PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-21 23:19:03 +00:00
Code Issues Projects Releases Wiki Activity
12,968 Commits 2 Branches 0 Tags
adc7f02503cd0224fb65a28bcc89ffd6c8de48d3
Commit Graph

12968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
5c83c3d2a5 Fixes for Windows build from Lua header rearrangements 2018-11-08 04:55:29 +00:00
dmiller
8b2f8dbad2 Restore unconfigured zconf.h, needed on Windows. 2018-11-08 04:35:52 +00:00
dmiller
1345eb247b Use iterative solution instead of tail recursion to avoid stack problems when optimization is off 2018-11-08 04:25:12 +00:00
dmiller
4620cc3df0 Reorder some probes to better match RDP and TLS 2018-11-06 15:07:04 +00:00
dmiller
7da763d271 Use standard way of including nbase.h 2018-11-06 15:07:03 +00:00
dmiller
7ea0a8c9ac Make functions static where possible 2018-11-06 15:07:02 +00:00
dmiller
110d9b7adf Fix wrong library typo 2018-11-06 15:07:01 +00:00
dmiller
70be64d592 Move TerminalServerCookie probe below more-likely TerminalServer probe. Probes are sent in file order, not rarity order 2018-11-05 18:12:12 +00:00
dmiller
959f722021 Process 274 service fingerprint submissions 2018-11-05 18:08:58 +00:00
dmiller
5a34fd3d8d Add script.db entries for new scripts 2018-11-05 18:07:42 +00:00
dmiller
824f9dcb2f Rearrange declarations to put all addrset functions in nbase.h, hide struct addrset internals. 2018-11-01 04:35:00 +00:00
dmiller
27807aadb4 Straighten out some headers and the (struct) addrset type 2018-11-01 04:34:59 +00:00
dmiller
c223ec5c36 Remove unused IPv6 support for legacy addrset_elem bit-matching 2018-11-01 04:34:58 +00:00
dmiller
0f916ec3bc Fix an error in common-prefix calculation 2018-10-31 23:44:52 +00:00
dmiller
625884e7dc Support netmasks in addrset trie. Use trie for resolved addresses and CIDR masks. 2018-10-31 20:32:16 +00:00
dmiller
324965d1d2 Use a radix tree (trie) to match exclude addresses 
Current exclusions list from --excludefile takes linear time to match
against. Using a trie structure, we can do matching in O(log n) time,
with a hard maximum of 32 comparisons for IPv4 and 128 comparisons for
IPv6. Each node of the trie represents an address prefix that all
subsequent nodes share; matching stops when one is matched exactly or
when the candidate address does not match any prefix of the addresses in
the trie.

For now, only numeric addresses without netmask are supported. We plan
to extend this to addresses with netmasks, including resolved names.
Storing IPv4 ranges and wildcards in this structure would be
prohibitively complex, so the existing linear match method will be used
for those. It is unlikely that any users are using large exclusion lists
of these types of specifications, so performance impact is small.

Potential future features could use the trie structure to implement
custom routing or scope-limiting.

This was a todo list item based on this report:
https://seclists.org/nmap-dev/2012/q4/420
 2018-10-31 14:01:34 +00:00
dmiller
86d1f7e66e Don't quit on ERROR_IO_INCOMPLETE. Closes #1372 2018-10-26 20:50:58 +00:00
dmiller
1c2829cbd0 Fix a bug: if service is vulnerable, this is a table, not a string. 2018-10-25 16:30:48 +00:00
dmiller
e3d08f7e94 Avoid shutting down SSL descriptor twice. Fixes #1365 2018-10-25 04:53:59 +00:00
dmiller
8cb2b0ea2a Add or fix See Also links between scripts 2018-10-24 19:36:04 +00:00
dmiller
8fef7f7df5 Compatibility hack for older Nmap versions 2018-10-24 16:35:33 +00:00
ron
1419b86e13 Added a pair of modules for finding and exploiting 'WebExec', a vulnerability in Cisco's WebEx 2018-10-24 16:14:43 +00:00
dmiller
d03b10ea36 Deprecate/disable -PR option as it was not really being checked. 
Fixes #1361
 2018-10-24 03:55:42 +00:00
dmiller
9a6f9c5abe Replace redundant checks with a call to o.RawScan() 2018-10-24 03:55:41 +00:00
fyodor
aa867cf1b7 Apply patch from Brandon Enright to handle underscores in part of the libssh banner. According to David Fifield's research, libssh switched to underscores in 2017, version 0.7.4 2018-10-23 20:09:52 +00:00
dmiller
14705cd417 ultrascan: bail early if there are no probes in the current scan 
This shouldn't ever happen, but it currently does for host discovery
scans using -PR where the target is not directly connected. See #1361
 2018-10-22 20:12:45 +00:00
ron
467b06008e Add permissions to openscmanagerw() in msrpc.lua, allowing the caller to specify the permissions they need. 2018-10-22 17:29:49 +00:00
dmiller
ac2052f62b Print in verbose mode if unpwdb.timelimit exceeded. 2018-10-22 01:45:58 +00:00
dmiller
68ed57c3d9 Remove an untracked file from zlib that we shouldn't have included 2018-10-19 20:31:25 +00:00
dmiller
e6d63e65a3 Correct a false comment 2018-10-19 20:31:24 +00:00
paulino
63bdb220bf Removes extra word from old description 2018-10-19 05:04:23 +00:00
paulino
de2b08e27a Adds http-sap-netweaver-leak to detect SAP instances with the Knowledge Management unit enabled with anonymous access. Closes #1243. 2018-10-19 05:00:46 +00:00
dmiller
4df58cca22 Upgrade included zlib to 1.2.11 2018-10-18 04:49:21 +00:00
dmiller
cf58b6160e Add version checks for libssh2 and zlib to checklibs.sh 2018-10-18 03:49:35 +00:00
dmiller
d8c1d935f1 Move Npcap headers and lib stuff to nmap-mswin32-aux 2018-10-18 03:28:39 +00:00
dmiller
a7638f57c8 Add missing libs to make check 2018-10-18 01:10:57 +00:00
dmiller
0500811f5a Move string utility functions to stringaux.lua 2018-10-18 01:08:19 +00:00
dmiller
39cfbdf4e2 Use an iterator instead of building an intermediate table for format_output 2018-10-18 01:08:11 +00:00
dmiller
93edeefa3c Fix false positive in http-phpmyadmin-dir-traversal. Closes #1359 2018-10-17 20:21:05 +00:00
dmiller
02b00238a2 Add a new vulns state, UNKNOWN, for cases where vulnerability cannot be ruled out. 2018-10-17 20:21:04 +00:00
dmiller
e93c2b4328 Don't run openssl-requiring tests if openssl isn't present. 2018-10-17 19:58:33 +00:00
dmiller
a7495ac6c7 Fix an error when OpenSSL not present. 2018-10-17 19:58:32 +00:00
dmiller
dcc0e3ed7e New tableaux library containing table auxiliary functions. 2018-10-17 15:34:30 +00:00
dmiller
c76424deb7 Cache the alpha charset for random_alpha to avoid regenerating it every time. 2018-10-17 00:30:16 +00:00
dmiller
37384c2225 Expose nbase's get_random_bytes as an alternative random source for NSE, via rand.random_string 2018-10-17 00:30:15 +00:00
dmiller
73715b15b5 Update included Lua to 5.3.5 2018-10-17 00:30:14 +00:00
dmiller
36e9588d5e Update cert store used by Ncat on some platforms 2018-10-16 14:47:28 +00:00
dmiller
33dd005714 Similar improvements to finding Lua for Ncat 2018-10-16 14:34:39 +00:00
dmiller
a0f55317f3 Fix inclusion of Lua headers. See #1355 
We will need to do something similar for Ncat.
 2018-10-16 05:18:31 +00:00
dmiller
f836c164e0 Define LUA_INCLUDED when configuring --with-liblua=included 2018-10-16 05:18:29 +00:00