PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 17:59:04 +00:00
Code Issues Projects Releases Wiki Activity
12,968 Commits 2 Branches 0 Tags
adc7f02503cd0224fb65a28bcc89ffd6c8de48d3
Commit Graph

24 Commits

Author SHA1 Message Date
dmiller
17040f4cf1 Move core of sslv2.nse into sslv2.lua so other scripts can use it. Cache results in registry. 2016-07-07 16:35:37 +00:00
dmiller
d6fbe8b2ca Refactor some code from sslv2.nse into sslv2.lua 2016-07-07 16:35:36 +00:00
dmiller
0d12307030 Improve parsing and request building in sslv2. Part of #365 2016-06-30 17:01:21 +00:00
dmiller
5b5524d4ba Change names of SSLv2 ciphersuites to match draft specification. Closes #314. 2016-03-03 04:58:24 +00:00
tomsellers
318accba6e NSE add STARTTLS to sslv2 improving detection of SSLv2 and DROWN oracles. Closes #320 2016-03-03 02:06:05 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
f61569df10 Update sslv2.nse to use bin.unpack 2015-10-13 03:04:07 +00:00
dmiller
0e74dd7a35 Replace some string.char and bin.pack calls with literals 2015-02-27 19:42:56 +00:00
dmiller
40f36a4e3e Some string optimizations in NSE 
Changes fall into these categories:

1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z

2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.

3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
 2014-09-03 04:49:54 +00:00
dmiller
d309fecd12 Re-indent some more scripts. Whitespace-only commit 
https://secwiki.org/w/Nmap/Code_Standards
 2014-02-02 15:33:29 +00:00
dmiller
620f9fdb34 Remove trailing whitespace in lua files 
Whitespace is not significant, so this should not be a problem.
https://secwiki.org/w/Nmap/Code_Standards
 2014-01-23 21:51:58 +00:00
dmiller
db1d82ad1f Fixed global assignments with nse_check_globals 
All fixes made by hand. A couple real bugs/errors fixed, due to
copy-paste of code from other scripts without changing variable names.
 2014-01-22 17:45:00 +00:00
dmiller
0622eb4d03 Structured output for sslv2, s/cypher/cipher/ 2013-05-07 02:01:27 +00:00
batrick
000f6dc4d9 Lua 5.2 upgrade [1] for NSE. 
[1] http://seclists.org/nmap-dev/2012/q2/34
 2012-05-27 08:53:32 +00:00
batrick
321e0d34e0 use # length operator instead of string.len (canonicalize) 
Used this perl command:

$ # perl -pi -e 's/string\.len\((.*?)\)/#\1/g' *.nse
 2011-05-11 15:12:47 +00:00
david
c3ab2d5ea4 Create a shortport.ssl function like shortport.http. Use it in ssl 
scripts.
 2011-02-22 00:46:28 +00:00
david
3c89e089fc Change calls in these forms: 
socket:connect(host.ip, port.number)
socket:connect(host.ip, port.number, port.protocol)

to this:

socket:connect(host, port)

connect can take host and port tables now, and the default protocol is
taken from the port table if possible.
 2010-08-16 18:59:30 +00:00
david
794611d9f1 o [NSE] Made sslv2.nse give special output when SSLv2 is supported, 
but no SSLv2 ciphers are offered. This happened with a specific
  Sendmail configuration. [Matt Selsky]
 2010-08-09 02:57:09 +00:00
fyodor
a0853a69ab expand an author name from plain 'Matt' to 'Matthew Boyle' 2010-07-24 05:54:47 +00:00
david
bccb8ead89 Edit some script descriptions for better line breaks when rendered as 
PDF. Some long URLs were replaced by short redirects under
http://nmap.org/r/.
 2010-07-17 16:47:31 +00:00
fyodor
fabe05eae6 Change the term 'stolen from' in comments to 'inspired by', which sounds a little less felonious :) 2010-06-15 08:05:28 +00:00
fyodor
77ab5c4305 Remove email addresses from scripts as discussed in this thread: http://seclists.org/nmap-dev/2009/q4/466 2009-11-24 08:49:02 +00:00
fyodor
989f48be6d mostly documentation cleanup, though I also moved ftp-anon into the safe category since I don't think it is any more intrusive than other scripts in that category 2008-11-07 04:35:22 +00:00
david
6fbc8868a9 Rename scripts (almost all of them) to make their names more consistent and 
make them look better in output. The full list of changes is
  anonFTP => ftp-anon
  ASN => asn-query
  brutePOP3 => pop3-brute
  bruteTelnet => telnet-brute
  daytimeTest => daytime
  dns-safe-recursion-port => dns-random-srcport
  dns-safe-recursion-txid => dns-random-txid
  dns-test-open-recursion => dns-recursion
  ftpbounce => ftp-bounce
  HTTPAuth => http-auth
  HTTP_open_proxy => http-open-proxy
  HTTPpasswd => http-passwd
  HTTPtrace => http-trace
  iax2Detect => iax2-version
  ircServerInfo => irc-info
  ircZombieTest => irc-zombie
  MSSQLm => ms-sql-info
  MySQLinfo => mysql-info
  popcapa => pop3-capabilities
  PPTPversion => pptp-version
  promiscuous => sniffer-detect
  RealVNC_auth_bypass => realvnc-auth-bypass
  robots => robots.txt
  showHTMLTitle => html-title
  showOwner => identd-owners
  skype_v2-version => skypev2-version
  smb-enumdomains => smb-enum-domains
  smb-enumsessions => smb-enum-sessions
  smb-enumshares => smb-enum-shares
  smb-enumusers => smb-enum-users
  smb-serverstats => smb-server-stats
  smb-systeminfo => smb-system-info
  SMTPcommands => smtp-commands
  SMTP_openrelay_test => smtp-open-relay
  SNMPcommunitybrute => snmp-brute
  SNMPsysdescr => snmp-sysdescr
  SQLInject => sql-injection
  SSH-hostkey => ssh-hostkey
  SSHv1-support => sshv1
  SSLv2-support => sslv2
  strangeSMTPport => smtp-strangeport
  UPnP-info => upnp-info
  xamppDefaultPass => xampp-default-auth
  zoneTrans => zone-transfer
 2008-11-06 02:52:59 +00:00