PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 21:49:01 +00:00
Code Issues Projects Releases Wiki Activity
12,968 Commits 2 Branches 0 Tags
adc7f02503cd0224fb65a28bcc89ffd6c8de48d3
Commit Graph

2968 Commits

Author SHA1 Message Date
batrick
dc909f7d77 removed usage of deprecated table.getn 2011-05-11 14:41:06 +00:00
henri
1cd183014d Use stdnse.format_output() instead of comma-separated values, to produce 
readable output regardless of the number of discovered plugins
 2011-05-11 14:28:46 +00:00
patrik
079195122d o [NSE] Applied patch from Daniel Miller that fixes a bug in http-form-brute 
reported by Josh Greenwood. The script would break if autodetection of
  either brute form fields would fail.

  http://seclists.org/nmap-dev/2011/q2/524
 2011-05-11 13:04:20 +00:00
patrik
e8c5640dda o [NSE] Added a SIP library and two new scripts sip-brute.nse and 
sip-user-enum.nse providing brute and user enumeration support for the SIP
  protocol. [Patrik]
 2011-05-09 18:00:52 +00:00
gorjan
242b483cf9 Fix for backorifice-info.nse, setting the port.state as "open" 2011-05-08 16:37:41 +00:00
henri
f6e9e30be0 o [NSE] Added xmpp.nse, which collects XMPP server information [Vasiliy Kulikov] 2011-05-07 21:14:21 +00:00
henri
4ff284cdc6 fixed parameter name in script usage 2011-05-07 17:37:49 +00:00
kris
eb7202d45c fix whitespace inconsistencies from copy-and-pastes 2011-05-06 23:48:41 +00:00
batrick
7f66646636 Patch to make require errors silent and removed evil workarounds. 
Added new stdnse function stdnse.print_verbose (similar to print_debug).
 2011-05-04 21:06:53 +00:00
djalal
9e60e88eca o [NSE] Added broadcast-avahi-dos.nse, which tries to detect if the 
hosts in the local network that are running Avahi are vulnerable to
  the NULL UDP packet denial of service (CVE-2011-1002).
 2011-05-02 23:38:18 +00:00
david
b1e8d47fee Put http-auth in "safe" now that it is not in "default". 2011-04-30 19:23:19 +00:00
david
3ae3339cb7 Make the set of script "default and intrusive" empty. 
These scripts got removed from default:
	dhcp-discover
	dns-zone-transfer

These scripts got removed from intrusive:
	dns-recursion
	ftp-bounce
	http-open-proxy
	socks-open-proxy

Thanks to Toni for noticing these.
 2011-04-30 19:21:38 +00:00
david
6920f6b913 Remove credential guessing from http-auth.nse. 
This was really lame compared to http-brute, only guessing two
username/password combinations. Also we shouldn't be guessing any
passwords in a default script.
 2011-04-30 19:21:36 +00:00
david
d668c758e0 Join an NSEDoc comment to get @output. 2011-04-30 09:35:28 +00:00
henri
ef68defe0a Replaced firewalk scan states by a simpler boolean for readability reasons. 2011-04-29 16:40:45 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
de9d0362e0 Treat 5xx errors as success (guessed password) in http-brute. 
This was suggested by Toni Ruottu in
http://seclists.org/nmap-dev/2011/q1/940.
 2011-04-28 04:14:54 +00:00
david
ef2b75387b Add --- NSEDoc comment to backorifice-info.nse. 2011-04-27 22:38:56 +00:00
batrick
759426c215 Committed corrections [1] made by Gorjan Petrovski to factor out some code into 
a function, fix indentation, and other minor bugs.

[1] http://seclists.org/nmap-dev/2011/q2/314
 2011-04-26 02:23:28 +00:00
djalal
f8756deb0b Fix a typo in a comment. 2011-04-22 22:21:43 +00:00
djalal
849d0c5101 o [NSE] Call the new nmap.get_interface_info() function instead of 
nmap.get_interface_link() to get the network interface link type.
   The nmap.get_interface_link() function is deprecated and will be
   removed.
 2011-04-22 22:19:08 +00:00
djalal
546b8c4749 o [NSE] Fix a bug reported by Daniel Miller that was causing the nfs-ls 
script to ignore NFS mounts when the Mount version is 1.
 2011-04-22 21:52:20 +00:00
david
fef214063a Add omp2-brute and omp2-enum-targets from Henri Doreau. 2011-04-20 23:44:16 +00:00
david
3447e2a6a2 Use get_script_args to handle smb-related flag options, to use our 
common true/false logic and not hardcode "1" and "true" in places. Patch
by Chris Woodbury.
 2011-04-20 21:35:10 +00:00
david
e0f589a37f Document backorifice-info script args. 2011-04-20 07:45:13 +00:00
david
7880167e48 Localize functions and variables. 2011-04-20 07:45:12 +00:00
david
5726c875e9 Add backorifice-info.nse. 2011-04-20 07:45:10 +00:00
david
ec4db04494 Add checks for nmap.address_family == "inet" to scripts that require 
that. Patch by Henri Doreau.
 2011-04-19 18:09:15 +00:00
david
46c29d3f60 Use stdnse.print_debug instead of log_write. Patch by Henri Doreau. 2011-04-19 18:09:13 +00:00
david
94d0720515 Add quake3-master-getservers postrule summary patch from Toni. 2011-04-19 04:41:10 +00:00
david
e9294bbb2e Change the lookup for specialized negotiation functions in ssl-cert.nse. 
Instead of having an array called STARTTLS_PORTS, with linear lookup for
membership, defined SPECIALIZED_FUNCS, mapping port numbers to
negotiation functions. This make sit a little easier to add other SSL
negotiation mechanisms, like HTTP Upgrade.
 2011-04-18 16:07:49 +00:00
david
fb18ead35c Fix typoed variable name in http-vhosts.nse. 2011-04-11 02:35:49 +00:00
patrik
bbbccd4e01 o [NSE] Added the afp-ls script that lists files accessible on remote 
AFP Volumes. [Patrik]
 2011-04-05 08:31:34 +00:00
david
f43ca1ae27 Restore a check for nmap.is_privileged to targets-sniffer.nse. I asked 
Nick to remove this, but it turns out nmap.pcap_open has a bad failure
mode when you're not root. It sleeps for several seconds then throws an
error. So rather than tackle that I'll add this check back to the
script.
 2011-04-05 06:12:03 +00:00
david
d0bcacd18a Check if we have an interface to work with in the prerule of 
targets-sniffer.nse.
 2011-04-05 06:12:02 +00:00
david
067d7d9660 Put targets-sniffer.nse in "broadcast". 2011-04-05 06:12:00 +00:00
david
aa3a9baac8 Add the targets-sniffer script by Nick Nikolaou. 2011-04-05 06:11:59 +00:00
david
d0ea18119c Add epmd-info script from Toni Ruottu. 2011-04-04 18:28:33 +00:00
david
8757392fb5 Remove "-p 5353 <target>" from the @usage of 
broadcast-dns-service-disocvery.nse. It's not needed for the broadcast
script.
 2011-04-03 21:00:37 +00:00
patrik
c7af8736a7 Applied the following patch from Chris Woodbury to make ms-sql-info run less 
often: http://seclists.org/nmap-dev/2011/q1/1102 [Patrik]
 2011-04-03 20:44:42 +00:00
patrik
0ee33e4cb7 o Moved afp.username and afp.password arguments to afp-library. 
o Add support for getting file-dates, acls and sizes
[Patrik]
 2011-04-03 12:53:12 +00:00
david
603082755d Change the http-affiliate-id registry key to be named after the script. 2011-04-01 06:48:55 +00:00
david
e63a6b7d4c Include the path in http-affiliate-id postrule output. 2011-04-01 06:48:53 +00:00
david
585e25ba02 Add postrule to http-affiliate-id.nse by Daniel Miller that shows groups 
of targets using the same ID.
 2011-04-01 06:48:52 +00:00
david
1d9bf8bef5 Expanded Amazon pattern for http-affiliate-id from Daniel Miller. 2011-04-01 06:17:15 +00:00
batrick
e791c0e4ab style changes 2011-03-31 20:42:49 +00:00
david
6fdca6e01f Better Amazon associates match: allow '?'. 2011-03-31 20:32:56 +00:00
david
d4dd71261d Documentation, whitespace, style in http-affiliate-id. 2011-03-31 20:32:55 +00:00
david
f522332a89 Add http-affiliate-id.nse, originally from Hani Benhabiles, then patched 
by Daniel Miller.
 2011-03-31 20:32:50 +00:00
djalal
fea17448d3 Adjust the output sample of the nsedoc. 2011-03-30 10:52:41 +00:00