PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 17:39:03 +00:00
Code Issues Projects Releases Wiki Activity
10,291 Commits 2 Branches 0 Tags
af4b45947d4a5b07ef67a9968d4da25a2ec71448
Commit Graph

1401 Commits

Author SHA1 Message Date
dmiller
4b341c4311 Clarify vnc handshake/login process and correctly send chosen security type 2016-04-04 04:47:37 +00:00
robert
ea7c0bd92b Added SQL Server 2012 SP3 version number and updated SQL Server 2012 SP1 version from the original 4050 release that was pulled and replaced by 4100. 2016-04-02 18:24:39 +00:00
dmiller
56d71fe6df Fix endianness bug making RFB 3.3 not detect auth type 2016-04-02 15:54:32 +00:00
dmiller
6c7655c24f Add Tight VNC auth type 2016-04-02 15:22:30 +00:00
dmiller
3af66a0445 VNC revamp and extension 2016-04-01 22:29:39 +00:00
tomsellers
e2cfda9dc0 Change to smb-os-discovery to enable it to augment SMB version detection. Closes #348 2016-03-31 10:56:29 +00:00
dmiller
81bb435ad9 Add TLS auth support to vnc.lua and vnc-brute 2016-03-28 16:46:32 +00:00
dmiller
f272172721 Negotiate down VNC versions for unknown versions instead of failing 2016-03-28 13:31:24 +00:00
dmiller
23bb9ef5ce Add TLS support for VNC 2016-03-27 15:06:33 +00:00
dmiller
377b52c112 Add STARTTLS for LMTP 2016-03-26 13:42:13 +00:00
dmiller
c8c4da0d6f Check for service name before port number to work on nonstandard ports 2016-03-26 13:42:12 +00:00
dmiller
a8086a222e Fix STARTLS for LDAP on nonstandard ports 2016-03-26 13:42:11 +00:00
dmiller
4db5bf502f Avoid attempting TLS over UDP protocols in sslcert.lua 2016-03-25 14:02:04 +00:00
dmiller
37c3a16a27 Add STARTTLS support for NNTP 2016-03-25 14:02:03 +00:00
dmiller
dc09ef809f Add dh group exchange support to ssh2.lua. Closes #341, Fixes #129 2016-03-21 22:04:42 +00:00
dmiller
2b86ab11dc Allow ssl-* to work with TDS (MS SQL server) 2016-03-19 20:44:33 +00:00
dmiller
ee481851f5 Silence warnings about the new any_af request option 2016-03-16 05:47:57 +00:00
dmiller
c7892e365f Let http.lua functions optionally connect via any address family 
Sometimes (e.g. when using an external API), a script wants to connect
by name to a server and doesn't care whether IPv4 or IPv6 is used. By
passing the "any_af" option, the first resolved address of any address
family will be used, allowing external-category scripts which used to
fail with -6 to succeed.
 2016-03-16 05:07:59 +00:00
dmiller
2db52ae951 Force numeric values to string to avoid assertion in tab.lua. Related #266 2016-03-13 20:29:10 +00:00
dmiller
b5f5690bb0 New default accounts from nnposter. Closes #301 2016-02-14 14:42:18 +00:00
dmiller
c2c86cb9f9 reduce memory reallocs in dhcp.lua (string building, static tables) 2016-02-12 05:42:19 +00:00
dmiller
4a85f18938 Add TFTP/PXE-related DHCP options. patch by Mike Rykowski 2016-02-11 23:50:47 +00:00
dmiller
ab1e474475 Document an unknown field in ConnectionRequest for RDP 2016-02-05 22:53:43 +00:00
dmiller
a7502f54e2 Add STARTTLS support for Postgresql 2016-02-03 20:09:24 +00:00
dmiller
0816975261 Factor out some common code in sslcert.lua 2016-02-03 20:09:23 +00:00
dmiller
97163a3052 Fingerprint for WebSphere console by Vlatko Kosturjak 2016-01-14 21:08:28 +00:00
dmiller
43dedd7b0e Extract optional OS version info from NTLM challenge message 2016-01-07 20:43:19 +00:00
dmiller
68599ce140 Solve "unexpected signature" message in SMB extended session setup (NTLM type 2 message only sent once) 2016-01-07 20:33:10 +00:00
dmiller
bb507ac7bf Add RomPager CVE-2014-4019 check to http-fingerprints 2016-01-06 20:47:06 +00:00
dmiller
f405d71296 Avoid a script crash when pppoe.Comm.recv returns failure without error message 2016-01-04 16:48:08 +00:00
dmiller
74bd78267a http cookie and form parsing updates 
1. getattr now decodes html entities in attributes (useful for & in href
   attributes, for instance)
2. Cookie validation allows max-age, httponly, and secure attributes
3. Use table concatenation instead of repeated string concatenation to build
   cookie string.
 2015-12-31 15:50:25 +00:00
dmiller
5243f4f049 Alter output formatting of multicast.lua 2015-12-19 17:47:15 +00:00
dmiller
a11db08325 Every ipOps function validates IP addresses, so no need to do it explicitly 2015-12-19 15:25:43 +00:00
dmiller
0f99596555 Fix a few bugs in targets-ipv6-multicast-mld. http://seclists.org/nmap-dev/2015/q2/250 2015-12-16 17:07:40 +00:00
tomsellers
58f00324eb NSE: Prevent http.identify_404 from following HTTP redirects, standardize calls to it. Closes #251 2015-12-05 10:16:51 +00:00
dmiller
8d418d4962 Document some script args in NSEdoc 2015-11-22 13:58:21 +00:00
dmiller
e83078fdcc Fix stun mode parameter, NSEdoc 
The value for the mode parameter passed to Helper.new was always
overridden by either the stun.mode script-arg or "modern". Now, the
script-supplied option is used, falling back to the script-arg or
modern if neither is present. Also documented the script-arg.
 2015-11-22 13:58:20 +00:00
dmiller
2eca808281 Add NSEdoc stub for lpeg library 2015-11-17 04:58:56 +00:00
dmiller
5c425fa6fd Add Miller-Rabin primality tests to NSE. Closes #190 2015-11-11 21:19:06 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
521226cd63 Fix a bug with declaring parse_set_cookie local twice 2015-11-04 03:57:17 +00:00
dmiller
7f5a75ce5c Fix a few NSEdoc issues 2015-11-02 16:02:51 +00:00
dmiller
5e2bb7ad86 Fix parsing of Set-Cookie headers. Closes #229 2015-11-02 16:02:50 +00:00
dmiller
bbee119188 Support fragmented TLS records. Closes #194 2015-10-29 22:18:32 +00:00
dmiller
a9320c57eb Add a few http services to shortport.http 2015-10-19 15:57:08 +00:00
dmiller
0146739b87 Fix http.get_url with https. http://seclists.org/nmap-dev/2015/q3/336 2015-09-21 19:05:38 +00:00
dmiller
9840973b60 Fix format string argument mismatches 
Cases where the format string does not contain any placeholders, but
values are given anyway. Cases where string.format is used without any
placeholders or arguments.
 2015-09-18 12:40:32 +00:00
dmiller
a954950b5a Remove some unneeded local declarations of loop variables 2015-09-18 12:40:30 +00:00
dmiller
6752546ef5 Fixes #212 http.get_url with https 2015-09-18 03:54:59 +00:00
dmiller
ddc5762ca9 Fix reporting of DH and ECDH param sizes 
Finite-field (traditional) DH parameter strength should be reported in
bits. ECDH key strength is the size (log base 2) of the order of the
base point G (see NIST SP 800-57 rev 3 section 5.6.1)
 2015-09-16 04:51:49 +00:00