PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 21:51:28 +00:00
Code Issues Projects Releases Wiki Activity
5,266 Commits 2 Branches 0 Tags
7da53c5147a3d1dd1d966f3b3422bcb51d94b71a
Commit Graph

190 Commits

Author SHA1 Message Date
djalal
9e60e88eca o [NSE] Added broadcast-avahi-dos.nse, which tries to detect if the 
hosts in the local network that are running Avahi are vulnerable to
  the NULL UDP packet denial of service (CVE-2011-1002).
 2011-05-02 23:38:18 +00:00
david
b1e8d47fee Put http-auth in "safe" now that it is not in "default". 2011-04-30 19:23:19 +00:00
david
3ae3339cb7 Make the set of script "default and intrusive" empty. 
These scripts got removed from default:
	dhcp-discover
	dns-zone-transfer

These scripts got removed from intrusive:
	dns-recursion
	ftp-bounce
	http-open-proxy
	socks-open-proxy

Thanks to Toni for noticing these.
 2011-04-30 19:21:38 +00:00
david
6920f6b913 Remove credential guessing from http-auth.nse. 
This was really lame compared to http-brute, only guessing two
username/password combinations. Also we shouldn't be guessing any
passwords in a default script.
 2011-04-30 19:21:36 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
fef214063a Add omp2-brute and omp2-enum-targets from Henri Doreau. 2011-04-20 23:44:16 +00:00
david
5726c875e9 Add backorifice-info.nse. 2011-04-20 07:45:10 +00:00
patrik
bbbccd4e01 o [NSE] Added the afp-ls script that lists files accessible on remote 
AFP Volumes. [Patrik]
 2011-04-05 08:31:34 +00:00
david
067d7d9660 Put targets-sniffer.nse in "broadcast". 2011-04-05 06:12:00 +00:00
david
aa3a9baac8 Add the targets-sniffer script by Nick Nikolaou. 2011-04-05 06:11:59 +00:00
david
d0ea18119c Add epmd-info script from Toni Ruottu. 2011-04-04 18:28:33 +00:00
david
f522332a89 Add http-affiliate-id.nse, originally from Hani Benhabiles, then patched 
by Daniel Miller.
 2011-03-31 20:32:50 +00:00
david
477bd66fc9 Merge r22369:22777 from /nmap-exp/david/nmap-nsec. This adds the 
dns-nsec-enum script, originally by John Bond and improved by him and
me.

Changes in dns.lua:
  Add dnssec option to dns.query that adds an OPT RR with the DO (DNSSEC
    okay) flag set.
  Add answer fetcher for NSEC records (unused currently).
  Add decoder for NSEC records.
  Add rudimentary handling of the additional section in dns.encode.
  Add a check that a decoder exists before trying to call it.
 
Also added a copy of the simplified BSD license that the new script is
under.
 2011-03-27 04:24:43 +00:00
david
ae11175ad8 Put ssl-known-key in {"safe", "discovery", "vuln"} (was {"discovery"}). 2011-03-22 19:44:46 +00:00
david
47557a108b o [NSE] Added ssl-known-key.nse, which checks SSL certificates against a 
list of certificates with known keys that have been extracted from
  firmware files. [Mak Kolybabi]
 2011-03-22 19:44:40 +00:00
patrik
4528f52188 Deleted the ms-sql-discover script per the following discussion: 
http://seclists.org/nmap-dev/2011/q1/725 [Patrik]
 2011-03-19 20:09:43 +00:00
fyodor
e896e27e8a Put rpcinfo in the default category and also improve the NSEDoc documentation for it slightly 2011-03-19 08:06:34 +00:00
david
a3ec901899 Add nping-brute.nse from Toni Ruottu. 2011-03-13 02:02:27 +00:00
david
3fe40dd995 Add dns-brute.nse. 2011-03-05 21:15:58 +00:00
david
987d5f19a4 --script-updatedb. 2011-03-05 21:05:28 +00:00
david
bb4a4203a5 Add ovs-agent-version.nse, a script to detect the ovs-agent service for 
which existing single probes are ambiguous.
 2011-03-02 07:39:31 +00:00
patrik
d6bbc6da8f o [NSE] Added probe for Apple iPhoto (DPAP) and the dpap-brute script that 
performs password guessing against a shared iPhoto library. [Patrik]
 2011-02-26 16:24:54 +00:00
david
e5717f259a Add quake3-master-getservers from Toni Ruottu. Move the 
quake3-master-protocols data file inside of
quake3-master-getservers.nse.
 2011-02-22 21:55:23 +00:00
patrik
e50d65755b * Add a new script snmp-ios-config that pulls the config from a Cisco devices 
using SNMP and tftp. The script was created by Vikas Singhal.
* Add tftp library, used by the snmp-ios-config script, that acts as a server
  and receives the config file from the device. [Patrik]
 2011-02-22 09:13:03 +00:00
david
181951a2c6 Move db2-discover out of "discovery" and into "safe", like the other 
scripts that behave like it does.
 2011-01-24 07:22:07 +00:00
fyodor
f037a54cd7 Update Nmap version number to 5.36TEST4 in prep for the next release in a day or two and regenerate relevant files 2011-01-20 10:29:18 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
0658e53070 Add gopher-ls.nse by Toni Ruotto. 2010-12-29 18:46:16 +00:00
david
ad40df2c9b Add modbus-discover.nse from Alexander Rudakov. 2010-12-16 08:59:16 +00:00
patrik
c9ba464c28 Renamed domino-enum-passwords script to http-domino-enum-passwords 2010-12-15 08:52:31 +00:00
david
573088f99c Change categories of netbus-auth-bypass from {"default", "vuln", "safe"} 
to {"auth", "intrusive", "vuln"}. The first categories are the same as
in realvnc-auth-bypass, which would seems to be a very similar script,
but netbus-auth-bypass can have the additional side effect of breaking
future authentication attempts for all users, which is solidly
intrusive.
 2010-12-13 18:00:06 +00:00
david
90a2819a04 o [NSE] Added scripts by Toni Ruotto communicating with the NetBus 
remote administration/backdoor program.
  - netbus-info: gets configuration information.
  - netbus-brute: guesses passwords.
  - netbus-version: distinguishes NetBus from NetBuster, a program
    that mimics the protocol but doesn't actually allow any
    operations.
  - netbus-auth-bypass: Checks for a bug in the server that allows
    connecting without a password.
 2010-12-13 18:00:02 +00:00
david
a7e80b4cf3 Update script.db. 2010-12-13 17:30:08 +00:00
david
ccd901f918 Put realvnc-auth-bypass.nse in "auth" category. 2010-12-13 17:30:06 +00:00
patrik
46cdf28fce o [NSE] Added a new iSCSI library and the two scripts iscsi-info and 
iscsi-brute. [Patrik]
 2010-12-10 23:20:59 +00:00
patrik
38a21c4d17 o [NSE] Add new script broadcast-ms-sql-discover and removed broadcast 
support from ms-sql-info. [Patrik]
 2010-12-10 23:12:27 +00:00
david
adc460fc22 o [NSE] Added the ftp-proftpd-backdoor.nse script by mak Kolybabi, 
which checks for a backdoor in ProFTPD 1.3.3c.
 2010-12-07 00:22:01 +00:00
david
f8530814ab o [NSE] Added http-vhosts.nse from Carlos Pantelides. This script 
brute-forces virtual hosts by sending different Host headers to the
  same server.
 2010-12-06 05:19:35 +00:00
david
f8b17ae441 o [NSE] Added the hddtemp-info script from Toni Ruotto, which gets 
hard drive temperatures from the hddtemp service.
 2010-11-29 19:00:11 +00:00
fyodor
3652bd6939 Rename a couple http scripts to make it more clear that they use the http protocol and for consistency with other script names 2010-11-20 04:22:51 +00:00
fyodor
10d85c1a6b Removed broadcast-upnp-info and broadcast-dns-service-discovery from the default category. With these running by default, I was getting a bunch of information about printers and stuff on my LAN. Which is great info, and I love the scripts, but that's not what I'm really looking for when just trying to scan scanme.nmap.org 2010-11-20 02:04:00 +00:00
patrik
734f938b04 o [NSE] Added a new Web Service Dynamic Discovery library (wsdd) and the two 
scripts broadcast-wsdd-discover and wsdd-discover. [Patrik]
 2010-11-10 22:35:13 +00:00