PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity
11,144 Commits 2 Branches 0 Tags
7f779ef8b64a33072ec6796871c247c65a8759f8
Commit Graph

215 Commits

Author SHA1 Message Date
nnposter
d1e8388b7e Trivial documentation clean-up 2017-07-07 20:11:53 +00:00
nnposter
78486c1b89 Removes potentially confusing comment 2017-07-07 19:19:00 +00:00
vinamra
2c98b309a8 Corrects URL-Redirection in Relative Paths closes #918 2017-06-24 19:04:06 +00:00
nnposter
d478199ada Allows cookies to have unrecognized attributes (see RFC 6265, Section 5.2). Fixes #866 2017-04-29 14:36:46 +00:00
nnposter
0b36ba5cea Allows unquoted cookie values to contain whitespace, as defined in RFC 6265. Fixes #844 2017-04-29 14:05:57 +00:00
dmiller
5953b817ac A couple tests for http.lua; see #844 2017-04-27 17:28:46 +00:00
nnposter
b9aac1d6ba Cleans up inline documentation for the default HTTP redirect behavior. Fixes #831 2017-04-19 18:42:51 +00:00
nnposter
cfa57758ad Changes the redirect rule to return false in case of a missing path. This 
change aligns the code with the corresponding comment. Fixes #830
 2017-04-19 18:39:20 +00:00
nnposter
ab96f9c2e7 Corrects a default HTTP redirect rule for hostname/domain matching. Fixes #829 2017-04-19 18:35:31 +00:00
nnposter
17c37b7e8d Corrects a default HTTP redirect rule: 
A redirect should not be carried out if credentials are embedded in the URL.
Fixes #826
 2017-04-19 18:30:13 +00:00
nnposter
e80976a13a Provides a common function, url.get_default_port(), for obtaining 
the default port number for a given scheme. Fixes #781
 2017-04-19 18:00:36 +00:00
nnposter
af6bbc35bb Changes the port type returned from url.parse() to an actual integer, as 
opposed to a string that represents an integer. Fixes #833, fixes #817.
 2017-04-19 17:02:32 +00:00
nnposter
e4d923f076 Allows the port to be a simple number 2017-04-01 22:33:37 +00:00
nnposter
3a9b4d93af Allows the port to be a simple number 2017-04-01 22:05:36 +00:00
nnposter
11a8c315ed Includes port information in the Host header for non-standard ports. Fixes #766 2017-04-01 14:33:54 +00:00
nnposter
1bdbc2a680 Improves parsing of the HTTP status line. Fixes #772 2017-04-01 14:25:36 +00:00
nnposter
af5f88dd00 Implements a new member, fragment, of the HTTP response body. It contains 
a partially received body (if any) when the overall request fails to complete.
 2017-03-29 15:58:39 +00:00
nnposter
b34eaabb3b Allows the HTTP Set-Cookie parser to handle a trailing semicolon. Fixes #731 2017-03-21 13:46:30 +00:00
nnposter
bbfb5dfed6 Corrects a debug message. Removes confusion about any_af. 2017-03-16 19:36:50 +00:00
nnposter
99fa80851c Preserves targetname for connections requested with option any_af. 
Relocates option any_af to comm.lua to make it more broadly available.
 2017-03-05 15:41:46 +00:00
nnposter
2be31d5f49 Allows processing of HTTP responses with malformed headers. Such header lines are still captured in the rawheader list but skipped otherwise. Closes #573. 2016-10-30 18:40:15 +00:00
nnposter
ec3f6f9ac4 Adds a notice that pipeline_go() may not return all responses. 2016-09-27 18:29:00 +00:00
nnposter
d834d652ac Removes a hint that HTTP pipeline only handles GET requests 2016-09-27 16:05:48 +00:00
nnposter
06a25384b6 Fixes additional stale pipeline_go references 2016-09-27 16:01:39 +00:00
nnposter
88f6ddc596 Corrects handling of empty pipelines, expressed as nil. Fixes #538 2016-09-12 16:14:33 +00:00
dmiller
3c7fe1e452 Remove some unused functions 2016-09-08 13:31:24 +00:00
nnposter
45ba24dfe2 Corrects another stale http.pipeline_go() reference 2016-09-02 14:03:21 +00:00
nnposter
f1443b3e78 Replaces deprecated function name with its current equivalent in http.lua documentation example 2016-09-02 12:36:00 +00:00
dmiller
92f52de958 Remove trailing whitespace 2016-08-29 20:30:26 +00:00
dmiller
ee481851f5 Silence warnings about the new any_af request option 2016-03-16 05:47:57 +00:00
dmiller
c7892e365f Let http.lua functions optionally connect via any address family 
Sometimes (e.g. when using an external API), a script wants to connect
by name to a server and doesn't care whether IPv4 or IPv6 is used. By
passing the "any_af" option, the first resolved address of any address
family will be used, allowing external-category scripts which used to
fail with -6 to succeed.
 2016-03-16 05:07:59 +00:00
dmiller
74bd78267a http cookie and form parsing updates 
1. getattr now decodes html entities in attributes (useful for & in href
   attributes, for instance)
2. Cookie validation allows max-age, httponly, and secure attributes
3. Use table concatenation instead of repeated string concatenation to build
   cookie string.
 2015-12-31 15:50:25 +00:00
tomsellers
58f00324eb NSE: Prevent http.identify_404 from following HTTP redirects, standardize calls to it. Closes #251 2015-12-05 10:16:51 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
521226cd63 Fix a bug with declaring parse_set_cookie local twice 2015-11-04 03:57:17 +00:00
dmiller
5e2bb7ad86 Fix parsing of Set-Cookie headers. Closes #229 2015-11-02 16:02:50 +00:00
dmiller
0146739b87 Fix http.get_url with https. http://seclists.org/nmap-dev/2015/q3/336 2015-09-21 19:05:38 +00:00
dmiller
9840973b60 Fix format string argument mismatches 
Cases where the format string does not contain any placeholders, but
values are given anyway. Cases where string.format is used without any
placeholders or arguments.
 2015-09-18 12:40:32 +00:00
dmiller
6752546ef5 Fixes #212 http.get_url with https 2015-09-18 03:54:59 +00:00
dmiller
7c08cf9c4f Clean up nested list in nsedoc 2015-08-04 14:21:48 +00:00
gyani
759d944397 Modified the debug string that is passed when ssl is not present to 
include ntlm.
 2015-07-04 08:22:08 +00:00
gyani
3d2a008cef Modified smbauth.lua to create ntlmv2 session response. 
http.lua now allows NTLM authentication.
 2015-07-04 08:19:17 +00:00
dmiller
54543b303c Clean up some documentation regarding http redirects 2015-04-10 12:56:05 +00:00
dmiller
2e55f5d3b8 Allow redirect_ok to be a number of redirects to follow (http.lua) 2015-04-10 03:42:44 +00:00
dmiller
99cc5102c3 Correct a typo: tables don't work like strings 2014-09-23 13:41:58 +00:00
dmiller
a101e58a4c Abstract case-insensititive html tag searching 2014-09-20 14:49:57 +00:00
dmiller
ed9ecc54ea Improve html form parsing, patch from nnposter 
http://seclists.org/nmap-dev/2014/q3/418
 2014-09-20 14:49:55 +00:00
dmiller
e8eddb6cfe Use comm.lua default timeouts for http.pipeline_go, remove unused get_default_timeout 2014-09-18 04:11:28 +00:00
dmiller
327496d50c Relax http.parse_form to allow forms without an action 
Patch from nnposter: http://seclists.org/nmap-dev/2014/q3/384
 2014-09-18 03:38:23 +00:00
dmiller
440ed59396 Export http.parse_redirect, a useful function 2014-09-17 21:57:57 +00:00