* Merge the "backdoor" category into "malware"
* Add "auth" for authentication credential determination
* Rename "vulnerability" to "vuln"
* Place 12 scripts into their correct categories
It now returns the line as its first argument always, otherwise nil, errmsg
I updated scripts that use make_buffer.
When Lua 5.2 comes out, we may be able to use a function I've added
called stdnse.lines (commented for now). It cannot be used yet because
we cannot yield inside generic for loop. The function is built for
generic for loops. It will work as such:
for line in stdnse.lines(socket) do
...
end
as banner-grabbing (get_banner()) and making a quick exchange of data
(exchange()). 16 scripts were updated to use this library. [Kris]
I have *not* been able to test all of these scripts; however, I have
reviewed them and they should all work properly. I would really like
some more testing, though :)
This commit includes scripting.xml documentation.
* Instead of printing all disallowed entries it now only prints the
first 20. In verbose and debug modes it prints more entries, the exact
number depends on the debug and vebose level
* Prints out the number of disallowed entries
* Prints a message if a robot.txt file exists but has not entries.
* More resilient parsing and duplicate removal code
* Extended the line length to 50 characters so less vertical space used
to transfer. I've only been able to examine the behavior through Wireshark
since I don't have a nameserver that transfers other domains (I always get
"Not Authoritative"). It seems to work fine, though
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).
On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.
The new list is very similar to the previous "safe,intrusive" list:
Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd
Here are the 21 scripts in this new category:
anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
ports instead of just TCP ports. This made it very slow in the
common case where there are many UDP ports in the open|filtered
state. Thanks to Jason DePriest for reporting the problem and Jah
for tracking it down and fixing it.
with http.get_url() or create more complex requests with
http.request(). There is also an http.get() function which takes
components (hostname, port, and path) rather than a URL. The
HTTPAuth, robots, and showHTMLTitle NSE scripts have been updated to
use this library. Sven Klemm wrote all of this code.
and reports the listening services and port information (like
rpcinfo -p does). The script was written by Sven Klemm. Fyodor
then enhanced the RPC number list with all of the entries from
nmap-rpc.
was getting errors like
SCRIPT ENGINE: [string "Global Access"]:1: Attempted to change the global 'socket' in c:david
mapmswin32DebugscriptsxamppDefaultPass.nse - use nmap.registry if you really wan
t to share data between scripts.
Notice that there's another issue with the error message, which is that
backslashes in the file name are being interpreted as beginning escape
sequences (see how the '\n' in "C:\david\nmap" turned into a newline.
