PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 17:39:03 +00:00
Code Issues Projects Releases Wiki Activity
5,817 Commits 2 Branches 0 Tags
8d715c7a48631d3fc71bb456061b17dcffdbdffc
Commit Graph

5817 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
262ec8f7d7 Keep a std::string in scope when accessing its c_str. 
The std::string was being created and deleted in a single statement, so
its c_str pointer pointed to freed memory. This could be seen with

valgrind nmap --exclude foo
 2011-07-29 20:43:31 +00:00
david
50ec56fa67 200 OS submissions. 2011-07-29 10:25:40 +00:00
david
7b78da216f Use static allocation of OsScanInfo and HostOsScan. 
These classes are essentially containers for global state and functions,
so there's no need for new/delete.
 2011-07-28 18:45:14 +00:00
david
f27e6a78fa 400 OS submissions. 2011-07-28 05:50:34 +00:00
patrik
1097d0c42d Added documentation for credentials passed through script-args. [Patrik] 2011-07-27 12:05:42 +00:00
fyodor
6997c37102 Add a task to make sure we don't forget to make the Nping --safe-payloads option default 2011-07-27 09:01:22 +00:00
luis
db417445b4 Add a couple of items, related to the echo server 2011-07-27 08:54:27 +00:00
paulino
c8c2ef76d0 Fixes typo in default fingerprint file 2011-07-27 04:56:41 +00:00
paulino
ec63b8a647 Adds support for passing arguments without the script name. 2011-07-27 04:32:01 +00:00
paulino
26dc09ad43 Gets arguments with stdnse.get_script_args instead of reading them from nmap.registry 2011-07-27 03:28:13 +00:00
paulino
338ed74779 Gets arguments with stdnse.get_script_args instead of reading them from nmap.registry 2011-07-27 03:26:01 +00:00
paulino
0e9a3e994d Gets arguments with stdnse.get_script_args() instead of reading them from nmap.registry 2011-07-27 03:24:17 +00:00
david
01088b879f 400 OS submissions. 2011-07-26 23:42:24 +00:00
fyodor
e165a0e39f Removed some comments which were causing the action function to be documented in a non-useful way on the web. It should have probably used just two dashes rather than starting with 3 and becoming an nsedoc comment. But since it just said MAIN, I simply removed the comment lines 2011-07-26 21:35:20 +00:00
david
13a31a8cb9 Make str2AVal not modify its argument. 
This is nice for its own sake, but it's really so that the error message
makes sense. The string had had a bunch of '\0' bytes inserted and the
string in the error message didn't match the argument.
 2011-07-26 20:48:03 +00:00
luis
08509380d6 Last set of minor style fixes 2011-07-26 12:04:21 +00:00
luis
ba25118e0e Make the file consistent: fix indentation replacing tabs with spaces 2011-07-26 12:04:12 +00:00
luis
bbda5dfd90 Minor style fixes 2011-07-26 12:04:08 +00:00
luis
6defb790d2 Add some comments to the top of functions 2011-07-26 12:04:04 +00:00
luis
ad3e5dadc2 Add some comments and remove some unused code 2011-07-26 12:03:49 +00:00
luis
3f3fc7dc07 Replace some tabs with spaces, and some other minor style fixes 2011-07-26 12:03:44 +00:00
luis
2ccd8a60cb Add doc for get_initial_ttl_guess() 2011-07-26 12:03:40 +00:00
luis
46eeeb0b1e Minor comment fixes 2011-07-26 12:03:21 +00:00
luis
c9cefab5fc Reorganized source file so methods of the same class are grouped together 2011-07-26 12:03:18 +00:00
luis
da576f15bd Minor whitespace, indentation and style fixes 2011-07-26 12:03:15 +00:00
luis
2ea0f04494 Move class definitions to the header file 2011-07-26 12:03:12 +00:00
luis
68911fc5ad Move typedef to the header file 2011-07-26 12:03:09 +00:00
patrik
89d1f3b8d3 o [NSE] Added the library xmpp.lua and the script xmpp-brute that performs 
brute force password auditing against XMPP (Jabber) servers. [Patrik]
 2011-07-26 06:54:19 +00:00
patrik
6714caede8 Fixed a bug that would prevent the script from displaying any output unless 
being run in debug mode. [Patrik]
 2011-07-26 06:46:12 +00:00
fyodor
c2c163b856 The *-brute scripts traditionally go in the auth category rather than brute. I think this was an accident, but creating a brute category might not be a bad idea 2011-07-26 01:06:42 +00:00
fyodor
5d7b067b66 Add credit for two funding souces (Google Summer of Code and DARPA CINDER program) 2011-07-26 00:58:06 +00:00
david
a652d29ac6 Whitespace. 2011-07-25 23:33:16 +00:00
david
f56c0d0f77 Make dummy struct operator() const. 
Solves a compile error with Visual C++ 2008.
 2011-07-25 23:31:17 +00:00
djalal
6bb9ad1e80 Added the print_hex() fix CHANGELOG entry. 2011-07-25 23:18:51 +00:00
djalal
3ce7d52800 o [NSE] Improved the NSEDoc of the print_hex() function. [Chris Woodbury] 2011-07-25 23:12:51 +00:00
djalal
47345ac696 o [NSE] Do not print an empty line if there are no remaining characters. 
This patch was contributed by Chris Woodbury.
 2011-07-25 23:09:24 +00:00
djalal
950e435921 o [NSE] Make smb-security-mode run by default. 2011-07-25 21:40:31 +00:00
fyodor
f721f56852 latest task updates 2011-07-25 21:14:42 +00:00
luis
660c91ee57 Minor style changes 2011-07-25 18:39:54 +00:00
luis
80a8a8a418 Change explicit definition of struct osscan_timing_vals to a typedef in the header file 2011-07-25 18:36:05 +00:00
luis
35ef43f711 Change explicit definition of os_scan_performance_vars to a typedef in the header file 2011-07-25 18:34:03 +00:00
luis
4faf19f738 Move constant definitions to the osscan2 header file 2011-07-25 18:30:05 +00:00
patrik
5e954c65a9 Added support for comments in the credential_iterator [Patrik] 2011-07-25 17:59:05 +00:00
paulino
a8df084c1f Adds http default ports for LiteSpeed Web Server. 2011-07-24 21:26:37 +00:00
paulino
a6c86e4769 Adds entry about http-litespeed-sourcecode-download and http-axis2-dir-traversal 2011-07-24 21:16:15 +00:00
paulino
d4054187e4 Adds http-axis2-dir-traversal: 
http-axis2-dir-traversal exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter <code>xsd</code> (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service <code>'/conf/axis2.xml'</code> using the path <code>'/axis2/services/'</code> to return the username and password of the admin account.
 2011-07-24 21:10:04 +00:00
paulino
c43e0bb970 Added http-litespeed-sourcecode-download: 
http-litespeed-sourcecode-download.nse exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333).

If the server is not vulnerable it returns an error 400. If index.php is not found, you may try /phpinfo.php which is also shipped with LiteSpeed Web Server. The attack payload looks like this:
* <code>/index.php\00.txt</code>

References:
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2333
* http://www.exploit-db.com/exploits/13850/
 2011-07-24 20:13:42 +00:00
shinnok
e2fcc14fe2 Update my TODO file. 2011-07-22 21:55:18 +00:00
shinnok
a83e27c0fb Update CHANGELOG with the Ncat blocking ssl handshakes fix. 2011-07-22 21:43:24 +00:00
djalal
bd6d08232d Added the '--script-help' option to the Nmap usage. 2011-07-22 10:59:07 +00:00