dmiller
7c61f7c9c3
TLS 1.3 support for NSE. Fixes #1691
2021-07-02 20:01:30 +00:00
fyodor
3bb502fcb0
Update author name/email
2021-01-14 18:26:56 +00:00
dmiller
110d9b7adf
Fix wrong library typo
2018-11-06 15:07:01 +00:00
dmiller
dcc0e3ed7e
New tableaux library containing table auxiliary functions.
2018-10-17 15:34:30 +00:00
dmiller
71cc60d68c
Remove some unused requires
2018-08-27 22:00:13 +00:00
dmiller
cd3253f5a2
New script, https-redirect
2018-06-28 03:43:27 +00:00
dmiller
41199b7eea
Use default EC curves instead of all throughout.
2017-10-31 04:26:59 +00:00
dmiller
eff6c09118
Change ssl scripts to use string unpacking instead of bin.lua
2017-03-10 17:29:53 +00:00
dmiller
a24006e0b7
Check the appropriate functions in portrules for SSL/TLS
2016-04-11 20:42:02 +00:00
dmiller
f4619edece
Update http urls for nmap.org to https
2015-11-05 20:41:05 +00:00
dmiller
4d106cbe23
Remove unneeded requires
2015-02-28 12:43:59 +00:00
dmiller
c4ad3ff4d6
Fix some error handling in ssl scripts
2014-10-25 18:58:18 +00:00
dmiller
b6e59efb4b
Add stdnse.keys() for extracting keys from a table
2014-09-05 13:08:09 +00:00
batrick
810f7d4803
more stdnse.print_debug -> stdnse.debug
...
This is a catchall pattern with a few exclusions.
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\(.*\))/stdnse.debug\1(\2)/' *.nse
$ sed -i 's/stdnse.print_debug(\(.*\))/stdnse.debug1(\1)/' *.nse
Excluded:
$ svn revert db2-das-info.nse
$ svn revert flume-master-info.nse
$ svn revert http-headers.nse
$ svn revert http-methods.nse
$ svn revert http-unsafe-output-escaping.nse
$ svn revert http-userdir-enum.nse
$ svn revert http-vuln-cve2011-3192.nse
$ svn revert http-vuln-wnr1000-creds.nse
$ svn revert http-wordpress-plugins.nse
$ svn revert telnet-brute.nse
2014-08-02 02:46:16 +00:00
batrick
c94d5970ff
stdnse.print_debug -> stdnse.debug1
...
sed -i 's/stdnse.print_debug("%s: \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
2014-08-01 21:31:04 +00:00
dmiller
ba5f207d94
Fix NSEdoc generation problems due to block ordering
...
Reported here: http://seclists.org/nmap-dev/2014/q2/258
Complicated parsing issue, but short version is this: The NSEdoc for
scripts must not be followed by a local declaration, or it will not be
accepted. Easiest way is to be sure the block with @usage, @output,
@args, @xmloutput, etc. comes right before the author line.
2014-05-21 19:06:50 +00:00
dmiller
a343ea24cd
Extend ssl-heartbleed to use every TLS cipher, prevent false negatives
2014-04-14 19:42:59 +00:00
patrik
3dbe66e9be
Change heartbeat request size from 0x0fe9 to 0x4000
2014-04-12 21:31:08 +00:00
dmiller
b3b0bf2389
Handle multiple messages in a single record (ssl-heartbleed)
2014-04-10 20:53:14 +00:00
dmiller
353291aeba
Remove hardcoded TLSv1.1 from heartbeat message build
2014-04-10 20:53:12 +00:00
dmiller
3fd18f7752
Use tls.lua functions to build messages in ssl-heartbleed
2014-04-10 15:14:14 +00:00
dmiller
e8d81eb8b4
Alert on missing tls library, better diagnostics for not-vulnerable sites
2014-04-10 15:14:10 +00:00
dmiller
80ea0d5f10
Don't try ssl-heartbleed on protocol mismatch
2014-04-09 21:54:27 +00:00
dmiller
c69afa24aa
Enable ssl-heartbleed to connect to STARTTLS services
2014-04-09 17:34:39 +00:00
dmiller
d1a86b7f57
Remove unnecessary pcall and unsupported SSL 3.0 from ssl-heartbleed
2014-04-09 16:49:18 +00:00
patrik
c0078965e9
add TLS 1.0, 1.1 and 1.2 support and some error checking
2014-04-09 16:16:22 +00:00
dmiller
e38d9618a3
Adjust heartbleed payload size to minimum required to trigger
2014-04-09 15:58:09 +00:00
dmiller
cd0ed4ff7f
Expand the binary blobs in ssl-hearbleed to allow tweaking
2014-04-09 14:37:35 +00:00
dmiller
9b93706cf3
Whitespace/indentation fixes for ssl-heartbleed
2014-04-09 13:51:57 +00:00
dmiller
f07e623835
Fix some globals in ssl-heartbleed.nse
2014-04-09 13:51:55 +00:00
patrik
20eb77d6d2
o [NSE] Add ssl-heartbleed script to detect the Heartbleed bug in OpenSSL
...
CVE-2014-0160 [Patrik Karlsson]
2014-04-09 01:49:29 +00:00
