PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-20 22:49:01 +00:00
Code Issues Projects Releases Wiki Activity
10,291 Commits 2 Branches 0 Tags
af4b45947d4a5b07ef67a9968d4da25a2ec71448
Commit Graph

10291 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
63ad40fb74 Fix a bug in creds.lua, comparing creds without users 
When creds.lua is used without usernames (like in snmp-brute.nse), the
credentials could not be sorted because they are sorted first by
username, which is nil and cannot be compared. Now the script first
checks that both values are non-nil (and true) before comparing them.
 2015-05-26 03:40:09 +00:00
dmiller
0f602cbd38 Fix address detection on Solaris. Fixes #124 2015-05-23 13:22:29 +00:00
gyani
3d56f12042 Added http-vuln-cve2015-1427 to CHANGELOG 2015-05-22 12:47:15 +00:00
paulino
97bbb0f4fa Adds http-vuln-cve2015-1635 to detect Microsoft Windows systems vulnerable to MS15-034 2015-05-22 04:23:50 +00:00
gyani
48f9ac26b5 fixed doccumentation indentation 2015-05-21 15:54:23 +00:00
gyani
e60b65b016 fixed doccumentation 2015-05-21 15:42:58 +00:00
gyani
6a4c2ab7e5 A script to check RCE in Elastic Search 2015-05-21 10:02:56 +00:00
dmiller
81d7937876 Update Ncat's root certificate store. Closes #14 2015-05-21 02:15:56 +00:00
dmiller
251e1da42b Add missing CPEs for o// templates 2015-05-20 22:09:21 +00:00
dmiller
318e929794 Finish service submissions through 2/17 (closes #25) 2015-05-20 20:53:02 +00:00
dmiller
9c04123ad5 Remove some http headers that http.lua sets already. 2015-05-19 19:11:18 +00:00
fyodor
ec120db54f Update the gpg --fingerprint output to show my old email address (since that is what users will actually see). I think it was changed in a big search-and-replace some years ago. 2015-05-16 01:15:53 +00:00
dmiller
258c861c03 Process 200-ish service fingerprints 2015-05-15 21:48:31 +00:00
dmiller
5a8a4a63ba Standardize capitalization of TP-LINK in nmap-os-db 2015-05-15 21:46:44 +00:00
dmiller
6a8f12e165 Prevent NSE from connecting to the wrong AF: http://seclists.org/nmap-dev/2012/q3/871 2015-05-15 19:35:18 +00:00
dmiller
9781830ece Check for system files and directory traversal in tftp-enum.nse 2015-05-15 19:35:17 +00:00
dmiller
cfac127194 Mark a service as tftp if tftp-enum says it is 2015-05-15 19:35:15 +00:00
jah
d6ff72d9a3 Change sslstrip service probe match to softmatch. 
SSLStrip is not the only service to respond to the GenericLines probe
with the "HTTP 400 Bad Request" match: TwistedWeb and at least one
home router does too.  The softmatch will allow these other services
to be queried by more specific probes.

It would obviously be better to find a better way of matching SSLStrip
and this softmatch may yet be deleted if it causes services to be
erroneously labelled as sslstrip where there is no better match.

See thread at http://seclists.org/nmap-dev/2014/q1/337
 2015-05-14 15:17:33 +00:00
paulino
ed9e9eb154 Fixes broken URL. Updates http://nmap.org/install to https://nmap.org/book/install.html 2015-05-11 01:44:13 +00:00
dmiller
246c4ab9f8 Process 224 more service fingerprints 2015-05-09 04:03:15 +00:00
dmiller
7572f3a5bb Process 515 service fingerprints 2015-05-05 03:04:42 +00:00
dmiller
052ac7d0e9 Some OS group corrections and tweaks (IPv6) 2015-05-02 13:37:15 +00:00
dmiller
e658387ff4 More robustly handle asymmetric routes in IPv6 OS detection 
The HLIM feature was miscategorizing probes where the route from the
target was shorter than the route to the target. This would result, e.g.
in a distance calculation of 9 and a received hop limit of 57. Adding
the distance to the hop limit remaining gave a guessed initial hop limit
of 66, which would exceed the "64" category. In IPv4 fingerprints, we
put the TG test (initial TTL guess) as a range of 5 up or down from the
expected number to allow for this and other interference. This patch
does the same for IPv6.
 2015-05-02 13:25:49 +00:00
dmiller
daf8c58a79 Fix snmp-brute output 2015-05-02 13:25:47 +00:00
fyodor
aa840a1b8c Updated Italian refguide translation by Andrea Pizzarotti 2015-05-02 05:20:14 +00:00
dmiller
4bbef7d69b Update libpcap to 1.7.3, partially addressing #34 2015-05-01 20:24:47 +00:00
dmiller
d8c13c49e1 Fix a typo in nmap-os-db, Yosemite is OS X 10.10, not 10.9 2015-05-01 20:06:05 +00:00
henri
0877bf8e7f afp-ls: prevent script from stopping when an error occurs 
Patch by Pierre LALET <pierre.lalet@cea.fr>
 2015-04-30 17:58:49 +00:00
henri
9dafb0fa05 smb-ls: do not report connection errors by default 
Patch by Pierre LALET <pierre.lalet@cea.fr>
 2015-04-30 17:58:34 +00:00
henri
4d0e7c9000 Script smb-ls can now use results from smb-enum-shares 
- smb-ls parameter `path` is now optional (defaults to '\').

  - smb-ls parameter `maxdepth` now defaults to 1 (no recursion)
    instead of 0 (infinite recursion).

  - smb-ls has a new `shares` parameter to specify a comma-separated
    list of shares to browse.

  - smb-enum-shares adds found shares to an array in the host
    registry, and smb-ls uses this array when no `share` or `shares`
    parameter have been specified.

Patch by Pierre LALET <pierre.lalet@cea.fr>
 2015-04-30 17:58:19 +00:00
henri
b1d6bcd9be nselib/smb: fix find_files function (next_item coroutine) 
Patch by Pierre LALET <pierre.lalet@cea.fr>
 2015-04-30 17:58:13 +00:00
dmiller
1704d93482 Integrate IPv6 OS submissions through 2015-04-27 2015-04-29 03:51:42 +00:00
dmiller
fce840446d Fix --enable-packet-ring config option for libpcap, was impossible to enable 2015-04-28 13:18:22 +00:00
dmiller
c8db85bc4a Fix some documentation about comm.lua timeouts 2015-04-28 13:18:21 +00:00
dmiller
2b2411e2ec Allow http-server-header to softmatch http even without a server header 2015-04-28 13:18:19 +00:00
dmiller
7e51e04963 Have travis notify IRC when build fails 2015-04-17 19:34:06 +00:00
dmiller
a25ea8806c Reverting r34420, uninitialized integer segfault 2015-04-17 18:59:06 +00:00
dmiller
1033287ccd Fix unpwdb.filter_iterator (http://seclists.org/nmap-dev/2015/q2/44) 2015-04-17 03:26:58 +00:00
paulino
4a95d8f9b2 Removes duplicate credential structure in favor of NSE library creds. Patch submitted by nnposter fixes #58 2015-04-16 18:51:45 +00:00
paulino
80a14ef0f6 Prints a friendly error message when --resume is used with other options. Fixes #84 2015-04-16 16:20:18 +00:00
fyodor
7ebabd4dbe Just broaden the Linux version supported by this fingerprint slightly 2015-04-16 06:04:30 +00:00
paulino
fba4bc85c6 Make the library vulns use HTTPS by default when generating CVE links. 2015-04-15 20:29:47 +00:00
dmiller
052fc14e02 Process IPv4 OS corrections 2015-04-15 12:53:36 +00:00
dmiller
54543b303c Clean up some documentation regarding http redirects 2015-04-10 12:56:05 +00:00
dmiller
fcd93e141f Use http.lua's default redirect follower for http-generator.nse 2015-04-10 03:42:46 +00:00
dmiller
2e55f5d3b8 Allow redirect_ok to be a number of redirects to follow (http.lua) 2015-04-10 03:42:44 +00:00
dmiller
6b26490496 Simplify error statement regarding IPv6-incompatible features (note OS detection is now supported!) 2015-04-09 15:55:45 +00:00
dmiller
b87d343443 Fix X509 cert date parsing for dates after 2049. 
Reported by Teppo Turtiainen: http://seclists.org/nmap-dev/2015/q2/29

GeneralizedTime strings are 15 bytes (14 chars of date + 'Z'), not 14.
 2015-04-09 13:07:34 +00:00
dmiller
bc9a8452e0 Last 180 fingerprint submissions from February 2015 2015-04-09 02:56:06 +00:00
paulino
d76dd6b5b8 Fixes typo in author's name 2015-04-08 20:04:58 +00:00