PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity
7,179 Commits 2 Branches 0 Tags
b4caa8ea8c624ceb17e742b364389401d459a77c
Commit Graph

1559 Commits

Author SHA1 Message Date
patrik
b4caa8ea8c Added category external to http-icloud* scripts 2012-07-04 07:32:08 +00:00
tomsellers
1db5621470 Patch to address false positive generated when the target's httpd responds with a HTTP 200 for every request. Committing after email exchange with Paulino C. 2012-07-04 02:30:18 +00:00
perdo
e41d4a4e7e Added http-sitemap-generator script which spiders a webserver and displays its directory structure along with number and types of files in each folder. 2012-07-01 09:55:47 +00:00
perdo
9c8bc94c11 Fixed a missing require in http-sql-injection. 2012-07-01 09:48:06 +00:00
perdo
a00b104f43 Modified http-sql-injection to load the error strings to search for from a file. 2012-06-30 12:30:41 +00:00
aca
4030bf6c1a Added metasploit-msgrpc-brute to trunk 2012-06-30 12:02:54 +00:00
kroosec
95f7d0d74a Added firewall-bypass script. 2012-06-30 09:42:12 +00:00
dmiller
5fdc8b5609 Add mcafee-epo-agent.nse version script 
Script to get version and other information from a McAfee (formerly
Network Associates) ePolicy Orchestrator Agent.
http://seclists.org/nmap-dev/2012/q2/870
 2012-06-29 19:18:14 +00:00
kroosec
7ca5589659 sip-brute: Added TCP support. 2012-06-28 09:20:43 +00:00
kroosec
c28ec08836 Added TCP support. Cleaned redundant code. 2012-06-28 09:00:36 +00:00
david
173719e174 --script-updatedb. 2012-06-23 14:08:33 +00:00
perdo
95df6230ca Added forms handling capability to http-sql-injection. Also, modified the output structure a bit and fixed some trailing whitespaces. 2012-06-23 13:51:19 +00:00
perdo
f626ca04f2 Renamed sql-injection.nse to http-sql-injection.nse. 2012-06-23 13:47:48 +00:00
david
b6f66fba81 Fix for http-wordpress-plugins by Daniel Miller. 
http://seclists.org/nmap-dev/2012/q2/887
 2012-06-22 18:58:53 +00:00
aca
e2356ce887 Typo... 2012-06-22 10:57:53 +00:00
kroosec
d6015faec5 Added intensive mode and Naxsi fingerprints to http-waf-fingerprint. 2012-06-20 20:04:08 +00:00
david
360ba052e9 AUTH_UNIX support for rpc.lua. 
http://seclists.org/nmap-dev/2012/q2/54

This patch is from Daniel Miller. He writes:

I've just finished enhancing the nfs-ls, nfs-statfs, and nfs-showmount
scripts so that they can run based on version detection information,
for cases where the portmapper is firewalled. For nfs-ls and
nfs-statfs, this required making a hostrule to check that both a
mountd service and a nfs service were detected. In the process, I
ended up adding the AUTH_UNIX flavor to rpc.lua, since the RFC states
that AUTH_NULL can only be used for the NULL procedure (and my Linux
nfs-kernel-server was enforcing that).

Other minor changes:

* If running privileged, attempt to bind to a reserved port. Many NFS
servers refuse to talk to source ports >1024, as a "security measure"
* handle an odd case in nfs-ls where READDIRPLUS does not return file
attributes. Chose to use all ?'s, but in the future maybe a direct
GETATTR call?
* remove reference to nfs.dirlist argument from nfs-ls doc, since it is unused
 2012-06-20 02:12:58 +00:00
david
bc72a02afa Update http-title @output. 2012-06-19 01:55:15 +00:00
aca
7e47c6507d Added pcanywhere-brute script 2012-06-18 18:16:50 +00:00
aca
5c2db9d06f Few variables were not declared as locals. This fixes it. 2012-06-18 14:44:55 +00:00
kroosec
1bfc65312a Small @usage fix in sip-enum-users. 2012-06-17 22:56:30 +00:00
patrik
fefb5f8445 fixed parsing failure resulting in empty results due to additional whitespace 
issue in regex of http-robtex-shared-ns.nse.
 2012-06-17 18:10:34 +00:00
robert
33e9bf8d7b Updated the hash information in http-php-version to include PHP/5.4.4 and 5.3.14. 2012-06-16 21:41:46 +00:00
patrik
7d01a00cfc bug fix in db2-das-info for error in replacement string; 
invalid use of '%' in replacement string
 2012-06-16 19:58:45 +00:00
aca
8ad2c789b9 Added missing library requirements to dns-nsec3-enum 2012-06-15 23:37:29 +00:00
perdo
b10119bd9f Added http-rfi-spider script that spiders webservers in search of RFI vulnerabilities. 2012-06-15 22:37:33 +00:00
patrik
be0ebe8859 Fixed a bug that would make the smb-system-info script fail, due to a trailing 
zero terminator in the processor count, resulting in a failure to convert the
string to a number.
 2012-06-15 21:43:41 +00:00
patrik
bb359adaa1 Played a round of nse_check_globals and fixed a bunch of reported problems. 2012-06-15 19:32:36 +00:00
patrik
38b26d0ccc fixed a bug in the pop3-capabilities script that would fail parsing the 
response from some servers.
 2012-06-15 18:32:40 +00:00
patrik
a0a50e9f47 Commited a patch to dns-zone-transfer by Dan Miller with a slight change. 
Unhandled records are returned as hex strings, rather than being url escaped;
http://seclists.org/nmap-dev/2012/q2/558
 2012-06-15 14:58:32 +00:00
aca
14e9c1b66d Wrong @usage descriptions fix 2012-06-15 13:24:51 +00:00
aca
2564f0bf03 added Daniel's patch 2012-06-14 17:19:03 +00:00
kroosec
00f48c547f http-waf-fingerprint: small change to ouput syntax. 2012-06-14 11:42:49 +00:00
paulino
36363d904b Adds mysql-vuln-cve2012-2122.nse. This script exploits the authentication bypass vulnerability in Mysql/MariaDB (CVE2012-2122). 2012-06-13 06:12:13 +00:00
david
4e816c82f5 Oracle OVSAgentServer is actually Oracle Virtual Server Agent. 2012-06-13 03:01:58 +00:00
kroosec
461b5d5a9e http-waf-fingerprint: Added credit to wafw00f and w3af in description field. 2012-06-12 23:26:24 +00:00
aca
f747ad8084 removed .exe, added info to Changelog 2012-06-12 20:33:34 +00:00
david
2be8b1832e Comment update in ovs-agent-version.nse. 2012-06-12 14:41:51 +00:00
david
3012e3354b Join up NSEDoc in ganglia-info. 
http://seclists.org/nmap-dev/2012/q2/670
 2012-06-12 14:41:49 +00:00
kroosec
d8ccfa31a6 Added the script http-waf-fingerprint which tries to detect the presence of a web application firewall and its type and version. 2012-06-12 10:41:19 +00:00
patrik
8fdda62255 Added check to p2p-conficker to prevent it from running against ipv6. 2012-06-11 14:38:57 +00:00
perdo
fe5c4c7bad Added http-form-fuzzer script that fuzzes forms it finds on websites. 2012-06-10 23:05:42 +00:00
patrik
71e26189f6 o [NSE] More Windows 7 and Windows 2008 fixes for the smb library and smb-ls 
scripts. [Patrik Karlsson]
 2012-06-10 22:40:02 +00:00
aca
78c48319cf Merged dns-nsec3-enum to trunk 2012-06-09 18:44:46 +00:00
aca
858606f754 Commited http-frontpage-login to main branch 2012-06-09 18:28:50 +00:00
patrik
bbc423734e Fixed bug that would make the script crash with the following error if the 
latitude and longitude for an IP could not be determined:
attempt to concatenate field 'longitude' (a table value)
 2012-06-07 18:08:18 +00:00
fyodor
7b6b1f691c A couple more minor description updates that I forgot to checkin last time 2012-06-07 09:15:39 +00:00
perdo
5ac6c7d64a Fixed errors found by nse_check_globals. 2012-06-06 22:23:02 +00:00
batrick
14dc780226 Applied a patch by John Bond to remove unused script-arg. 2012-06-06 22:15:14 +00:00
patrik
b7f648bcac Fixed a bunch of errors reported by Ron Bowes; 
http://seclists.org/nmap-dev/2012/q2/639
 2012-06-06 22:11:02 +00:00