PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity
9,433 Commits 2 Branches 0 Tags
877eee826c46c94ec848e55c2d40b0524da4f9b6
Commit Graph

9433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
877eee826c Fix compilation on VS2013 2014-11-11 18:56:06 +00:00
dmiller
680dd540eb Fix a compiler error on VS2013 2014-11-11 18:56:05 +00:00
dmiller
7797826e5d Silence a compiler warning on VS2013: not all code paths return a value 2014-11-11 06:06:46 +00:00
dmiller
16bbe3719c Fix undefined symbol error on Windows 2014-11-11 05:19:50 +00:00
dmiller
e5b1214a73 Note a done infrastructure task 2014-11-10 16:16:31 +00:00
dmiller
c85bb0b54f Correct logic on checking for SHA1 certificate in ssl-enum-ciphers 2014-11-10 16:16:29 +00:00
dmiller
4e3baad093 Relax ssl-enum-ciphers' timeout to allow time for server processing 2014-11-10 16:16:27 +00:00
fyodor
e806585cdd o [NSE] Updated our Wordpress plugin list to improve the 
http-wordpress-plugins NSE script. We can now detect 34,077 plugins,
  up from 18,570. [Danila Poyarkov]
 2014-11-10 05:37:39 +00:00
dmiller
c05d3704b7 Clarify documentation about -sn 
See http://unix.stackexchange.com/q/87935/16171
 2014-11-08 00:03:48 +00:00
dmiller
e3024a6463 Documentation for new ssl-enum-ciphers rating system 2014-11-07 21:52:49 +00:00
dmiller
8f414cfc3a Correct conversion of DH key size to RSA bit strength equivalent 2014-11-07 21:41:38 +00:00
dmiller
8101fa65e0 Remove ssl-ciphers data file 2014-11-07 18:05:10 +00:00
dmiller
222b2a009d Use internal cipher/handshake scoring system instead of static datafile 2014-11-07 16:39:26 +00:00
dmiller
e11a8609a7 Remove unnecessary vars and redistribute declarations 2014-11-07 16:39:24 +00:00
dmiller
111fbe4b41 Modify some offensive terminology in comments. 2014-11-05 15:02:09 +00:00
dmiller
b73dc0e762 Restructure try_params to return all recieved records 
No functional change to the script, but this allows callers to check for
various alerts or other handshake messages (certificate,
server_key_params, client_certificate_request, etc).
 2014-11-05 14:41:50 +00:00
dmiller
f365b81c23 Add server certificate message parsing to tls.lua 2014-11-05 05:55:54 +00:00
dmiller
2871ba3e6c New function, sslcert.parse_ssl_certificate 
For reasons, the function is exported from nse_ssl_cert.cc into
nmap.socket, then included and documented in sslcert.lua because it fits
better there.
 2014-11-05 05:55:52 +00:00
dmiller
aeae800545 Clean up line endings (stray \r) 2014-11-03 21:40:57 +00:00
dmiller
040b813986 tls.lua: get info about a cipher suite by parsing its name 2014-11-03 21:29:31 +00:00
dmiller
53f7a37b7d Add config.h entries for PCAP_NETMASK_UNKNOWN 2014-11-03 02:47:53 +00:00
dmiller
8107625fbb Integrate more service fingerprints 2014-11-02 13:35:08 +00:00
sophron
52589ae6d1 [NSE] Added sanity check in data/http-devframework-fingerprints.lua 2014-11-02 11:49:56 +00:00
dmiller
9f34a29778 Correct script-args docs for http-virustotal 2014-11-01 12:57:32 +00:00
dmiller
80f18a2bc7 Add configure test for PCAP_NETMASK_UNKNOWN 2014-10-31 13:28:12 +00:00
dmiller
f8ef3f48da Fix detection of CVE-2011-2523 
http://seclists.org/nmap-dev/2014/q4/130
 2014-10-30 13:14:02 +00:00
dmiller
413f8b5176 Remove standalone="yes" from xml output 
This is complicated: a validating parser needs to know how to handle
whitespace (as ignorable markup or as a whitespace node). The default is
to treat it as a whitespace node, and the standalone="yes" tells it that
the document can be handled as such, since there is no internal doctype
definition that says otherwise. But then, when we try to validate
against our DTD, the parser sees that some elements are defined with
element-only content, which conflicts with the standalone default.

References:
http://www.w3.org/TR/REC-xml/#sec-rmd
http://bytes.com/topic/net/answers/553902-standalone-yes
 2014-10-30 13:14:00 +00:00
dmiller
183566948f Update some xml.cc comments and add encoding and standalone declarations 
Explanatory comments within, but this came from reading the XML 1.0
spec. See some history:

http://seclists.org/nmap-dev/2013/q4/48 - Added DOCTYPE
http://seclists.org/nmap-dev/2014/q2/82 - broke Zenmap
http://seclists.org/nmap-dev/2014/q3/331 - reduced DOCTYPE
 2014-10-29 14:46:11 +00:00
dmiller
c7e5ad67b5 Do optimization of pcap filters via set_pcap_filter 
Optimizing reduces BPF instructions from 45 to 10 for large-scan case.

Also use PCAP_NETMASK_UNKNOWN instead of 0 since we don't provide a
netmask.
 2014-10-29 05:31:08 +00:00
dmiller
f9474cd0fd Fix a typo (minimum vs maximum) 2014-10-29 05:31:07 +00:00
fyodor
39e3463061 Note a done task 2014-10-27 18:12:58 +00:00
dmiller
27948e1588 Fix file permissions and missing require in http-avaya-ipoffice-users 2014-10-27 13:04:47 +00:00
dmiller
a1d984a66b Fix a couple off-by-one errors in parsing multiple TLS records 
Reported by Kent Fritz: http://seclists.org/nmap-dev/2014/q4/104
 2014-10-26 16:22:21 +00:00
dmiller
c4ad3ff4d6 Fix some error handling in ssl scripts 2014-10-25 18:58:18 +00:00
tomsellers
e11e03fa50 Add the signature algorithm that was used to sign the target port's x509 (TLS) certificate to the output of ssl-cert.nse 
http://seclists.org/nmap-dev/2014/q4/44
 2014-10-25 18:56:38 +00:00
tomsellers
ea749d785b Fixed a bug in the sslcert.lua library that was triggered against certain services when version detection was used. 
http://seclists.org/nmap-dev/2014/q4/110
 2014-10-25 18:38:17 +00:00
dmiller
9cb2800c97 Revert r33755 (broken fix) 2014-10-25 12:18:15 +00:00
dmiller
553e827110 sslcert: if -sV detects ssl, then no STARTTLS is needed 2014-10-25 12:09:55 +00:00
dmiller
a047985f19 Make SCSV check in ssl-poodle backwards-compatible 2014-10-23 16:01:03 +00:00
dmiller
a03556f7c4 Update .po files 2014-10-23 15:16:52 +00:00
dmiller
7f2853788e Regen de.mo 2014-10-23 15:16:49 +00:00
dmiller
edc715fd9f Update de.po (http://seclists.org/nmap-dev/2014/q4/47) 2014-10-23 15:16:47 +00:00
dmiller
eeb5f41932 Compatibility check for ssl-poodle 2014-10-23 15:16:45 +00:00
dmiller
29ce5da5a1 Fix man pages, corrupted from auto-generation 
The docbook-to-nroff XSL pages turn indexterms into nroff comments, but
have a bug: If the closing indexterm element is not followed by
whitespace and cdata, then the following element or cdata is stuck on
the same line as the comment. Fixed this temporarily by introducing
whitespace between </indexterm> and following cdata or by moving the
indexterm elements after any other element (<command>, <term>, etc.)
that they reference.
 2014-10-22 19:24:28 +00:00
dmiller
e9354a4793 Add TLS_FALLBACK_SCSV checking to ssl-poodle 2014-10-22 17:01:19 +00:00
dmiller
db098b4e8d Fix a bug (false-negative) in ssl-poodle 2014-10-22 17:01:17 +00:00
dmiller
814bf97a8f Correctly null-terminate some strings in idle_scan 
Reported by Gisle Vanem: http://seclists.org/nmap-dev/2014/q4/82
 2014-10-22 12:56:32 +00:00
dmiller
fefcca1623 Add ssl-poodle 2014-10-21 14:08:34 +00:00
dmiller
dc7d16ca4c Note a done task 2014-10-21 05:50:37 +00:00
dmiller
3b6ea5a9e5 Fix Ncat crash on concurrent ssl connections 
Reported on debian bugtracker here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724580

We can't remove an fdinfo from client_fdlist and still expect to access
the fdinfo via a pointer we got from get_fdinfo(&client_fdlist) since
rm_fd() modifies the data at the address pointed to. So instead of
removing it from the list and then adding it right back, we just don't
remove it in the first place.
 2014-10-21 05:50:36 +00:00