PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 12:19:02 +00:00
Code Issues Projects Releases Wiki Activity
7,399 Commits 2 Branches 0 Tags
86d1f0db479a4635523366ec58ed5d252b13dcf5
Commit Graph

116 Commits

Author SHA1 Message Date
dmiller
86d1f0db47 Fix ARP decoder in packetdecoders.lua 
Was throwing an exception when parsing a packet with a source IP that
had a fourth octet greater than 127, since the %d format specifier used
in the dups check is for signed integers, and the IP is little-endian.
Switched to %u (unsigned int) and it works great.
 2012-08-15 19:25:44 +00:00
kroosec
8ff4cebbf7 Moved EIGRP decoding in packetdecoders.lua to use eigrp.lua library. 2012-08-15 09:17:20 +00:00
aca
16aa7a938d Merged jdwp library, scripts and java classes into trunk 2012-08-14 11:31:08 +00:00
david
1441aea655 Reduce the number of names tried by http-vhosts by default. 
Vlatko reported that this script was taking an inordinate amount of time
even in typical scans. This patch reduces the number of domains tried by
default. The new http-vhosts.filelist script argument allows
substituting the original list or another of your choosing.

Patch by Vlatko.
http://seclists.org/nmap-dev/2012/q3/432
 2012-07-29 03:39:11 +00:00
perdo
09f7b93949 Modify http-enum and http-fingerprints file so they work with http pipeline better. 2012-07-23 21:55:13 +00:00
dmiller
1aeec5790e Add more ssl-ciphers strength ratings 
Ratings generated with this perl script:
https://gist.github.com/3130353
 2012-07-18 22:14:30 +00:00
kroosec
aac6c1d03a Added OSPF support to broadcast-listener. 2012-07-13 15:02:09 +00:00
perdo
3b8c88aac4 Added a list of common sql errors. 2012-06-30 12:28:15 +00:00
perdo
f7a02d8d19 Added a list of webpage file formats. 2012-06-25 17:56:21 +00:00
aca
ba5a79acdc Added few aditional credentials to http-default-accounts fingerprints 2012-06-22 16:06:05 +00:00
patrik
bb359adaa1 Played a round of nse_check_globals and fixed a bunch of reported problems. 2012-06-15 19:32:36 +00:00
kroosec
2710e91ece ssl-fingerprints: Updated to use littleblackbox v0.1.3 database. 2012-06-13 01:02:54 +00:00
batrick
a04314beaa Add missing requires. 2012-05-29 18:34:34 +00:00
patrik
bdad2689ab added 'require' for missing libraries 2012-05-29 18:31:22 +00:00
patrik
425ced35ab o Improved the mysql library to handle multiple columns with the same name, 
added a formatResultset function to format a query response to a table
  suitable for script output. [Patrik Karlsson]
 2012-05-19 12:23:41 +00:00
batrick
3498086354 Corrected buggy formatting from lua-format. David had used the Lua formatter in 
r28582.
 2012-05-18 03:59:14 +00:00
kroosec
ced6a8cc01 o [NSE] Added the script http-drupal-modules, which enumerates the installed 
Drupal modules using drupal-modules.lst. [Hani Benhabiles]
 2012-05-16 00:14:16 +00:00
david
16334a19f6 Reindent http-fingerprints.lua using lua-format. 
lua-format is Patrick's script and the reformatted file was done by
stripes.
 2012-05-15 04:00:57 +00:00
david
fba5e4307a Fix backslash escapes in Windows paths in http-fingerprints.lua. 
With the luac from Lua 5.2.0 I got this error:
luac: http-fingerprints.lua:2781: invalid escape sequence near '\.'
 2012-05-15 03:24:35 +00:00
fyodor
2a2e929ed6 add check for /phpinfo.php. Example: http://ws1.surf-town.net/phpinfo.php 2012-04-04 02:04:42 +00:00
david
508f4e6155 Add .hgignore while we're at it. 2012-04-01 07:01:21 +00:00
david
b45b64af0d Add .gitignore and .bzrignore to http-fingerprints. 2012-04-01 04:39:19 +00:00
david
479b92ae0b Add a comment to wp-plugins.lst with a link to the script used to make it. 2012-03-08 21:21:51 +00:00
david
1bcc757d28 Updated wp-plugins.lst from Ange Gutek. 2012-03-07 03:22:23 +00:00
tomsellers
9f4fcc4da5 [NSE] Added support to broadcast-listener for extracting address, native vlan and management IP address from CDP packets. 2012-02-25 17:18:22 +00:00
tomsellers
8a0931b752 Improved EIGRP processing for broadcast-listener. The pattern match was insufficient so I added a check for IP protocol 88. 2012-02-14 23:38:01 +00:00
tomsellers
7807926f15 [NSE] Added support for decoding EIGRP broadcasts from Cisco routers to broadcast-listener.nse 2012-02-12 21:20:16 +00:00
patrik
fccccff960 * bugfixes to several http scripts related to new redirect code in http 
library
* added option to httpspider that allows passing the redirect_ok closure to
  the http library
[Patrik]
 2012-02-11 22:37:14 +00:00
patrik
bd1b7dfaad o [NSE] Applied patch to http-fingerprints adding support for identifying DCVS 
systems Git, Mercurial and Bazaar. [Hani Benhabiles]
 2011-12-25 21:57:11 +00:00
patrik
215f697171 o Added new fingerprints to http-enum for Subversion, CVS and Apache Archiva 
[Duarte Silva]
 2011-12-18 19:11:24 +00:00
patrik
acb1455874 o [NSE] Applied patch that replaces a number of GET requests to HEAD in http- 
fingerprints.lua where no matching was performed on the returned contents.
  [Hani Benhabiles]
 2011-12-06 15:57:21 +00:00
david
46bcc85069 Add some more JBoss fingerprints. 
These are from a talk I saw recently (page 19).
http://www.matasano.com/research/OWASP3011_Luca.pdf
 2011-12-02 19:28:54 +00:00
david
3c75f0f43c New Wordpress http fingerprint from Duarte Silva. 2011-11-06 22:37:22 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
paulino
859e35bc2e Adds entry for Easy Hosting Control Panel. There are a lot of vulnerable installations and an auth bypass vulnerability: 
http://www.1337day.com/exploits/17010
 2011-10-04 07:46:16 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
44fcc2f455 ssl-enum-ciphers update for cipher strength from Gabriel Lawrence. 2011-09-14 17:57:47 +00:00
patrik
ae75aa7fd3 o [NSE] Added new default credential list for Oracle and modified the 
oracle-brute script to make use of it. [Patrik]
 2011-09-05 08:13:34 +00:00
patrik
a1d515e548 o [NSE] Added script broadcast-listener that attempts to discover hosts by 
passively listening to the network. It does so by decoding ethernet and IP
  broadcast and multicast messages. [Patrik]
 2011-08-10 16:46:55 +00:00
gorjan
d509ad055a Adding the optimized snmp-brute script, unpwdb library , snmpcommunities wordlist 2011-08-03 21:37:27 +00:00
paulino
deded46038 Adds apache axis2 login signature. 2011-07-15 23:43:10 +00:00
paulino
6a8a10794f Adds more paths for Coldfusion and Apache Axis2 2011-07-15 23:33:03 +00:00
paulino
b291f28e62 Added new entries for awstats totals under 'general' 2011-07-11 07:48:16 +00:00
paulino
248b53abfa Adds entries under 'attack' for: 
-OrangeHRM: http://www.exploit-db.com/exploits/17212/
-Tikiwiki: http://www.exploit-db.com/exploits/1244/
 2011-07-09 20:44:22 +00:00
paulino
0528868eb9 Includes new fingerprints for Joomla submitted by Hani, moves drupal signatures to the cms section and adds new ones for Cisco, Airaya and Cirronet routers 2011-07-09 20:29:11 +00:00
paulino
84a4bb2506 Added signature of a Cisco router 2011-07-08 18:44:23 +00:00
paulino
4348f6fa07 Adds fingerprints for Drupal and Arris 2307 2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d Adds new fingerprint and new login template. 2011-07-04 20:56:06 +00:00
paulino
4f21388faa Adds http-default-accounts fingerprint database 2011-07-01 21:43:53 +00:00
paulino
5fcfb8abc6 * Adds Wikipedia path to the wiki signatures. 2011-07-01 20:47:06 +00:00