PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-02 04:49:02 +00:00
Code Issues Projects Releases Wiki Activity
10,486 Commits 2 Branches 0 Tags
a2b5a1a5f922b48dc34ac276a706c7e68eb8e65a
Commit Graph

10486 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
vincent
a2b5a1a5f9 Check for EVP_PKEY_get1_EC_KEY(), based on @jer-gentoo's work 2016-08-02 12:20:06 +00:00
vincent
c4c93166f1 Correct usage of RSA_get0_key according to OpenSSL version 2016-08-02 11:55:04 +00:00
vincent
107f4f2e9b Correct problem 2016-08-02 11:47:04 +00:00
vincent
2080807052 Correct qualifiers for arguments of RSA_get0_key, by gvanem 2016-08-02 11:38:52 +00:00
fyodor
e398e6f1f2 Add missing rarity level to kumo-server probe as suggested by xbguo at http://seclists.org/nmap-dev/2016/q3/78 2016-08-01 21:37:11 +00:00
vincent
bd1108c442 Update CHANGELOG for OpenSSL 1.1.0-pre5 and previous versions 2016-08-01 09:41:58 +00:00
vincent
aedd25c3a2 Add compatibility with OpenSSL 1.1.0 pre5 and previous versions 
Add some checks to know which OpenSSL version is used, to be sure
the code follows the syntax of the version used (including 1.1.0).
 2016-08-01 09:34:56 +00:00
dmiller
8c8e4a08c6 Be clearer about npf/npcap service status in Nping, just like r36061. Fixes #485 2016-08-01 04:43:33 +00:00
dmiller
3db511e83d Consolidate warnings about npf service, avoid starting if --unprivileged. Fixes #465 2016-07-31 19:26:39 +00:00
dmiller
28bd96b82e Reorder checks and libs to fix building when OpenSSL requires -ldl 2016-07-31 13:57:01 +00:00
paulino
26bec9be41 Fixes incorrect argument name in documentation 2016-07-30 21:58:56 +00:00
dmiller
b8fb5be8a1 Sanity check on IPv6 addresses: they must be 128 bits or less 2016-07-30 03:54:01 +00:00
dmiller
74cade6f39 Avoid some theoretical null pointer derefs 2016-07-30 03:54:00 +00:00
dmiller
7f6595112d Better use of configured flags when building Nsock tests 2016-07-30 03:53:59 +00:00
dmiller
56f3573609 Fix interaction of --ssl --exec --max-conns 2016-07-30 00:13:18 +00:00
dmiller
dbbc420d99 Avoid 1-byte buffer overflow due to not allocating for null terminator 2016-07-30 00:13:17 +00:00
nnposter
367dc67f5a Re-wrapped description output in script ssl-poodle. Fixes #481 2016-07-29 21:47:27 +00:00
nnposter
b9c4c12462 Re-wrapped description output in script ssl-dh-params. Fixes #476 2016-07-29 16:50:32 +00:00
dmiller
0b8b1097ab Changelog entry for bounce scan changes 2016-07-29 16:24:00 +00:00
dmiller
228794974a Adjust indentation for clarity 2016-07-29 16:23:59 +00:00
dmiller
181599884b Bounce scan: handle timed-out LIST by sending ABOR and clearing recv buffer 2016-07-29 15:50:49 +00:00
dmiller
09eef559c3 Bounce scan: avoid array overrun (read) by checking index instead 2016-07-29 15:50:48 +00:00
dmiller
b6dfce6217 Bounce scan: don't claim privileged ports are unsupported if one succeeded previously 2016-07-29 15:50:47 +00:00
dmiller
204962648c Bounce scan: detect no-password-needed logon 2016-07-29 15:50:47 +00:00
dmiller
bb9d03269c Fix bin.pack('H') to allow whitespace, force crash on non-hex chars 2016-07-28 18:51:40 +00:00
dmiller
8b18e348db Avoid array overrun with -PO when probes time out 2016-07-28 16:19:49 +00:00
dmiller
5d726c7733 Handle ICMPv6 packets without a body 
Two issues here: First, IP protocol scan can send packets with protocol
58 (ICMPv6) even over IPv4. This led to a bad interaction where the
packet was created (in build_protoscan_packet) without a data payload,
but setIP tried to set the packet's Identifier field (present in both
ICMPv6 and ICMP Echo Request packets), leading to a heap buffer
overflow. Instead, we now only try to set this identifier when the IP
version matches the ICMP version, indicating that we set the data
payload.

The other issue was a out-of-bounds read while packet tracing when an
ICMPv6 packet without a payload was sent or received, due to trying to
read the type and code. Now we check that the data length is sufficient
to contain an ICMPv6 header before attempting to read one.

Credit LLVM/Clang's AddressSanitizer with catching these bugs.
 2016-07-28 05:11:35 +00:00
dmiller
2e05009ff7 Avoid undefined behavior of shifting over the sign bit by declaring unsigned literal 2016-07-28 05:11:34 +00:00
dmiller
4486148760 Remove an unnecessary debug statement from development 2016-07-28 05:11:33 +00:00
dmiller
d78f924635 Process 61 service fingerprints 2016-07-28 01:26:31 +00:00
dmiller
7aed1fd2ab Partially revert r36038: EC support only missing on RHEL 2016-07-27 20:35:00 +00:00
dmiller
3611aa0a6e Fix building on OpenSSL 1.0.1 and earlier due to missing EC crypto 2016-07-27 20:28:46 +00:00
dmiller
85dd7e6ac1 Fix a potential buffer overrun due to sscanf using the wrong field width 2016-07-27 20:11:27 +00:00
dmiller
040d8e9c0f Revert r35943: causing segv crashes in IPv6 OS scan 2016-07-27 19:49:13 +00:00
vincent
e6925acec3 New Zenmap auth_wrapper in Objective-C 2016-07-27 10:29:20 +00:00
vincent
32efc8b28c Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers 
This closes #140 (issue #140), namely "Use correct lengths 
for FQDN, not MAXHOSTNAMELEN"
 2016-07-26 14:06:22 +00:00
dmiller
fcb94e2018 Process 155 service fingerprints 2016-07-26 04:17:28 +00:00
abhishek
db88bed93a Add little documentation for DNS resolution of truncated packets. Closes #468 2016-07-24 18:50:20 +00:00
dmiller
6d8b8995b6 Add redis port to nmap-services as suggested by npcode on Github 2016-07-23 14:27:23 +00:00
dmiller
274027bf61 Better CNAME handling in mass_rdns. 
If mass_rdns gets a CNAME and PTR for that name in one answer, parse
both. This means that the majority of CNAME answers can now be handled
without falling back to system resolver. A test of 40K random IPs
produced 21 CNAME answers, 18 of which had an associated PTR that was
correctly parsed in this way.
 2016-07-23 00:22:54 +00:00
dmiller
28ff5841bc DNS::Factory::ptrToIp will now return false if sockaddr_storate_inet_pton fails 2016-07-23 00:22:53 +00:00
dmiller
902a19b42e Fix refguide indexterms mucking with manpage again. Fixes #463 [ci skip] 2016-07-22 18:33:57 +00:00
dmiller
4fa478cea4 Check for non-404 file nonexistence responses in http-config-backup 2016-07-22 15:52:30 +00:00
dmiller
b019b4a369 Add clock-skew.nse to version control (oops!) 2016-07-22 14:33:47 +00:00
tudor
6c8a753013 CONCURRENCY_LIMIT in NSE can be increased above 1000 with a higher --min-parallelism value 2016-07-22 05:18:32 +00:00
dmiller
f002aee6a9 Add TLSA type to dns-zone-transfer, refactor bto16 2016-07-21 22:27:30 +00:00
dmiller
98d5fd7625 Fix a segfault due to Nsock event leak in NSE. 2016-07-21 21:36:40 +00:00
vincent
24976fe9c8 Correct sentences from Zenmap French translation 2016-07-21 19:31:11 +00:00
vincent
6e5efe5a8c Add new Zenmap Spanish translation 
Thanks to Marta Garcia De La Paz, Paulino Calderon
and Patricio Castagnaro for their contribution
 2016-07-21 19:18:56 +00:00
dmiller
5b7a07b6c9 Add clock-skew script, datetime library 2016-07-21 17:05:25 +00:00