henri
7e1e29ac4f
Added ftp-vsftpd-backdoor, which detects a backdoor that was introduced
...
into vsftpd-2.3.4 source code distributions. [Daniel Miller]
2011-07-05 07:16:55 +00:00
paulino
7b83ec9370
TODO update
...
Accomplishments:
* Added 117 new signatures to http-enum for a new total of 223! These new signatures are all from vulnerable web applications taken from exploit-db.com's archives from July 1 2009 until May 30 2011. I only checked advisories with more than 300 views to focus on the most popular apps and also did a quick Google search to make sure there are enough installations out there.
* Researched about malware detection methods in HTTP servers.
* Submitted http-default-accounts.nse to nmap-dev
* Fixed a bug in http.lua. The argument 'http.pipeline' was not being read correctly.
* Submitted http-unsafe-host.nse to nmap-dev
* Added more signatures to http-default-accounts
* Submitted http-wp-enum to nmap-dev
Priorities:
* Work on more NSE scripts
* Polish documentation in all my scripts
* Add more signatures to http-default-accounts
2011-07-05 03:51:39 +00:00
gorjan
abf2a20866
Adding the NSE nmap.list_interfaces() function that lists all interfaces available to Nmap.
2011-07-05 00:01:35 +00:00
shinnok
2a0c839986
Update status on a bunch of tasks in my TODO file.
2011-07-04 21:41:47 +00:00
paulino
4348f6fa07
Adds fingerprints for Drupal and Arris 2307
2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d
Adds new fingerprint and new login template.
2011-07-04 20:56:06 +00:00
paulino
89bf1d1661
Fixes bug when adding credentials using creds library.
2011-07-04 20:55:39 +00:00
patrik
d1fbee17df
changed so that nping-brute uses silent_require rather than require for openssl
...
[patrik]
2011-07-02 18:02:54 +00:00
paulino
4f21388faa
Adds http-default-accounts fingerprint database
2011-07-01 21:43:53 +00:00
paulino
82a68e02db
Adds http-default-accounts - It tests for access with default credentials in a variety of web applications and devices.
...
It works similar to http-enum, we detect applications by matching known paths and launching a login routine using default credentials when found.
This script depends on a fingerprint file containing the target's information: name, category, location paths, default credentials and login routine.
2011-07-01 21:43:34 +00:00
gorjan
f15baac22d
Update todo file
2011-07-01 21:38:56 +00:00
paulino
5fcfb8abc6
* Adds Wikipedia path to the wiki signatures.
2011-07-01 20:47:06 +00:00
paulino
47a338c85a
* Adds note about a desired feature: cache system for http pipelines
...
* Adds note about the new signatures added to http-enum
2011-07-01 20:45:28 +00:00
paulino
390eb9e4ab
* Fixes bug when parsing script-args. The script was only using the value from the argument 'pipeline' but not from 'http-enum.pipeline'.
...
* Makes clean_404 a public function. This function is used in the NSE script http-waf-detect to remove text that changes.
2011-07-01 20:34:01 +00:00
paulino
d69d7aa820
No more duplicates in this database.
2011-07-01 19:27:53 +00:00
paulino
fb07b4082a
Moves lotus domino fingerprints under the same one
2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5
Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009.
2011-07-01 19:02:34 +00:00
paulino
e420332846
Adds 120 new entries under the categories: general, attacks, cms, security, management and database.
2011-07-01 10:18:10 +00:00
fyodor
f2d2cc6e87
Remove a change which actually got reverted a while back and is being redone
2011-07-01 06:45:39 +00:00
djalal
b4f865179b
o [NSE] Added another missing check that will report that the server is not vulnerable.
2011-06-30 23:11:11 +00:00
fyodor
d498efba48
Apparently the require 'root' feature was removed
2011-06-30 22:39:23 +00:00
fyodor
e8b422e09a
latest generated man pages
2011-06-30 22:38:52 +00:00
djalal
1c3d400822
o [NSE] Added ftp-vuln-cve2010-4221 script which checks if the ProFTPD
...
server is vulnerable to the Telnet IAC stack overflow CVE-2010-4221
[Djalal].
2011-06-30 22:21:25 +00:00
djalal
fe981e5014
o [NSE] Added an ftp.connect() methode.
2011-06-30 22:14:58 +00:00
fyodor
9e1fc9cffb
OK, I think I'm done with the CHANGELOG\!
2011-06-30 22:07:33 +00:00
gorjan
789977d8df
Adding a dependency for backorifice-brute to backorifice-info
2011-06-30 15:47:32 +00:00
gorjan
88b994a451
Small fix
2011-06-30 15:46:50 +00:00
fyodor
1facb2572c
Some minor work on CHANGELOG
2011-06-30 09:13:34 +00:00
fyodor
1c702ffad3
trivial nsedoc change
2011-06-30 09:11:57 +00:00
fyodor
8d8d16ec80
trivial nsedoc change
2011-06-30 08:59:30 +00:00
fyodor
e27ff18e56
trivial nsedoc change -- define NCP
2011-06-30 08:58:12 +00:00
fyodor
f802f7ac09
Made a bunch of additions to the CHANGELOG in prep for 5.59BETA1 release. It still needs some reorganization though
2011-06-30 08:50:24 +00:00
fyodor
a1fba2c7e0
Move up the priority of a task about fixing option ordering requirements. People shouldn't have to worry about things like making sure -6 always comes before -A. To move it up, I had to detach it from a cluster of feature creeper tasks though, so at least I added a note to it that it is a potential FC tasks.
2011-06-30 01:15:40 +00:00
fyodor
d6ec64ec2c
Add an Ncat-portable-related task
2011-06-29 23:49:07 +00:00
shinnok
a1e9bf6683
Add Ncat Portable to CHANGELOG.
2011-06-29 15:03:19 +00:00
fyodor
130e417be9
fix a small nsedoc typo noted by Henri Doreau
2011-06-29 09:05:03 +00:00
fyodor
5ed369d576
Update nmap-mac-prefixes to the latest data as of 2011-06-29
2011-06-29 08:33:42 +00:00
fyodor
a5bfcedda3
Add an idea we talked about in the NSE meeting yesterday
2011-06-29 08:18:13 +00:00
fyodor
009f3fb2e4
Just added a missing period
2011-06-29 06:24:17 +00:00
david
9087668916
Add new OS fingerprint for scanme.
...
Shows apparent new Linux TCP windows.
2011-06-29 04:47:02 +00:00
fyodor
9a2b80c34d
Remove ip-geolocation-quova -- it include an API key which apparently required agreeing to the Quova terms of service to obtain ( http://developer.quova.com/apps/tos ). And those seem to pretty clearly ban this sort of use. So we can only use this script if we get permission from Quova (best option), or we make it so that user is required to pass a key as nsearg
2011-06-29 03:34:47 +00:00
fyodor
53b61dac59
Added a TODO entry with summaries of all 41 (wow!) new NSE scripts!
2011-06-29 01:46:00 +00:00
david
07d1df5d59
Update ca-bundle.crt CHANGELOG entry.
2011-06-29 01:36:58 +00:00
fyodor
a683b6ae69
just added a word to the description
2011-06-29 01:36:34 +00:00
fyodor
511adcb497
Move the brief summary of both vulns into the summary sentence so people see them at a glance from the nsedoc script lists
2011-06-29 01:34:24 +00:00
fyodor
536e00ea42
Went through all the new (since 5.51) scripts and improved (I hope) the nsedoc descriptions a bit and made some other very minor cleanups
2011-06-29 01:29:14 +00:00
paulino
651197768b
Adds http-barracuda-dir-traversal -
...
Attempts to retrieve the configuration settings from the MySQL database
dump on a Barracuda Networks Spam & Virus Firewall device using the
directory traversal vulnerability in the "locale" parameter of
"/cgi-mod/view_help.cgi" or "/cgi-bin/view_help.cgi".
The web administration interface runs on port 8000 by default.
Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval
Original exploit by ShadowHatesYou <Shadow@SquatThis.net >
For more information, see:
http://seclists.org/fulldisclosure/2010/Oct/119
http://www.exploit-db.com/exploits/15130/
2011-06-28 23:43:34 +00:00
fyodor
832d1e91fa
Update version number for next release (5.59BETA1)
2011-06-28 22:19:31 +00:00
david
21cbe8ffba
Use a big enough buffer in traceND. Same as r24365 in
...
/nmap-exp/weiling/nmap-nd.
2011-06-28 21:58:54 +00:00
fyodor
4b67955fd8
Minor CHANGELOG modifications, mostly just moving new NSE scripts together in one place
2011-06-28 08:29:15 +00:00
