PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity
11,144 Commits 2 Branches 0 Tags
7f779ef8b64a33072ec6796871c247c65a8759f8
Commit Graph

43 Commits

Author SHA1 Message Date
dmiller
d6e7148d9e Add some more TLS registry items (no new ciphers at this time) 2017-06-08 12:27:45 +00:00
dmiller
21553bebb9 Allow scripts to set record protocol version via tls.client_hello 2017-02-24 15:47:49 +00:00
dmiller
27785ce8e5 New script tls-ticketbleed. Closes #686 2017-02-09 21:30:14 +00:00
dmiller
5d5aa8c26c Update tls.lua assignments from IANA: ciphersuites and curves 2016-12-17 23:17:28 +00:00
dmiller
e4717fa068 Add tls.servername script-arg. Closes #540 2016-12-05 17:44:32 +00:00
dmiller
1d696c1918 Factor out handshake parsing. Trust me, it'll be worth it. 2016-09-28 13:22:41 +00:00
dmiller
95e4c05fc4 Refactor TLS record/message parsing a bit to make it clearer. 2016-09-24 00:58:27 +00:00
dmiller
4290b983d4 Fix parsing of TLS heartbeat (not used for ssl-heartbleed.nse) 2016-09-24 00:58:26 +00:00
dmiller
0df1867dd1 Convert tls.lua from bin.(un)pack to Lua 5.3 string.(un)pack 2016-08-31 02:32:27 +00:00
dmiller
1bbd6c8e90 Fix a bug: forgot to pass in the protocol version 2016-08-31 02:32:25 +00:00
dmiller
fc948c437b Add warning for SWEET32 on CBC with block size <= 64 bits 2016-08-24 16:07:57 +00:00
dmiller
cb4b46bd53 Canonicalize authors as tables instead of comma-separated strings 2016-06-09 22:46:42 +00:00
dmiller
b341915722 Deprecate RC4 ciphersuites 2016-05-02 13:55:16 +00:00
dmiller
bbee119188 Support fragmented TLS records. Closes #194 2015-10-29 22:18:32 +00:00
dmiller
ddc5762ca9 Fix reporting of DH and ECDH param sizes 
Finite-field (traditional) DH parameter strength should be reported in
bits. ECDH key strength is the size (log base 2) of the order of the
base point G (see NIST SP 800-57 rev 3 section 5.6.1)
 2015-09-16 04:51:49 +00:00
dmiller
6a38678b56 re-sync TLS ciphersuite names that changed in r34683 2015-06-23 00:08:58 +00:00
dmiller
ba38345c32 Mark some TLS ciphersuites as draft 2015-06-19 21:36:53 +00:00
dmiller
ce9eb6b0f3 Fix DH parameter extraction in tls.lua (Jacob Gajek) 2015-06-17 21:17:43 +00:00
dmiller
ab5b346352 Obey TLSv1.2 RFC regarding anonymous signature type 2015-03-25 19:35:20 +00:00
dmiller
170a45f21d Fix a typo in a debug message 2015-03-25 14:30:18 +00:00
dmiller
04fee3d14c Move TLSv1.2 signature_algorithms extension defaults into tls.lua 2015-03-25 02:29:25 +00:00
dmiller
ed86473b0c Send supported signature algorithms for TLSv1.2 2015-03-24 23:22:19 +00:00
dmiller
1fd4b3edd8 Use some sane defaults in tls.client_hello 2015-03-06 19:59:59 +00:00
dmiller
40945dc702 Send SSLv3 as record version in ClientHello for compatibility 2015-03-06 19:59:57 +00:00
dmiller
0e74dd7a35 Replace some string.char and bin.pack calls with literals 2015-02-27 19:42:56 +00:00
dmiller
e50e802c4b Remove incomplete certificate_request parser in tls.record_read 2014-12-02 18:36:17 +00:00
dmiller
8f414cfc3a Correct conversion of DH key size to RSA bit strength equivalent 2014-11-07 21:41:38 +00:00
dmiller
222b2a009d Use internal cipher/handshake scoring system instead of static datafile 2014-11-07 16:39:26 +00:00
dmiller
f365b81c23 Add server certificate message parsing to tls.lua 2014-11-05 05:55:54 +00:00
dmiller
040b813986 tls.lua: get info about a cipher suite by parsing its name 2014-11-03 21:29:31 +00:00
dmiller
e9354a4793 Add TLS_FALLBACK_SCSV checking to ssl-poodle 2014-10-22 17:01:19 +00:00
batrick
ee6622aea4 nselib stdnse.print_debug -> stdnse.debug 
$ f() { find -name \*.lua -exec /bin/echo sed -i "$1" {} \; ; }
$ f 's/stdnse.print_debug( *\([0-9]*\) *, */stdnse.debug\1(/'
$ f 's/stdnse.print_debug( *"\(.*\))/stdnse.debug1("\1)/'
 2014-08-03 00:56:45 +00:00
dmiller
9ca584d0b8 Make tls.record_read more strict about protocol correctness 2014-04-17 02:15:03 +00:00
dmiller
582afb7746 Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746 2014-04-10 15:14:12 +00:00
dmiller
9e601256c6 Add parsing support for TLS heartbeat ContentType 2014-04-08 20:12:22 +00:00
dmiller
c87a4f1b3f Fix an off-by-one bug in TLS record parsing 2014-04-08 20:12:21 +00:00
henri
df4f3e77b8 Added TLS heartbeat Content Type, which everyone is needing today 2014-04-08 13:21:31 +00:00
dmiller
162a30b3cf Fix TLS SNI extension, by nnposter 2014-04-08 02:46:20 +00:00
dmiller
f081cf31bb Allow numeric TLS extensions for unassigned ExtensionTypes 2014-04-03 18:29:07 +00:00
dmiller
6c2ab1e289 Add missing TLS extension types registered with IANA 2014-03-21 20:49:35 +00:00
dmiller
4eaa21e7cb Integrate David's ssl-enum-ciphers improvements 
From this thread: http://seclists.org/nmap-dev/2014/q1/105

* Extensions now better supported in tls.lua
* ssl-enum-ciphers sends all EC options to ensure servers reply with
  supported EC suites
* tls.lua supports multiple messages of a single type within 1 record
* tls.record_buffer will read an entire TLS record into a buffer
* ssl-date and tls-nextprotoneg updated to use tls.record_buffer
 2014-01-30 18:12:14 +00:00
dmiller
760da1788f Let tls-nextprotoneg use tls.lua library 
Required fixes to tls lib's extensions (did not previously support
extension data)
 2014-01-16 18:10:02 +00:00
dmiller
71b0769fc3 New tls.lua library for handling TLS records 2014-01-16 18:09:57 +00:00