PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 17:39:03 +00:00
Code Issues Projects Releases Wiki Activity
8,754 Commits 2 Branches 0 Tags
aa15467a3f9190ad1a6d1e3ecbe3092a9268342d
Commit Graph

1931 Commits

Author SHA1 Message Date
david
aa15467a3f Fix the off-by-one in ssl-enum-ciphers that I reintroduced. 2013-12-03 17:12:15 +00:00
david
126d424dec Simplify the chunk calculation. 2013-12-02 22:47:20 +00:00
david
6832c98454 Try only 64 ciphers at a time in ssl-enum-ciphers. 
An off-by-one error meant that we tried 65 at a time. The number 64 came
up in a discussion of limitations of running against IIS.
http://seclists.org/nmap-dev/2012/q3/167
 2013-12-02 22:47:09 +00:00
fyodor
0dafd86d22 Add AllSeeingEye (a protocol for querying status of certain games) script and service probe 2013-12-01 22:09:16 +00:00
david
8ab92b3214 Tabs to spaces in ssl-enum-ciphers. 2013-11-27 04:59:48 +00:00
patrik
9e075b8140 change incorrect parameter http-put.file to http-url.file based on bug report 2013-11-23 22:26:33 +00:00
fyodor
e6a0762764 o [NSE] Add freelancer-info to gather information about the Freelancer 
game server. Also added a related version detection probe and UDP
  protocol payload for detecting the service. [Marin Maržić]
 2013-11-20 04:31:31 +00:00
fyodor
e1932c2916 Regenerate script.db 2013-11-20 04:04:59 +00:00
dmiller
83e0ee1e70 Add ChaCha20-Poly1305 TLS cipher suites to ssl-ciphers 2013-11-14 20:41:09 +00:00
patrik
4152af8eb1 Fix nil value reference 2013-11-14 02:50:47 +00:00
dmiller
58d44f8437 Add .skip script-arg for http-server-header 
Because http-server-header grabs the server header and sets the service
version hardmatched, Nmap won't print a service fingerprint. This means
people might not submit as many fingerprints in the future, but we would
rather they did (speeds up scans by short-circuiting version probes).

Now http-server-header will print a messages suggesting the use of
--script-args http-server-header.skip for the purposes of submitting a
fingerprint. If this script-arg is set, the script will not run,
preserving Nmap's previous behavior.
 2013-11-12 18:35:17 +00:00
dmiller
fbf03995e0 Allow http-server-header to set http service even without Server header 2013-11-08 21:33:57 +00:00
dmiller
3e54536dab Add http-server-header as a last-ditch means to get httpd version 
See http://seclists.org/nmap-dev/2013/q3/599 for justification.
 2013-11-08 21:19:36 +00:00
dmiller
a02dd889d7 Add xmloutput for ssh2-enum-algos 2013-11-08 17:46:07 +00:00
dmiller
86c8703486 Let dns-brute read candidate SRV records from dns-srv-names instead of hard-coded list 2013-11-01 22:10:37 +00:00
dmiller
40e9fe4746 Refactor dns-brute for readability 2013-11-01 21:48:54 +00:00
dmiller
85a86ecf8e Let dns-brute read candidates from vhosts-default.lst instead of hard-coded list 2013-11-01 21:48:53 +00:00
dmiller
9f1d2c472d Replace print() calls with stdnse.print_debug() 
NSE scripts should not send data to stdout with print(). One exception
was not altered: url-snarf states in its documentation that urls are
sent to stdout by default, with a script-arg option to save to a file
instead.
 2013-11-01 17:01:18 +00:00
dmiller
84c944fb71 Add xmloutput for dns-brute 2013-11-01 17:01:16 +00:00
dmiller
920f07d843 Normalize author fields, changing "and" to comma-sep 2013-11-01 15:56:37 +00:00
paulino
127679d055 Fixes false positive. 2013-10-31 17:37:22 +00:00
sophron
f57b58d095 [NSE] Updated Robtex scripts to make them work again. Primarily, changed the addresses to https and corrected some wrong patterns. 2013-10-31 17:15:52 +00:00
dmiller
901e414927 Author field should be a string, not table 2013-10-31 14:46:45 +00:00
paulino
3340ac27ef Adds http-iis-short-name-brute.nse. The script detects Microsoft IIS servers vulnerable to a filename disclosure and denial of service vulnerability. 2013-10-31 04:04:45 +00:00
dmiller
af8874d66f New script weblogic-t3-info 
http://seclists.org/nmap-dev/2013/q4/74
 2013-10-30 15:10:00 +00:00
dmiller
82e6745fe5 Update script.db for rfc868-time 2013-10-23 17:48:37 +00:00
dmiller
9207e2eda1 Add rfc868-time.nse, queries a Time protocol server 2013-10-23 17:45:48 +00:00
dmiller
4bbb4366d2 Fix name_confidence use (0-10, not 0-100) 2013-10-23 16:36:26 +00:00
fyodor
3daeedd608 Minor rewording for clarity that someone suggested 2013-10-22 00:51:58 +00:00
dmiller
4209ec0e82 Remove redundant verbosity check 2013-10-18 18:47:01 +00:00
dmiller
507f0bc3ee Remove use of __call output_table hack in favor of length (#) 2013-10-18 18:35:07 +00:00
dmiller
34cd23e101 Add xmloutput for ntp-info.nse 2013-10-18 18:35:05 +00:00
dmiller
a69a7fb676 Add xmloutput to dns-nsid.nse 2013-10-18 18:35:02 +00:00
dmiller
33a8bc11c4 Add xmloutput to socks-auth-info.nse 2013-10-18 18:34:55 +00:00
dmiller
1b07c5ce54 Add xmloutput to tls-nextprotoneg.nse 2013-10-18 18:34:54 +00:00
dmiller
35dbe4fe37 Add xmloutput to vnc-info.nse 2013-10-18 16:05:48 +00:00
dmiller
95585e4008 Add xmloutput to smbv2-enabled.nse 2013-10-18 16:05:46 +00:00
dmiller
66569165ac Add xmloutput to x11-access.nse 2013-10-18 16:05:45 +00:00
dmiller
8ce3b65272 Add xmloutput to sshv1.nse 2013-10-18 16:05:44 +00:00
patrik
e97a5b9d5a Add http-dlink-backdoor script that detects DLink routers with firmware 
backdoor allowing admin access over HTTP interface.
 2013-10-17 23:41:12 +00:00
dmiller
3945c287e9 Update nbstat.nse to structured XML output 2013-10-17 21:57:48 +00:00
sophron
a7b0fea687 [NSE] Added an enhancement to ssh-hostkey that makes a comparison with your known-hosts file. http://seclists.org/nmap-dev/2013/q3/587 2013-10-16 18:32:44 +00:00
fyodor
35e118802b Add some fingerprints of problematic keys reportedly belonging to APT1. Contributed by Mariusz Ziulek. http://seclists.org/nmap-dev/2013/q3/638 2013-09-28 03:13:07 +00:00
dmiller
31bc2847bd Normalize script author fields 
Clean up some typos and differences. Most have been normalized to
whatever form of the name occurred in the largest number of scripts.
Paulino was contacted directly and requested his email be added to all
of his credits.
 2013-09-20 18:56:22 +00:00
sophron
c084e2fd8d [NSE] Updated script.db. 2013-09-06 21:08:00 +00:00
sophron
27f241e20f [NSE] Added http-devframework (along with its fingerprints file) that tries to find out the technology behind the target website. 2013-09-05 19:31:40 +00:00
dmiller
989ae60dd2 Update traceroute-geolocation for new geoplugin.net API 2013-09-02 11:36:24 +00:00
david
f6c83d2a37 Performance improvement in telnet-brute. 
By nnposter.
http://seclists.org/nmap-dev/2013/q3/413
 2013-08-30 16:04:19 +00:00
sophron
441f840ba9 [NSE] Updated script.db 2013-08-23 02:38:20 +00:00
sophron
f7a0989391 [NSE] Added http-csrf.nse that detects Cross Site Request Forgeries (CSRF) vulnerabilities in HTML forms. 2013-08-23 02:08:09 +00:00