PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 09:49:05 +00:00
Code Issues Projects Releases Wiki Activity
9,551 Commits 2 Branches 0 Tags
ae5a7f32175de441e1669edf83d6ba844a57bc8c
Commit Graph

2183 Commits

Author SHA1 Message Date
dmiller
179e42a9c6 Update http-slowloris-check 
Summary of changes:
* Clarified LIKELY_VULN status, since actual DoS may not be possible
  (false positive)
* Made worker threads closures to simplify/fix testing multiple servers
  at once.
* Added debug statements at script exit locations to clarify status when
  script terminates early.
* Added CVE reference.
 2015-01-23 15:37:09 +00:00
dmiller
137d2e3e94 The \z escape is Lua5.2 only, and NSEdoc portal uses 5.1, so this hack didn't work 2015-01-19 04:12:57 +00:00
paulino
563498f473 Adds http-shellshock.nse to detect web applications vulnerable to shellshock 2015-01-17 03:01:58 +00:00
dmiller
fb6e1f013c Fix some nsedoc issues with http-default-accounts 2015-01-15 19:50:13 +00:00
dmiller
9ffafe5334 Display empty server header as <empty> (#37) 2015-01-15 05:36:25 +00:00
dmiller
87fa397492 Let http-server-header handle an empty Server header 
Patch by nnposter. Fixes #37
 2015-01-15 05:36:23 +00:00
david
6c41e00a5f Link directly to the Team Cymru IP-to-ASN page. 2015-01-09 02:42:47 +00:00
dmiller
ee4b2dfe5d A TODO note for ssl-enum-ciphers 
We recently became dependent on OpenSSL for some of ssl-enum-ciphers's
functionality (parsing certificates). We should have a decent fallback
(e.g. don't parse the certificate, issue a warning, and use a dummy
score).

[ci skip] This tells Travis to skip the CI build when this commit is
pushed, useful for documentation changes that don't affect the build.
 2015-01-01 21:09:05 +00:00
tomsellers
10822d1633 More script updates to change Metasploit Redmine 
references to valid Github URLs
 2015-01-01 15:13:13 +00:00
tomsellers
d2622c0396 Fix reference in rmi-vuln-classloader.nse to point to Metasploit 
Github repo as Metasploit Redmine is deprecated and requires
auth.
 2015-01-01 14:59:35 +00:00
tomsellers
742444b87d Fix a typo in the regex that was truncating the version string. 2014-12-20 01:34:26 +00:00
tomsellers
d5af9560c3 Add the full ntpd version string, for example v4.2.4p4@1.1520-o, to the 
port's version attributes if the remote service provides it. Also capture
OS info as well as it can provide exact kernel versions in some cases.
 2014-12-20 01:14:34 +00:00
dmiller
9857aa6ac2 Service fingerprint lengths are in hex, not decimal 2014-12-18 03:29:20 +00:00
dmiller
425e407eb3 Use decoding instead of pattern match for protocol checking 2014-12-18 03:23:46 +00:00
dmiller
711f6d97c9 New script, snmp-info for querying snmpv3 services 2014-12-18 00:22:48 +00:00
dmiller
8e8935d2c0 Avoid comparing nil with an integer, potentially 2014-12-18 00:22:42 +00:00
tomsellers
845616623d Add support to 'citrix-enum-apps-xml' for reporting if published applications in the list are enforcing/requiring the level of ICA/session data encryption shown in the script result. This information was already in the XML provided by the server, this change just adds parsing for it. 2014-12-17 11:56:52 +00:00
dmiller
1653d846e6 Don't double-encode ssh key for XML output 2014-12-17 03:32:09 +00:00
dmiller
f9f2829e3c Switch to tail-recursion 2014-12-15 05:20:42 +00:00
dmiller
5f5af2d573 Add XML output to modbus-discover 2014-12-15 05:20:39 +00:00
dmiller
c3579c8b76 Another Raul Fuentes script: targets-ipv6-wordlist 2014-12-03 16:20:22 +00:00
dmiller
918d926913 Remove the unnecessary -recon portion of targets-ipv6 script 2014-12-03 16:02:16 +00:00
dmiller
5d6a024c7b Do a better job spelling people's names. Sorry, Raúl! 2014-12-02 18:36:15 +00:00
dmiller
bb96a09c16 Add one of Raul Fuentes's IPv6 recon scripts 2014-12-02 04:17:50 +00:00
dmiller
bfc9a00800 Let http-server-header send HTTP/1.1 request with Host header to elicit better response 2014-12-01 15:21:57 +00:00
dmiller
f90dd56021 Let tftp-enum substitute host's MAC address into filenames when known 2014-11-29 03:50:07 +00:00
dmiller
fc0337083e nnposter's ssl-date improvements http://seclists.org/nmap-dev/2014/q3/317 2014-11-18 03:53:25 +00:00
dmiller
c85bb0b54f Correct logic on checking for SHA1 certificate in ssl-enum-ciphers 2014-11-10 16:16:29 +00:00
dmiller
4e3baad093 Relax ssl-enum-ciphers' timeout to allow time for server processing 2014-11-10 16:16:27 +00:00
dmiller
e3024a6463 Documentation for new ssl-enum-ciphers rating system 2014-11-07 21:52:49 +00:00
dmiller
8f414cfc3a Correct conversion of DH key size to RSA bit strength equivalent 2014-11-07 21:41:38 +00:00
dmiller
222b2a009d Use internal cipher/handshake scoring system instead of static datafile 2014-11-07 16:39:26 +00:00
dmiller
e11a8609a7 Remove unnecessary vars and redistribute declarations 2014-11-07 16:39:24 +00:00
dmiller
b73dc0e762 Restructure try_params to return all recieved records 
No functional change to the script, but this allows callers to check for
various alerts or other handshake messages (certificate,
server_key_params, client_certificate_request, etc).
 2014-11-05 14:41:50 +00:00
dmiller
9f34a29778 Correct script-args docs for http-virustotal 2014-11-01 12:57:32 +00:00
dmiller
f8ef3f48da Fix detection of CVE-2011-2523 
http://seclists.org/nmap-dev/2014/q4/130
 2014-10-30 13:14:02 +00:00
dmiller
27948e1588 Fix file permissions and missing require in http-avaya-ipoffice-users 2014-10-27 13:04:47 +00:00
dmiller
a1d984a66b Fix a couple off-by-one errors in parsing multiple TLS records 
Reported by Kent Fritz: http://seclists.org/nmap-dev/2014/q4/104
 2014-10-26 16:22:21 +00:00
dmiller
c4ad3ff4d6 Fix some error handling in ssl scripts 2014-10-25 18:58:18 +00:00
tomsellers
e11e03fa50 Add the signature algorithm that was used to sign the target port's x509 (TLS) certificate to the output of ssl-cert.nse 
http://seclists.org/nmap-dev/2014/q4/44
 2014-10-25 18:56:38 +00:00
dmiller
a047985f19 Make SCSV check in ssl-poodle backwards-compatible 2014-10-23 16:01:03 +00:00
dmiller
eeb5f41932 Compatibility check for ssl-poodle 2014-10-23 15:16:45 +00:00
dmiller
e9354a4793 Add TLS_FALLBACK_SCSV checking to ssl-poodle 2014-10-22 17:01:19 +00:00
dmiller
db098b4e8d Fix a bug (false-negative) in ssl-poodle 2014-10-22 17:01:17 +00:00
dmiller
fefcca1623 Add ssl-poodle 2014-10-21 14:08:34 +00:00
paulino
92dc4564db Fixes script output 2014-10-19 20:29:10 +00:00
paulino
c372f9823b Adds http-avaya-ipoffice-users.nse to enumerate user information such as extension display name, full name and extension number in Avaya IP Office systems. 2014-10-19 00:58:31 +00:00
paulino
6acfb753c3 Updates script database after the removal of 'db2-discover.nse' 2014-10-18 04:44:26 +00:00
dmiller
917842059b Check TLS body protocol for compatibility in ssl-enum-ciphers 
Haven't seen this, and it shouldn't happen, but it's possible for a
server to send the same protocol version in the record, but a different
one in the body. This wouldn't be valid, so we should reject it.
 2014-10-16 04:07:07 +00:00
dmiller
cdd61aa874 Fix a bug in ssl-enum-ciphers 
If the last chunk of ciphers was rejected, then all results were
discarded.
 2014-10-15 21:52:36 +00:00