PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-15 10:59:01 +00:00
Code Issues Projects Releases Wiki Activity
8,697 Commits 2 Branches 0 Tags
84c944fb71fe0916bca6a94de1d619cd6931ece6
Commit Graph

8697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
3e71473630 Update scripting.xml to reflect Lua 5.2 
Changed links to Lua reference manual to point to appropriate sections
for 5.2. Books (Reference Manual and Programming in Lua, 2nd ed.) have
not been updated to 5.2 yet, so those were left alone.

Documented the change in API for linking C libs (luaL_newlib and
luaL_Reg vs luaL_register and luaL_reg).
 2012-06-28 20:09:36 +00:00
kroosec
7ca5589659 sip-brute: Added TCP support. 2012-06-28 09:20:43 +00:00
kroosec
c28ec08836 Added TCP support. Cleaned redundant code. 2012-06-28 09:00:36 +00:00
kroosec
2dffec733e Allowed support of SIP over TCP and made adequate changes to sip.lua 2012-06-28 08:47:07 +00:00
fyodor
f3fd6b5b32 Congratulations to new Nmap committer Dan Miller\! 2012-06-28 00:22:03 +00:00
kroosec
886f64f1f9 Typo in changelog. 2012-06-27 15:46:00 +00:00
fyodor
d5af1f6940 rebuilt nmap-services to include memcachedb on 21201/tcp 2012-06-26 23:59:19 +00:00
fyodor
1f8d3ee033 Add a task note about considering whether to ship OpenSSL source with Nmap, so users who don't have it installed can still get the functionality in their Nmap 2012-06-26 20:06:59 +00:00
fyodor
5826ebbc4c Removed some instances of '<' and '>' in the CHANGELOG to avoid HTML escaping problems on pages such as http://nmap.org/changelog.html. This is actually a pretty lame solution. First of all, things like XML output examples are best shown using angle brackets. Second, there are still other angle brackets in the file. It would probably be better to fix the changelog.html to handle the escaping or to create an escaped version automatically. But, for now, I'm choosing the easy but short-term fix 2012-06-26 10:05:45 +00:00
kroosec
0bdff46418 Added Timeout sip response code (408). 2012-06-26 09:26:01 +00:00
david
3e50107f23 Use less memory for ip_addr in port_reason. 
This was a sockaddr_storage, which is 128 bytes. This is a lot for a
structure that is part of Port. It is now a union of sockaddr_in and
sockaddr_in6, which is 28 bytes. A new set_ip_addr method sets the union
from a sockaddr_storage, where plain assignment was used before.

The sockaddr_storage was introduced in r23778, the first big IPv6 merge.
 2012-06-26 03:23:14 +00:00
kroosec
cb38bebdce Added busy and decline response status code. 2012-06-26 00:35:23 +00:00
fyodor
81ce80cb02 add an ndis-6 related task 2012-06-25 22:26:12 +00:00
perdo
f7a02d8d19 Added a list of webpage file formats. 2012-06-25 17:56:21 +00:00
perdo
2730adc516 Modified the spidering library to allow to use a HEAD rather then GET request for files with certain extensions. 2012-06-25 17:54:38 +00:00
kroosec
a6fe7c75aa Fixed documentation and return values for options sip request. 2012-06-25 00:55:52 +00:00
kroosec
c0adb90e28 getHeader is now case insensitive. 2012-06-23 17:54:31 +00:00
david
173719e174 --script-updatedb. 2012-06-23 14:08:33 +00:00
david
595470559a Add sql-injection to OLD_SCRIPT_NAMES from rename in r29034. 2012-06-23 14:08:32 +00:00
perdo
95df6230ca Added forms handling capability to http-sql-injection. Also, modified the output structure a bit and fixed some trailing whitespaces. 2012-06-23 13:51:19 +00:00
perdo
f626ca04f2 Renamed sql-injection.nse to http-sql-injection.nse. 2012-06-23 13:47:48 +00:00
kroosec
348cfc9d25 Added NOTFOUND response status code. Added default user value 'user'. 2012-06-23 12:35:54 +00:00
sean
bfeecd1895 Output for script results is now sortedi alphabetically. 2012-06-23 04:17:24 +00:00
david
b6f66fba81 Fix for http-wordpress-plugins by Daniel Miller. 
http://seclists.org/nmap-dev/2012/q2/887
 2012-06-22 18:58:53 +00:00
aca
ba5a79acdc Added few aditional credentials to http-default-accounts fingerprints 2012-06-22 16:06:05 +00:00
kroosec
98a68b7407 Added default values for Expires, Call-ID, Allow and Content-Length headers in SIP requests and removed redundant code. 2012-06-22 12:17:55 +00:00
aca
e2356ce887 Typo... 2012-06-22 10:57:53 +00:00
sean
43889ae495 Changed the active(release) compile setting from MT to MD to bring it in line with all of the other Nmap projects to fix the ' 
8>LINK : warning LNK4098: defaultlib 'LIBCMT' conflicts with use of other libs; use /NODEFAULTLIB:library'
 2012-06-21 05:06:34 +00:00
sean
3215bf602a Fixed the LNK4006 warning from http://seclists.org/nmap-dev/2006/q3/22 
By removing lua.c and luac.c from the compile path
 2012-06-21 04:33:09 +00:00
sean
982f26ccf6 Removed the pragma as liblua ignored it. 2012-06-21 04:25:25 +00:00
sean
663c44acc9 Tidied up the #pragma command 2012-06-21 04:16:04 +00:00
sean
0c1c89a022 Added a pragma to supress the lgc.c(988): warning C4146: unary minus operator applied to 
unsigned type, result still unsigned. We don't want to fix liblua
 2012-06-21 03:55:24 +00:00
sean
896bcc520b Fixed the warning liblinear.lib(linear.obj) : MSIL .netmodule or module compiled with /GL found; restarting link with /LTCG; add /LTCG to the link command line to improve linker performance by just adding the /LTCG flag. 2012-06-21 03:48:40 +00:00
sean
35aa0812fd Deleted the incremental flags instead. 2012-06-21 03:32:49 +00:00
sean
af7191e954 Fixed the link error http://msdn.microsoft.com/en-us/library/3ec25010(v=vs.80).aspx (LNK4075). Essentially setting Incremental to YES is redundent and therefore ignored http://msdn.microsoft.com/en-US/library/4khtbfyf(v=vs.80) says that Incremental defaults to yes. 2012-06-21 03:17:36 +00:00
david
2404fc7d64 Return nil and an error message when a socket is not connected. 
Daniel Miller noticed that the behavior of socket functions didn't match
the documentation when a socket was not connected. The code would raise
a Lua error (ending the script) instead of returning a false status code
as documented.

http://seclists.org/nmap-dev/2011/q3/840
http://seclists.org/nmap-dev/2012/q2/505
 2012-06-21 03:11:17 +00:00
sean
d653563331 Fixed the warnings " warning: variable ‘readbuff’ set but not used [-Wunused-but-set-variable]". Added error handling in the event that readbuff was NULL. 2012-06-21 02:02:37 +00:00
sean
8d6243980f Patched the "ProbeMode.cc:183:25: warning: variable ‘loopret’ set but not used [-Wunused-but-set-variable]" by added error handling for the NSOCK_LOOP_ERROR return value. Thisbrought ProbeMode::start inline with the rest of nmap's handling of nsock_loop. 2012-06-21 01:45:25 +00:00
sean
5a98556318 Changed the outFatal to an outError for consistancy with the other error messages 2012-06-21 01:36:22 +00:00
kroosec
b940d201d4 Added http-proxy to shortport likely http services. 2012-06-21 01:32:22 +00:00
sean
7be1b6b6d2 Fixed the warning about "ProbeMode.cc:182:18: warning: variable ‘ev’ set but not used [-Wunused-but-set-variable]". The code set the ev variable however it never did anything with it. 
-This line, and those below, will be ignored--

M    nping/ProbeMode.cc
 2012-06-21 01:26:45 +00:00
david
feea11ed24 Catch an exception that happens while aggregating a new scan. 2012-06-21 00:56:55 +00:00
david
aca56d8f6e Handle the special case of an empty services list. 
There should be better error handling here in general, but an empty
string is something that Nmap can legitimately emit.
http://seclists.org/nmap-dev/2012/q2/876
 2012-06-21 00:56:54 +00:00
david
6eb37db01b Simplify output_rangelist_given_ports. 2012-06-20 23:08:33 +00:00
david
42f71759c2 Use one, not two, spaces after "WARNING:". 
There were more cases of one space than two.
 2012-06-20 20:13:51 +00:00
kroosec
d6015faec5 Added intensive mode and Naxsi fingerprints to http-waf-fingerprint. 2012-06-20 20:04:08 +00:00
david
360ba052e9 AUTH_UNIX support for rpc.lua. 
http://seclists.org/nmap-dev/2012/q2/54

This patch is from Daniel Miller. He writes:

I've just finished enhancing the nfs-ls, nfs-statfs, and nfs-showmount
scripts so that they can run based on version detection information,
for cases where the portmapper is firewalled. For nfs-ls and
nfs-statfs, this required making a hostrule to check that both a
mountd service and a nfs service were detected. In the process, I
ended up adding the AUTH_UNIX flavor to rpc.lua, since the RFC states
that AUTH_NULL can only be used for the NULL procedure (and my Linux
nfs-kernel-server was enforcing that).

Other minor changes:

* If running privileged, attempt to bind to a reserved port. Many NFS
servers refuse to talk to source ports >1024, as a "security measure"
* handle an odd case in nfs-ls where READDIRPLUS does not return file
attributes. Chose to use all ?'s, but in the future maybe a direct
GETATTR call?
* remove reference to nfs.dirlist argument from nfs-ls doc, since it is unused
 2012-06-20 02:12:58 +00:00
david
be24e6d5c4 Catch exceptions when running a sub-Nmap in the profile editor. 2012-06-19 17:10:58 +00:00
david
8e5bfd5fa7 Remove unused member. 2012-06-19 17:10:57 +00:00
david
373d00fcee Also handle subclasses of OSError when running an executable. 
We checked for OSError so that we could give a useful custom error
message on ENOENT. But on Windows, it is a WindowsError, which is a
subclass of OSError.
 2012-06-19 16:43:42 +00:00