PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 11:49:01 +00:00
Code Issues Projects Releases Wiki Activity
1,250 Commits 2 Branches 0 Tags
a90ec1ef8abe1f8e4d7fc332f37049bae08bc566
Commit Graph

157 Commits

Author SHA1 Message Date
kris
c7eb8011d9 NSE now has a "default" category for scripts. This category holds the set 
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).

On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.

The new list is very similar to the previous "safe,intrusive" list:

Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd

Here are the 21 scripts in this new category:

anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
 2008-05-28 07:16:32 +00:00
fyodor
4742ed7845 update SMTPcommands with new code from Jason which works better against Postfix and some other systems. Also, I made it less verbose and changed the ID to SMTPcommands to match the filename. 2008-05-27 07:36:05 +00:00
kris
ee876ada98 o Replaced kibuvDetection.nse with version detection match lines which 
work better than the script. [Kris, Brandon]
 2008-05-25 23:30:21 +00:00
fyodor
71a29d4e2d o Fixed a bug in the showOwner NSE script which caused it to try UDP 
ports instead of just TCP ports.  This made it very slow in the
  common case where there are many UDP ports in the open|filtered
  state.  Thanks to Jason DePriest for reporting the problem and Jah
  for tracking it down and fixing it.
 2008-05-25 01:38:48 +00:00
fyodor
779b96a197 trivial copyright text tweak: filename nmap-os-fingerprints has changed to nmap-os-db 2008-05-22 20:45:32 +00:00
fyodor
ce3ce4f541 change recursive query dns test from isc.sans.org to www.wikipedia.org 2008-05-16 22:17:41 +00:00
kris
b7b8fef7f4 Removing "Recursion not enabled" from dns-test-open-recursion.nse because it only adds clutter to the output 2008-05-15 15:12:58 +00:00
kris
2881b4faab HTTP_open_proxy.nse fix: tags{} -> categories{} 2008-05-14 21:02:27 +00:00
kris
abe470fba8 Change SSLv2-support.nse to only print cipher list if verbosity>=2 or debugging>0 2008-05-14 04:08:07 +00:00
bmenrigh
1018992e15 Loosened the non-HTTP regexp so that Skype is properly identified more 
often.  Also added a product string so that the version column isn't
blank.
 2008-05-13 20:19:38 +00:00
kris
e7eafc8928 Whoops, I missed running --script-updatedb for r7439 (removing mswindowsShell.nse) 2008-05-11 05:49:02 +00:00
kris
48a8bd757c Removing mswindowsShell.nse--there is a version detection match to accomplish the same thing 2008-05-10 20:52:16 +00:00
fyodor
5b113453b3 reflect moved url 2008-04-09 09:55:03 +00:00
kris
43523f441b Correcting the uptime parsing and reporting in SNMPsysdesr.nse when the uptime is less than about 46 hours. The amount of bytes holding the uptime is variable up to 4, but the script was assuming it always held 4 bytes of uptime. When the real uptime was less than 46 hours, this script was reporting an uptime anywhere from 5 days to 130 days (I think it actually reported 0 days once, but the hours were all messed up). 2008-04-08 14:58:17 +00:00
fyodor
60d1e103d3 Canonicalize license text--more than half did not even spell license correctly. They all still say that they are under Nmap's license, just with consistent capitalization and spelling, and now a link to Nmap legal page at http://nmap.org/man/man-legal.html 2008-04-07 08:23:21 +00:00
kris
8530569047 Adding my Datafiles NSElib for parsing the nmap-* data files for scripts and also update rpcinfo.nse to use this library. Includes CHANGELOG and docs/scripting.xml updates 2008-03-30 20:33:33 +00:00
kris
60924c7308 update ripeQuery.nse to not print extraneous beginning whitespace 2008-03-27 18:08:42 +00:00
ejlbell
7f58dc082c Switched bruteTelnet to the vulnerability category so it is not executed by default. Prompted by a bug report stating bruteTelnet failed on windows but switching is a good idea anyway as the script takes a long time to run. 2008-03-15 21:09:29 +00:00
diman
cf4c7081e8 moving debugger to nmap-exp/diman until further notice 2008-02-03 21:38:38 +00:00
diman
2d9bc1b43d added a CLI debugger 2008-02-03 14:21:36 +00:00
kris
a919aa5470 rewriting my HTTPpasswd script to use Sven's HTTP library and to do some much-needed cleaning up. 2008-02-01 05:48:45 +00:00
fyodor
9cf7f14afe o Added NSE HTTP library which allows scripts to easily fetch URLs 
with http.get_url() or create more complex requests with
  http.request().  There is also an http.get() function which takes
  components (hostname, port, and path) rather than a URL.  The
  HTTPAuth, robots, and showHTMLTitle NSE scripts have been updated to
  use this library. Sven Klemm wrote all of this code.
 2008-02-01 02:47:09 +00:00
ejlbell
5e8504f445 Script now outputs spaced tables (NmapOutputTable style) instead of tab separated tables so large varying zone transfers line up properly (for an example see cvs.openbsd.org) 2008-01-15 19:52:55 +00:00
ejlbell
e244e43f0d Couple of patches from Sven Klemm that speed up http nse scripts by telling the server to automatically close the connection 2008-01-14 00:13:30 +00:00
fyodor
44179ae135 o Update SSLv2-support NSE script to run against more services which 
are likely SSL. [Sven Klemm]
 2008-01-13 04:36:27 +00:00
fyodor
980d9ddd8d o Added UPnP-info NSE script by Thomas Buchanan. It gathers 
information from the UPnP service (UDP port 1900) which listens on
  many network devices such as routers, printers, and networked media
  players.
 2008-01-10 22:12:11 +00:00
fyodor
2cf283480f Remove own ntohl() and use packet.u32() instead. Patch from Sven Klemm 2008-01-08 23:13:38 +00:00
fyodor
8e9ca576d2 o Improved rpcinfo.nse to better sort and display available RPC 
services. [Sven Klemm]
 2008-01-06 17:12:09 +00:00
kris
23040d67ac o Fixed multiple NSE scripts that weren't always properly closing their 
sockets.  The error message was:
    "bad argument #1 to 'close' (nsock expected, got no value)"
 2007-12-28 07:35:51 +00:00
kris
c7dd124fef updating rpcinfo.nse to use nmap.fetchfile() instead of having the huge RPC table 2007-12-22 07:00:27 +00:00
fyodor
de9a7e8215 Added rpcinfo.nse script, which contacts a listening RPC portmapper 
and reports the listening services and port information (like
rpcinfo -p does).  The script was written by Sven Klemm.  Fyodor
then enhanced the RPC number list with all of the entries from
nmap-rpc.
 2007-12-20 23:13:07 +00:00
kris
a988d26982 Adding new MySQLinfo NSE script for printing MySQL server information 2007-12-19 07:23:59 +00:00
doug
939b94a322 Updated the IRC server info script to handle services 
named irc-serv as well as just irc because this name
is present in nmap-services.
 2007-12-15 23:47:31 +00:00
kris
0a6f10e4ba recommitting my r6499: "fix robots.nse output: remove robots.txt comments on disallowed entry lines" 2007-12-13 20:18:35 +00:00
fyodor
d6e89a5616 revert r6499 -- no checkins please until after the stable release unless it fixes a critical problem 2007-12-11 19:56:36 +00:00
kris
18867cf3b2 fix robots.nse output: remove robots.txt comments on disallowed entry lines 2007-12-11 16:04:00 +00:00
david
c25be95b59 Add some "local" declarations to scripts/xamppDefaultPass.nse. Without this I 
was getting errors like

SCRIPT ENGINE: [string "Global Access"]:1: Attempted to change the global 'socket' in c:david
mapmswin32DebugscriptsxamppDefaultPass.nse - use nmap.registry if you really wan
t to share data between scripts.

Notice that there's another issue with the error message, which is that
backslashes in the file name are being interpreted as beginning escape
sequences (see how the '\n' in "C:\david\nmap" turned into a newline.
 2007-12-09 05:47:26 +00:00
kris
aa80ac4b40 Fixing ripeQuery.nse output: it was printing "IP belongs to: " with nothing after it if the returned string was unacceptable (no role or suggested seeing www.iana.org); now it just returns since it didn't give any information anyway. 2007-12-06 21:51:43 +00:00
fyodor
088f7022a4 new script from Judy Novak at Sourcefire 2007-11-28 22:09:40 +00:00
majek04
4ed4ffa219 Added promiscuous.nse for detecting local NIC in promisc mode. First script using pcap for nse. 2007-11-27 18:59:53 +00:00
david
3782d2c020 Add an nmap.have_ssl NSE function and use it in the script showHTMLTitle.nse to 
avoid doing an SSL probe if SSL is not available.
 2007-11-22 06:38:23 +00:00
david
fbeb42a7a1 Remove an unused "url" local variable from scripts/showHTMLTitle.nse. 2007-11-20 23:39:14 +00:00
fyodor
39e2f3ed61 New PPTP version detection script from Thomas Buchanan 2007-11-14 23:30:22 +00:00
david
9d6a94d6ea Remove an entry for a test script from script.db. 2007-11-08 07:44:49 +00:00
ejlbell
9dea83347b Accidentally committed experimental version of robots.nse 2007-11-05 21:41:47 +00:00
ejlbell
1a73a31df0 updated 'nse directory constant' that seems to effect scripts using nselib in certain functions 2007-11-05 21:21:08 +00:00
david
50c4981934 Remove the first-generation OS detection and nmap-os-fingerprints. 2007-11-03 01:31:02 +00:00
david
83382600f2 Revert r5485. This changes the pcre Lua module back to statically linked 
code instead of a dynamically loaded C module. Linking the dynamic
shared module with the static libpcre.a was failing on OpenBSD. See
http://seclists.org/nmap-dev/2007/q4/0085.html.
 2007-10-23 00:45:00 +00:00
fyodor
a3cb8dfdcc update by Jason DePriest to do HELP query in addition to EHLO 2007-10-12 21:56:20 +00:00
david
14676144b6 Change \n\r to \r\n in two scripts that needed it: anonFTP and finger. 2007-10-03 20:48:05 +00:00