PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-11 00:49:02 +00:00
Code Issues Projects Releases Wiki Activity
8,461 Commits 2 Branches 0 Tags
8572c85d0bd367dcb3e5fbffdbed3f9efa4e17be
Commit Graph

8461 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sophron
8572c85d0b Correctly handle cases where the tested fingerprint path does not end with "/". Patch by nnposter. 2013-07-30 00:03:04 +00:00
fyodor
6e01ecd452 Update an email address, fix a typo, and slightly reword a sentence. 2013-07-30 00:02:00 +00:00
fyodor
fa6db96c73 Update the man page to use the latest text from COPYING file and regenerate 2013-07-29 23:57:40 +00:00
sophron
d3cb3dfa37 Fixed category's name in the description of http-default-accounts.nse. 2013-07-29 22:19:59 +00:00
sophron
40220702d0 Added Linksys WAP200 to http-default-accounts-fingerprints. 2013-07-29 22:17:52 +00:00
sophron
91858c55d4 Handle 404 responses. Patch by nnposter. 2013-07-29 15:57:34 +00:00
fyodor
d6a013dc51 Note that the 6.40 changelog is still incomplete. I hope to finish it today before leaving for Las Vegas tomorrow. 2013-07-29 09:10:34 +00:00
fyodor
f79a11aeeb o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 
If you ran the (fortunately non-default) http-domino-enum-passwords
  script with the (fortunately also non-default)
  domino-enum-passwords.idpath parameter against a malicious server,
  it could cause an arbitrarily named file to to be written to the
  client system.  Thanks to Trustwave researcher Piotr Duszynski for
  discovering and reporting the problem.  We've fixed that script, and
  also updated several other scripts to use a new
  stdnse.filename_escape function for extra safety.  This breaks our
  record of never having a vulnerability in the 16 years that Nmap has
  existed, but that's still a fairly good run. [David, Fyodor]
 2013-07-29 06:19:24 +00:00
sophron
93accf0619 Handle cases where the HTTP response fails. Patch by nnposter. 2013-07-29 06:14:04 +00:00
fyodor
b01fd55cb6 Change version number to 6.41SVN and regenerate auto-generated files such as man page, script.db, etc. 2013-07-29 06:00:07 +00:00
david
d7f795cd98 Expand a couple of fingerprints to match current scanme. 2013-07-29 00:01:53 +00:00
fyodor
83fb10ec56 Update the Nmap copyright/license files. This isn't the new Nmap Public Source License we've been discussing on the list, but rather just a 'quick patch' to hopefully prevent some of the abuse we've been seeing from companies lately. More details on the changes will be posted to the dev list. Also, the copyright year was updated to 2013 (which is the only change to Nsock license statements). 2013-07-28 22:05:05 +00:00
fyodor
30bb6ab191 Note a done task 2013-07-28 19:44:49 +00:00
david
5db8c41f9c Put ru.po Plural-Forms on a single line. 
Having this on two lines apparently uncovers a bug in some versions of
Python gettext. A Zenmap crash was reported by Дмитрий Никитич.

http://seclists.org/nmap-dev/2013/q2/525

http://bugs.python.org/issue1448060
https://bugzilla.redhat.com/show_bug.cgi?id=252136
 2013-07-27 01:59:21 +00:00
sophron
7e0ac25756 Added documentation and comments. 2013-07-25 15:42:16 +00:00
sophron
1fb88abed9 Corrected arguments name on the documentation of the script. 2013-07-25 01:59:07 +00:00
sophron
1f6467d8b6 [NSE] Added whois-domain.nse and renamed whois.nse to whois-ip.nse 2013-07-25 00:57:28 +00:00
d33tah
5ff69d478f Mention adding the environment variables in nmap's CHANGELOG. 2013-07-24 18:07:58 +00:00
d33tah
8f84863a23 add NCAT_LOCAL_ADDR, NCAT_LOCAL_PORT, NCAT_REMOTE_ADDR, NCAR_REMOTE_PORT, 
NCAT_REMOTE_ADDR environment variables set in all --*-exec child processes.
(this is a merge of ncat-env-conninfo as of r31516)
 2013-07-24 13:58:15 +00:00
d33tah
f5a142b0d4 make --lua-exec-internal switch STDOUT to binary mode. (this was merged from nmap-exp/d33tah/lua-exec-examples/ncat, r31481) 2013-07-23 12:36:09 +00:00
d33tah
aa1b31450b reverting the last commit, will put the script in a separate branch. 2013-07-20 15:39:38 +00:00
d33tah
7c526d7a75 commit the first version of my httpd.lua demo - probably most advanced one so far. 2013-07-20 15:12:04 +00:00
henri
63aa6d83fb Improved error handling in socket_block/unblock. 2013-07-18 20:29:29 +00:00
sophron
42942a3331 [NSE] Added http-referer-checker that informs about cross-domain include of scripts. 2013-07-18 14:55:16 +00:00
sophron
1ecec300db Allowed callbacks to 'withinhost' and 'withindomain' options and introduced 'doscraping' option. 2013-07-18 14:03:42 +00:00
sophron
28f2044442 Replaced tabs with spaces. 2013-07-18 13:58:25 +00:00
sophron
b9f35cbcac Fixed syntax mistake. 2013-07-18 13:56:45 +00:00
sophron
9c6d376bfc Allowed absolute paths to 'hostnames' argument. 2013-07-18 13:51:11 +00:00
sophron
b14d393918 Fixed syntax mistake. 2013-07-18 13:45:53 +00:00
sophron
f5e084197a [NSE] Added http-xssed that searches the xssed.com database for any previously reported vulnerabilities and outputs the result. 2013-07-18 13:31:27 +00:00
fyodor
80a3968136 Note some done tasks 2013-07-18 04:28:44 +00:00
david
e7c279f940 Parted Magic is spelled with a space. 2013-07-18 03:38:37 +00:00
d33tah
713641fb2f fix the Lua tests. 2013-07-17 21:41:22 +00:00
fyodor
30c35d31be Update to the latest MAC address prefixes from IEEE, current as of just now 2013-07-17 16:39:22 +00:00
david
f845bf38c4 CHANGELOG for Nping ICMP ID matching. 2013-07-17 04:48:05 +00:00
david
d22fe5be68 Check for matching ICMP ID on echo reply. 2013-07-17 04:48:04 +00:00
david
a712b3005d Rewrite is_response_icmp to give access to the encapsulated packet. 
We will want to also get the ICMP ID from the packet.

Remove the now-unused getDestAddrFromICMPPacket function.
 2013-07-17 04:48:02 +00:00
david
febef4cc63 Factor out is_response_icmp. 2013-07-17 04:48:00 +00:00
david
5cc4dbca60 IPv6 OS submissions from 20130614. 2013-07-16 00:51:47 +00:00
david
51a5cb6be5 Service corrections. 2013-07-15 18:53:37 +00:00
david
76c08d0676 sv-tidy. 2013-07-15 18:43:45 +00:00
david
d6c12a1aea Fix bugs found by sv-tidy.py. 2013-07-15 18:43:43 +00:00
david
ac85814463 nmap-os-db typo. 2013-07-15 18:43:41 +00:00
david
5c8e3de7dc Match line typo. 2013-07-15 18:43:38 +00:00
david
97ad7e0d0c Match line typo. 2013-07-15 18:43:36 +00:00
david
1a6612fd44 Done with service submissions. 2013-07-15 18:43:32 +00:00
paulino
8f543adb62 Added http-adobe-coldfusion-apsa1301.nse 2013-07-15 18:10:12 +00:00
paulino
c5b1fe6cf2 -Adds NSE script to exploit APSA13-01 in Adobe Coldfusion. 2013-07-15 16:40:09 +00:00
d33tah
2521c7c692 now that SIGPIPE is not a problem, finally add the chargen script. 2013-07-10 15:17:20 +00:00
d33tah
eba4e034f7 mark the SIGPIPE as done 2013-07-10 15:15:20 +00:00