PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-30 18:19:05 +00:00
Code Issues Projects Releases Wiki Activity
8,025 Commits 2 Branches 0 Tags
9434dd7d2ff7e4fbe1eef82838d2eef3acaa0a95
Commit Graph

8025 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
9434dd7d2f parse_redirect: fill in port number even if authority but not scheme is present. 
For example "//example.com/en/": the function needs to return with
u.port set, just as it would with "http://example.com/en/".
 2013-02-07 23:12:41 +00:00
david
a210d38769 Allow empty path in url.parse. 
I got a redirect of "?p=indisponible" and url.parse returned
{query="p=indisponible"}. Now it returns
{path="", query="p=indisponible"}.
 2013-02-07 22:37:38 +00:00
david
4cdb5301dd 300 and 303 are also HTTP redirects. 2013-02-07 22:28:10 +00:00
david
ac5a479a73 Treat empty port in URL the same as absent. 
RFC 3986 says that these URLs are equivalent:

http://example.com/
http://example.com:/

url.parse was returning port="" for the latter. Make it instead return
port=nil like the former.
 2013-02-07 03:06:30 +00:00
david
1c7c414fbb URL ports have to be decimal digits. 
RFC 3986 section 3.2.3.
 2013-02-07 03:06:29 +00:00
david
45b5d92f3d Don't treat an empty string as an invalid URL. 
To me, this is a relative URL with a path of "". I.e., it refers to the
same document as wherever the URL appeared, like when people do
<form action="" enctype="multipart/form-data" method="POST">
 2013-02-07 02:28:23 +00:00
david
fd7cabf7db Remove some old Linux compatibility code from connect scan. 
This code was quite old (dating from r854 in 2000) and may not serve a
purpose anymore. Let's try removing it.

Apart from being obsolete, the code had a race condition where the
connection could be closed with a RST before getpeername was called,
leading to a fatal error message.
 2013-02-05 04:55:29 +00:00
fyodor
71a6c878ac Add a task suggested by David 2013-02-05 00:03:07 +00:00
david
7c7ffdb756 Typo. 2013-02-02 01:41:50 +00:00
david
2318ff2e70 Remove a too-generic service fingerprint for which we need more data. 
It was listed as "Microsoft UPnP", but was also matching a trivial
golang web server.
 2013-02-01 20:45:12 +00:00
david
37e0241276 CHANGELOG for route metrics. 2013-02-01 05:02:00 +00:00
david
5ab6c9fa93 Sort by metric. 2013-02-01 05:01:59 +00:00
david
8e20e6a65b Show route metrics in --iflist. 2013-02-01 05:01:58 +00:00
david
e2387e4693 Add metric to struct sys_route. 2013-02-01 05:01:57 +00:00
david
f55171a088 Add metric to struct route_entry. 
Actually getting a nonzero value for the metric is supported only on
Linux and Windows.
 2013-02-01 05:01:56 +00:00
paulino
913fbac6d1 Adds entry to detect SCADA SIMATIC S7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/SIEMENS-Simatic-HMI-miniweb.nse 2013-01-31 18:04:40 +00:00
paulino
b3d3553330 Adds entry to detect SCADA Siemens PCS7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/Siemens-PCS7.nse 2013-01-31 18:00:11 +00:00
david
5fd515b039 Get rid of ntohs in ip6_ntop. 
Byte-swapping is handled by the initial loop that reads into an array of
16-bit integers. That initial loop was added by me in r29708.
 2013-01-30 08:47:24 +00:00
david
570a77b414 Use binary strings, not hex strings, internally in ike-version. 
Patch by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/152
 2013-01-30 06:25:32 +00:00
fyodor
1164b75588 Note some done tasks 2013-01-29 00:42:06 +00:00
david
dbdee4792e Keep min/max/avg rtt outputs down to -q. 2013-01-28 22:55:31 +00:00
david
93a245d6e7 Require -v for 'Tx time' and friends in Nping. 2013-01-28 22:55:29 +00:00
david
41b397200b Show ICMP ID and seqno in packet trace by default. 
This was previously limited to ippackethdrinfo's medium detail and
above, which required -v in Nping and -d2 in Nmap.
 2013-01-28 22:34:37 +00:00
patrik
d79e431e7a nse_check_globals cleanup 2013-01-28 04:28:38 +00:00
david
37ab88e840 Change 'VPN' to 'security-misc' in ike-fingerprints. 
We don't have a 'VPN' device type.
http://nmap.org/book/osdetect-device-types.html
 2013-01-28 03:11:21 +00:00
david
710b460ac1 Add ike-version and ike library by Jesper Kückelhahn. 
http://seclists.org/nmap-dev/2013/q1/49
 2013-01-28 03:06:39 +00:00
david
7cb2946d60 Actually set the base addr in NetBlockIPv6Netmask. 
This is needed for proper copying of the scope_id.
 2013-01-26 05:31:33 +00:00
david
249c566196 Have NetBlock::next return the socklen. 
This matters on OS X; with the wrong size, connect scans give "Invalid
argument".
Reported by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/84
 2013-01-26 05:31:33 +00:00
david
010969b77f Set sa_len of IPv4 to sizeof(sockaddr_in), not sizeof(sockaddr_storage). 2013-01-26 05:31:32 +00:00
david
94fd369de7 Clear the sockaddr_in before filling it in. 2013-01-26 05:31:31 +00:00
david
b8e4f8832c Initialize NetBlock members. 2013-01-26 05:31:30 +00:00
dmiller
fd2130bae1 Update categories for jdwp-exec and jdwp-inject 
Categories for both: exploit, intrusive

per http://seclists.org/nmap-dev/2013/q1/105
 2013-01-25 21:23:02 +00:00
david
9827b75f82 Whitespace in http-headers. 2013-01-25 17:43:29 +00:00
david
60600a5a77 Update http-headers output. 2013-01-25 17:43:28 +00:00
david
ac2cf33113 http-headers uses HEAD by default, not GET. 2013-01-25 17:43:27 +00:00
david
6784954eee Use more automatic memory management in nmap_dns.cc. 2013-01-25 06:26:23 +00:00
david
c11ceacc1f Get rid of some struct typedefs. 
C++ does this automatically. We don't need typedefs here, just some
forward declarations.
 2013-01-25 06:26:22 +00:00
david
50a4817671 Remove dynamically allocated fakeargv. 
This used to be used to hold the original argv before quashing with -q.
Now that -q is gone, it was just a copy of argv.

fakeargv was also causing Valgrind to complain about leaked memory. it
wasn't a real leak, but now it's out of the report anyway.
 2013-01-25 06:26:21 +00:00
david
e77a084790 Restore original docs for ip-forwarding.target. 
It was hidden as a @param isntead of an @args.
 2013-01-24 18:11:06 +00:00
david
67fdf7fd63 CHANGELOG for Matousek NSEDoc fixes. 2013-01-24 18:04:43 +00:00
david
67aa5516f4 Fix various NSEDoc problems. 
Found by David Matousek.
http://seclists.org/nmap-dev/2013/q1/88
 2013-01-24 18:04:42 +00:00
david
11ba3ef045 Check NMAP_PRIVILEGED and NMAP_UNPRIVILEGED in Zenmap is_root. 
You won't get the "you're not root" dialog if NMAP_PRIVILEGED is set.
Patch by Tyler Wagner.
http://seclists.org/nmap-dev/2013/q1/87
 2013-01-24 17:18:13 +00:00
fyodor
572c5cf0cc note some new Nping tasks that David and I discussed today and also some debugging results related to a potential nping issue previously discussed 2013-01-23 23:47:38 +00:00
henri
b4400d0a44 Added static inline wrappers to simplify calls to I/O engine functions. 2013-01-23 22:06:40 +00:00
henri
a7f2788b26 Removed another forgotten vestige of nsock_trace. 2013-01-23 22:06:35 +00:00
henri
0e5e939c00 Added a special NSOCK_LOG_NONE value, to disable all messages. 2013-01-23 21:25:01 +00:00
david
eb98386809 Remove vestiges of nsp_settrace. 
Now you call nsock_set_log_function then nsock_set_loglevel.
http://seclists.org/nmap-dev/2013/q1/72
 2013-01-22 23:40:16 +00:00
david
01e4c23692 CHANGELOG a side effect of target refactoring: mixed IPv4 ranges and netmasks. 2013-01-22 00:07:16 +00:00
david
e1fba2d663 Merge r30416:30527 from /nmap-exp/david/ipv6-ranges. 
This is a refactoring of target parsing that stores different types of
target specifications as different classes. The eventual intention is to
allow easy iteration over each specification for the purpose of IPv6
multicast host discovery.
 2013-01-22 00:01:08 +00:00
david
d04f16eb32 Add more to the CHANGELOG about slack descriptors. 2013-01-21 04:44:33 +00:00