avahi are vulnerable to
  the NULL UDP packet denial of service (CVE-2011-1002).
 2011-05-02 23:38:18 +00:00
david
b1e8d47fee Put http-auth in "safe" now that it is not in "default". 2011-04-30 19:23:19 +00:00
david
3ae3339cb7 Make the set of script "default and intrusive" empty. 
These scripts got removed from default:
	dhcp-discover
	dns-zone-transfer

These scripts got removed from intrusive:
	dns-recursion
	ftp-bounce
	http-open-proxy
	socks-open-proxy

Thanks to Toni for noticing these.
 2011-04-30 19:21:38 +00:00
david
6920f6b913 Remove credential guessing from http-auth.nse. 
This was really lame compared to http-brute, only guessing two
username/password combinations. Also we shouldn't be guessing any
passwords in a default script.
 2011-04-30 19:21:36 +00:00
david
d668c758e0 Join an NSEDoc comment to get @output. 2011-04-30 09:35:28 +00:00
henri
ef68defe0a Replaced firewalk scan states by a simpler boolean for readability reasons. 2011-04-29 16:40:45 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
de9d0362e0 Treat 5xx errors as success (guessed password) in http-brute. 
This was suggested by Toni Ruottu in
http://seclists.org/nmap-dev/2011/q1/940.
 2011-04-28 04:14:54 +00:00
david
ef2b75387b Add --- NSEDoc comment to backorifice-info.nse. 2011-04-27 22:38:56 +00:00
batrick
759426c215 Committed corrections [1] made by Gorjan Petrovski to factor out some code into 
a function, fix indentation, and other minor bugs.

[1] http://seclists.org/nmap-dev/2011/q2/314
 2011-04-26 02:23:28 +00:00
djalal
f8756deb0b Fix a typo in a comment. 2011-04-22 22:21:43 +00:00
djalal
849d0c5101 o [NSE] Call the new nmap.get_interface_info() function instead of 
nmap.get_interface_link() to get the network interface link type.
   The nmap.get_interface_link() function is deprecated and will be
   removed.
 2011-04-22 22:19:08 +00:00
djalal
546b8c4749 o [NSE] Fix a bug reported by Daniel Miller that was causing the nfs-ls 
script to ignore NFS mounts when the Mount version is 1.
 2011-04-22 21:52:20 +00:00
david
fef214063a Add omp2-brute and omp2-enum-targets from Henri Doreau. 2011-04-20 23:44:16 +00:00
david
3447e2a6a2 Use get_script_args to handle smb-related flag options, to use our 
common true/false logic and not hardcode "1" and "true" in places. Patch
by Chris Woodbury.
 2011-04-20 21:35:10 +00:00
david
e0f589a37f Document backorifice-info script args. 2011-04-20 07:45:13 +00:00
david
7880167e48 Localize functions and variables. 2011-04-20 07:45:12 +00:00
david
5726c875e9 Add backorifice-info.nse. 2011-04-20 07:45:10 +00:00
david
ec4db04494 Add checks for nmap.address_family == "inet" to scripts that require 
that. Patch by Henri Doreau.
 2011-04-19 18:09:15 +00:00
david
46c29d3f60 Use stdnse.print_debug instead of log_write. Patch by Henri Doreau. 2011-04-19 18:09:13 +00:00
david
94d0720515 Add quake3-master-getservers postrule summary patch from Toni. 2011-04-19 04:41:10 +00:00
david
e9294bbb2e Change the lookup for specialized negotiation functions in ssl-cert.nse. 
Instead of having an array called STARTTLS_PORTS, with linear lookup for
membership, defined SPECIALIZED_FUNCS, mapping port numbers to
negotiation functions. This make sit a little easier to add other SSL
negotiation mechanisms, like HTTP Upgrade.
 2011-04-18 16:07:49 +00:00
david
fb18ead35c Fix typoed variable name in http-vhosts.nse. 2011-04-11 02:35:49 +00:00
patrik
bbbccd4e01 o [NSE] Added the afp-ls script that lists files accessible on remote 
AFP Volumes. [Patrik]
 2011-04-05 08:31:34 +00:00
david
f43ca1ae27 Restore a check for nmap.is_privileged to targets-sniffer.nse. I asked 
Nick to remove this, but it turns out nmap.pcap_open has a bad failure
mode when you're not root. It sleeps for several seconds then throws an
error. So rather than tackle that I'll add this check back to the
script.
 2011-04-05 06:12:03 +00:00
david
d0bcacd18a Check if we have an interface to work with in the prerule of 
targets-sniffer.nse.
 2011-04-05 06:12:02 +00:00
david
067d7d9660 Put targets-sniffer.nse in "broadcast". 2011-04-05 06:12:00 +00:00
david
aa3a9baac8 Add the targets-sniffer script by Nick Nikolaou. 2011-04-05 06:11:59 +00:00
david
d0ea18119c Add epmd-info script from Toni Ruottu. 2011-04-04 18:28:33 +00:00
david
8757392fb5 Remove "-p 5353 <target>" from the @usage of 
broadcast-dns-service-disocvery.nse. It's not needed for the broadcast
script.
 2011-04-03 21:00:37 +00:00
patrik
c7af8736a7 Applied the following patch from Chris Woodbury to make ms-sql-info run less 
often: http://seclists.org/nmap-dev/2011/q1/1102 [Patrik]
 2011-04-03 20:44:42 +00:00
patrik
0ee33e4cb7 o Moved afp.username and afp.password arguments to afp-library. 
o Add support for getting file-dates, acls and sizes
[Patrik]
 2011-04-03 12:53:12 +00:00
david
603082755d Change the http-affiliate-id registry key to be named after the script. 2011-04-01 06:48:55 +00:00
david
e63a6b7d4c Include the path in http-affiliate-id postrule output. 2011-04-01 06:48:53 +00:00
david
585e25ba02 Add postrule to http-affiliate-id.nse by Daniel Miller that shows groups 
of targets using the same ID.
 2011-04-01 06:48:52 +00:00
david
1d9bf8bef5 Expanded Amazon pattern for http-affiliate-id from Daniel Miller. 2011-04-01 06:17:15 +00:00
batrick
e791c0e4ab style changes 2011-03-31 20:42:49 +00:00
david
6fdca6e01f Better Amazon associates match: allow '?'. 2011-03-31 20:32:56 +00:00
david
d4dd71261d Documentation, whitespace, style in http-affiliate-id. 2011-03-31 20:32:55 +00:00
david
f522332a89 Add http-affiliate-id.nse, originally from Hani Benhabiles, then patched 
by Daniel Miller.
 2011-03-31 20:32:50 +00:00
djalal
fea17448d3 Adjust the output sample of the nsedoc. 2011-03-30 10:52:41 +00:00
david
2b898d61f7 o [NSE] ssh-hostkey now additionally has a postrule that prints hosts 
that have the same hostkey. [Toni Ruottu]
 2011-03-27 22:04:13 +00:00
david
6d90b593b7 Change the "name" member of a decoded NSEC record to be called 
"next_dname" instead.
 2011-03-27 05:07:16 +00:00
david
477bd66fc9 Merge r22369:22777 from /nmap-exp/david/nmap-nsec. This adds the 
dns-nsec-enum script, originally by John Bond and improved by him and
me.

Changes in dns.lua:
  Add dnssec option to dns.query that adds an OPT RR with the DO (DNSSEC
    okay) flag set.
  Add answer fetcher for NSEC records (unused currently).
  Add decoder for NSEC records.
  Add rudimentary handling of the additional section in dns.encode.
  Add a check that a decoder exists before trying to call it.
 
Also added a copy of the simplified BSD license that the new script is
under.
 2011-03-27 04:24:43 +00:00
jah
5a32f584d4 Modified regex used to parse the 'last modified' line of whois assignments files 
to allow for the absence of the etag on that line.
 2011-03-24 12:49:00 +00:00
david
ae11175ad8 Put ssl-known-key in {"safe", "discovery", "vuln"} (was {"discovery"}). 2011-03-22 19:44:46 +00:00
david
6142158b43 Updates to ssl-known-key by Mak Kolybabi, 
http://seclists.org/nmap-dev/2011/q1/934. Change the database format.
Change the output.
 2011-03-22 19:44:45 +00:00
david
0e970b4bc6 ssl-known-key.nse: Use shortport.ssl. Rename ssl-fingerprints.txt to 
ssl-fingerprints; no extension appears to be the prevailing convention
in nselib/data. Allow comments and blank lines in ssl-fingerprints. Add
Little Black Box copyright and attribution to ssl-fingerprints. Boost
some print_debug thresholds.
 2011-03-22 19:44:42 +00:00
david
47557a108b o [NSE] Added ssl-known-key.nse, which checks SSL certificates against a 
list of certificates with known keys that have been extracted from
  firmware files. [Mak Kolybabi]
 2011-03-22 19:44:40 +00:00
david
93aa8e052b More names for http-vhosts from Carlos Pantelides. 2011-03-21 23:19:36 +00:00