PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-07 15:09:01 +00:00
Code Issues Projects Releases Wiki Activity
6,907 Commits 2 Branches 0 Tags
a177d866010ad21dc7bcdf1735fc024efd5e2034
Commit Graph

6907 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
a177d86601 add is_secure_dir function. 2012-05-18 16:34:38 +00:00
batrick
3498086354 Corrected buggy formatting from lua-format. David had used the Lua formatter in 
r28582.
 2012-05-18 03:59:14 +00:00
fyodor
5efa8bccee Improve the nsedoc for duplicates script slightly. The attempt to make a list wasn't rendered as one by nsedoc, so I just switched it to a comma-separated list for now 2012-05-18 02:48:13 +00:00
david
b838110933 Add more rationale for not installing suid root. 2012-05-18 01:27:15 +00:00
david
8d621f91aa Show a warning if we are running setuid or setgid. 2012-05-18 01:27:14 +00:00
david
824834bbf3 Expand an OS fingerprint. 2012-05-17 22:51:25 +00:00
david
37d623d070 Limit the errors that cause Sendto to sleep and retry. 
Sendto has logic to automatically sleep and retry a send if it fails.
Fyodor tells me that it was once necessary because of some transient
buffer shortage, though we can't remember the exact error it was in
response to.

The retry looks as though it has been slowly growing a list of
exceptional error codes for which sleeping is not done:
	EPERM EACCES EMSGSIZE EADDRNOTAVAIL EINVAL
The latest was EMSGSIZE in r19378.

I changed this to only sleep on specific errors. Not knowing what the
original error was, I have guessed
	ENOBUFS ENOMEM
 2012-05-17 22:04:13 +00:00
kroosec
9d37d8bdca Added fallback to GET + body grepping for servers that return non 404 status codes for inexisting files. 2012-05-17 11:46:00 +00:00
david
70d728ffcf Make "failed to determine route" a warning, not a fatal error. 2012-05-16 23:50:03 +00:00
kroosec
1e936a2eda Added http-drupal-modules.nse to script.db 2012-05-16 08:10:27 +00:00
fyodor
0e73946e9b Add an entry about our awesome Summer of Code team 2012-05-16 07:57:16 +00:00
fyodor
29f4bb2f34 Add a trivial task 2012-05-16 07:44:47 +00:00
kroosec
1baf0077b0 CHANGELOG for http-drupal-modules.nse 2012-05-16 00:18:57 +00:00
kroosec
ced6a8cc01 o [NSE] Added the script http-drupal-modules, which enumerates the installed 
Drupal modules using drupal-modules.lst. [Hani Benhabiles]
 2012-05-16 00:14:16 +00:00
fyodor
affa202a75 Add a todo entry about fixing NSE pipelining 2012-05-15 21:16:49 +00:00
david
16334a19f6 Reindent http-fingerprints.lua using lua-format. 
lua-format is Patrick's script and the reformatted file was done by
stripes.
 2012-05-15 04:00:57 +00:00
david
fba5e4307a Fix backslash escapes in Windows paths in http-fingerprints.lua. 
With the luac from Lua 5.2.0 I got this error:
luac: http-fingerprints.lua:2781: invalid escape sequence near '\.'
 2012-05-15 03:24:35 +00:00
david
ab293593f1 CHANGELOG for http-vuln-cve2012-1823.nse. 2012-05-15 00:08:32 +00:00
fyodor
0eae74e0c0 add a task about detecting suid operation and printing a warning, and also note a finished task 2012-05-14 21:57:11 +00:00
aca
85066093de Rewrite of ftp-brute.nse script 
Rewriten original ftp-brute.nse script to use 
brute library to perform password guessing.
 2012-05-14 21:53:37 +00:00
patrik
60c62a3514 o [NSE] Added the script dict-info, which retrieves information from a 
DICT server, by issuing the SHOW SERVER command. [Patrik Karlsson]
 2012-05-14 21:37:39 +00:00
patrik
b1fa1f567c o [NSE] Added the script gkrellm-info, which displays information retrieved 
from the GKRellm monitoring service. [Patrik Karlsson]
 2012-05-14 21:34:01 +00:00
patrik
2a3a2520fa o [NSE] Added the script ajp-request, which adds support for creating custom 
Apache JServer Protocol requests. [Patrik Karlsson]

o [NSE] Added the script ajp-brute, which enables password brute force auditing
  against the Apache JServ Protocol service. [Patrik Karlsson]
 2012-05-14 21:30:24 +00:00
patrik
aeb0cbb546 Added more AJP methods 2012-05-14 21:23:06 +00:00
patrik
45164ba18c Changed so that the stdnse.get_hostname method is used to determine the contents of the 
Host request header.
 2012-05-13 12:16:38 +00:00
david
c5cf1ab6e2 ru.po typo correction from Dmytro Soloviov. 2012-05-13 09:04:30 +00:00
robert
bc73457e5f Updated the hash information in http-php-version to include PHP/5.4.1-5.4.3 and 5.3.11-5.3.13. 2012-05-13 08:43:50 +00:00
david
4c5022b100 Fix the fd6 condition for SIOCGLIFFLAGS. 2012-05-13 01:20:56 +00:00
david
7cfee5944c Don't let Solaris IPMP devices appear as Ethernet. 2012-05-12 23:27:49 +00:00
patrik
2842c85900 updated script documentation 2012-05-11 17:15:07 +00:00
david
01a613f7a8 Typo. 2012-05-11 15:38:05 +00:00
david
25fdaf95f3 Use a large initial buffer in the call to GetAdaptersAddresses. 
GetAdaptersAddresses is supposed to return ERROR_BUFFER_OVERFLOW and set
len to the required size when len is too small. So normally we would
call the function once with a small len, and then again with the longer
len. But, on Windows 2003, apparently you only get ERROR_BUFFER_OVERFLOW
the *first* time you call the function with a too-small len--the next
time you get ERROR_INVALID_PARAMETER. So this function would fail the
second and later times it is called.

So, make the first call using a large len. On Windows 2003, this will
work the first time as long as there are not too many adapters. (It will
still fail with ERROR_INVALID_PARAMETER if there are too many adapters,
but this will happen infrequently because of the large buffer.) Other
systems that always return ERROR_BUFFER_OVERFLOW when appropriate will
enlarge the buffer if the initial len is too short.
 2012-05-10 21:29:54 +00:00
david
cc0f2e1e54 Don't use LIFC_UNDER_IPMP if it's not defined. 2012-05-10 20:45:30 +00:00
aca
e5b0d24607 Small patch to rdp-vuln-ms12-020.nse 
Windows resets the connection if we try to reconect too fast to the same port after doing a SYN scan and not completing the handshake. In my tests, sleep values above 0.1s prevent the connection reset so it's set to 0.2 .
 2012-05-08 20:51:16 +00:00
paulino
96c6cd7780 Adds http-vuln-cve2012-1823.nse - This script detects PHP-CGI installations that are vulnerable to CVE-2012-1823. This vulnerability is critical and it allows attackers to retrieve source code and execute code remotely. 2012-05-08 05:56:04 +00:00
david
49aafa4a38 Use LIFC_UNDER_IPMP when enumerating Solaris interfaces. 
An IPMP interface is a special kind of interface made up of other
interfaces. The other interfaces are hidden by default unless this flag
is passed to ioctl(SIOCGLIFCONF). This allows me to scan over an IPMP
interface in a simple setup.
 2012-05-07 21:41:57 +00:00
fyodor
8742d23477 add a feature creeper task idea for resolving compile warnings 2012-05-07 21:06:51 +00:00
patrik
08d35bad20 Added IP information to the returned result and added support for collecting multiple 
responses.
 2012-05-07 20:16:15 +00:00
patrik
bc7f0106a2 o [NSE] Added the script broadcast-tellstick-discover, which discovers Telldus 
Technologies TellStickNet devices on the LAN. [Patrik Karlsson]
 2012-05-07 20:01:25 +00:00
patrik
d02dafb630 o [NSE] Added the Apache JServer Protocol (AJP) library and the scripts 
ajp-methods, ajp-headers and ajp-auth. [Patrik Karlsson]
 2012-05-07 18:49:22 +00:00
patrik
cec2dd7816 Fixed a bug reported by Josh Greenwood that would incorrectly detect a host having IP 
forwarding enabled if the scanned host was the same as the probe target.
 2012-05-05 19:44:46 +00:00
david
9dbfcba8d2 extrainfo shouldn't be a <special field>. 2012-05-05 18:02:45 +00:00
david
ec027e9085 Let get_best_osmatch keep the original XML ordering. 
Ties in accuracy are broken by osmatches' relative position in the XML
file, because Nmap writes results in descending accuracy order.
 2012-05-05 18:02:43 +00:00
david
cac71422e8 Make osclasses a substructure of osmatch. 2012-05-05 18:02:41 +00:00
david
56b7063aa9 Use a header file constant for xmloutputversion. 2012-05-05 18:02:37 +00:00
david
0c8d6c9af1 Typo. 2012-05-05 18:02:34 +00:00
david
1599aa6fe8 Make osclass XML elements children of the osmatch element they belong to. 
Add the --deprecated-xml-osclass to restore the old output.
 2012-05-05 18:02:33 +00:00
david
20b56cb6a2 Factor out XML osmatch and osclass logging. 2012-05-05 18:02:30 +00:00
david
ef2987bc68 Don't print_iflist until after win_init. 2012-05-05 00:43:35 +00:00
fyodor
a83f94efcc Add a planned change to OS detection XML output, and note a done task 2012-05-04 21:20:19 +00:00