PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 19:59:02 +00:00
Code Issues Projects Releases Wiki Activity
10,291 Commits 2 Branches 0 Tags
af4b45947d4a5b07ef67a9968d4da25a2ec71448
Commit Graph

2406 Commits

Author SHA1 Message Date
dmiller
adc213d536 Update hadoop-namenode-info and hadoop-tasktracker-info with XML output 2014-09-04 18:35:19 +00:00
dmiller
92cf943482 Update ms-sql-info with structured output 2014-09-04 02:37:32 +00:00
dmiller
e7e530ccd0 Update hadoop-jobtracker-info with XML output 2014-09-03 22:07:32 +00:00
dmiller
327e0ab4cd Update hbase-master-info with XML output 2014-09-03 22:07:31 +00:00
dmiller
34ea28f869 Update epmd-info 
Added structured output
Simplified building of probe (now just a string)
Added a timeout
 2014-09-03 21:39:33 +00:00
dmiller
1bd3e1e85c Convert snmp-win32-* to XML output 2014-09-03 19:50:03 +00:00
dmiller
5365095c7b Convert netbus-info to XML output 2014-09-03 19:50:00 +00:00
dmiller
40f36a4e3e Some string optimizations in NSE 
Changes fall into these categories:

1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z

2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.

3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
 2014-09-03 04:49:54 +00:00
dmiller
55da3727b6 Fix an error in iax2-version 
The logic:

    byte12 == ("03" or "04")

is the same as:

    byte12 == "03"

so the second comparison was never able to succeed.

Additionally, some expressions were simplified, such as not formatting
numbers into strings in order to compare them.
 2014-09-03 04:49:47 +00:00
sophron
ced66e5b3f [NSE] Refactored get_admin_cookie method in http-adobe-coldfusion-apsa1301. Patch by nnposter. 2014-08-30 15:48:12 +00:00
sophron
17d115d469 [NSE] http-adobe-coldfusion-apsa1301 missed a sanity check. 2014-08-29 16:31:37 +00:00
dmiller
a4d51ff8d6 Handle 'foo=,' case in ntp-info 2014-08-27 19:41:32 +00:00
dmiller
062b780a48 Relax ntp mode 7 key-value parsing 
http://seclists.org/nmap-dev/2014/q3/372
 2014-08-27 02:23:08 +00:00
dmiller
8f609b060d Move lpeg/utility.lua up a directory to fix installation issues 2014-08-25 22:22:15 +00:00
dmiller
c633079123 Use lpeg parsing in ntp-info to handle escape-quoted strings 2014-08-23 20:47:49 +00:00
dmiller
f8917a59a3 Compatibility changes for ntp-info 
http://seclists.org/nmap-dev/2014/q3/222
 2014-08-23 20:47:46 +00:00
batrick
de27812fe4 Revert libssh2 branch, for now. 
$ svn merge -r r33518:r33513 .

and removed added scripts to the script.db.

The branch needs further refinement/testing for Windows and Mac before merging
into the trunk. There is also the latent EOF bug which is giving performance
issues.

Further work on the branch will continue in Devin's latest branch:

/nmap-exp/devin/nmap-libssh2
 2014-08-18 03:12:00 +00:00
paulino
0343eabd69 Updated script.db. 2014-08-18 02:03:24 +00:00
paulino
942151eefd Adds supermicro-ipmi-conf.nse. Nominated for a Pwnie for Best Server-Side Bug at BH. 2014-08-18 01:55:06 +00:00
devin
42c1444e60 Switched to using silent require for libssh2 in ssh-auth-methods 2014-08-14 16:40:48 +00:00
devin
3beac0c854 Fixed categories on ssh-auth-methods 2014-08-14 03:14:50 +00:00
devin
63f997ed28 Merged libssh2-integration branch 2014-08-14 02:09:00 +00:00
dmiller
b8d37a32da Update documentation 2014-08-12 02:38:20 +00:00
dmiller
5395676f2e Handle weird behavior rejecting handshakes with multiple compressors offered 2014-08-12 02:38:19 +00:00
dmiller
1622edabc2 Unify logging with protocol prefix 2014-08-12 02:38:17 +00:00
dmiller
29b614ccca Increase default timeout, but allow discovered timeouts, too. 2014-08-12 02:38:16 +00:00
dmiller
31de5b9b9b Offer ciphers and compressors in the same order every time 2014-08-12 02:38:15 +00:00
dmiller
aadd8d864c Documentation for the cipher ordering feature 2014-08-12 02:38:13 +00:00
dmiller
a61755699f Handle servers which offer ciphers we didn't request 
Code from David.
 2014-08-12 02:38:12 +00:00
dmiller
d538cc81cd Sort ciphers according to server preference, when available 
David's code, adapted to current script.
 2014-08-12 02:38:10 +00:00
dmiller
2df9a5f678 Factor out cipher selection for chunks 
It will be handy later to have a find_ciphers_group function that
doesn't know anything about chunking.
 2014-08-12 02:38:09 +00:00
dmiller
38ab5861d5 Report server's cipher ordering algorithm 
Old code from David, modified to fit the current script.
 2014-08-12 02:38:07 +00:00
claudiu
15692e18c3 Removed print 2014-08-11 23:32:56 +00:00
claudiu
73d69527ab Fix false positive on socket timeout 2014-08-11 23:29:32 +00:00
dmiller
d7d991477a Move http-form-brute docs from @usage to description 2014-08-10 12:34:55 +00:00
jay
b281e0bf1d Get rid of unnecessary spaces at the end of lines 2014-08-09 19:09:06 +00:00
dmiller
a8d34b7635 Prevent address-info from crashing when the IPv6 address is "not interesting" 2014-08-08 14:43:10 +00:00
batrick
d48e21eb3e fix comment 2014-08-03 01:18:57 +00:00
batrick
5fee541da7 typo 2014-08-03 01:18:13 +00:00
batrick
a19c9eb461 stdnse.print_verbose -> stdnse.verbose1 
$ sed -i 's/stdnse.print_verbose( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose\1("\2"/' *.nse
$ sed -i 's/stdnse.print_verbose( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose1("\1"/' *.nse

and some manual corrections.
 2014-08-02 18:32:26 +00:00
batrick
59562d1c50 stdnse.print_debug -> stdnse.debug 2014-08-02 03:46:13 +00:00
batrick
91a106e7d5 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 03:15:44 +00:00
batrick
6e3bde5de5 debug6 -> debug5 2014-08-02 02:56:31 +00:00
batrick
aeb5908481 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 02:54:47 +00:00
batrick
810f7d4803 more stdnse.print_debug -> stdnse.debug 
This is a catchall pattern with a few exclusions.

$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\(.*\))/stdnse.debug\1(\2)/' *.nse
$ sed -i 's/stdnse.print_debug(\(.*\))/stdnse.debug1(\1)/' *.nse

Excluded:
$ svn revert db2-das-info.nse
$ svn revert flume-master-info.nse
$ svn revert http-headers.nse
$ svn revert http-methods.nse
$ svn revert http-unsafe-output-escaping.nse
$ svn revert http-userdir-enum.nse
$ svn revert http-vuln-cve2011-3192.nse
$ svn revert http-vuln-wnr1000-creds.nse
$ svn revert http-wordpress-plugins.nse
$ svn revert telnet-brute.nse
 2014-08-02 02:46:16 +00:00
batrick
5e9a8d0777 more stdnse.print_debug -> stdnse.debug 
This one also fixes format string bugs:

stdnse.print_debug(foo) --> stdnse.debug1("%s", foo)

$ sed -i 's/stdnse.print_debug( *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug1("%s", \1)/' *.nse
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug\1("%s", \2)/' *.nse
 2014-08-02 02:18:48 +00:00
batrick
5d4c5a659c more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:13:12 +00:00
batrick
d47acf9f5e more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:08:12 +00:00
batrick
536075d3af stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug("[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug1("\1"/' *.nse
$ sed -i 's/stdnse.print_debug(\([0-9]*\),\s*"[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug\1("\2"/' *.nse

Except:
  o eap-info.nse
  o oracle-brute.nse

Modified:
  o couchdb-databases.nse
  o couchdb-stats.nse
  o http-open-redirect.nse
 2014-08-01 23:04:55 +00:00
dmiller
d23c46f3ac Remove unnecessary SCRIPT_NAME from stdnse.debug calls 2014-08-01 22:00:04 +00:00