PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 12:19:02 +00:00
Code Issues Projects Releases Wiki Activity
9,063 Commits 2 Branches 0 Tags
b6a994ea401ceaeee35afe6f18a35d2d9141888c
Commit Graph

2032 Commits

Author SHA1 Message Date
patrik
0b0109d4af commit 7dae4affc23f9fd70e916bc461e45eafe4bcf99a 
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Thu May 29 21:33:18 2014 -0400

    fix to detect non ASA devices and unsupported versions
 2014-05-30 01:46:59 +00:00
devin
5e6c9d5f78 NSE enhanced output patch 2014-05-29 03:22:59 +00:00
dmiller
415e2671ab New NSE script for SCADA/ICS, bacnet-info 2014-05-28 13:54:05 +00:00
devin
53ca0c01dd Added checks to prevent scripts from indexing a nill value when 
scanning localhost.
 2014-05-28 02:29:31 +00:00
patrik
c950dcb154 Squashed commit of the following: 
commit a78b6142449b71ccd1cd7061b5363f6882b2e00b
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:19:22 2014 -0400

    fix indentation

commit 5e61eba30f98343fb172687bd377acae6cb9e242
Merge: d446fa7 9696dd5
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:50 2014 -0400

    Merge branch 'master' into anyconnect

commit d446fa76181d97287604b48719dd3f714987b775
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:09 2014 -0400

    Update CHANGELOG

commit 1590b8a8598bfd06c767c31312dc56c8e306c556
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:13:27 2014 -0400

    update script.db

commit 93eb927e21d3e3702da36668628b70c42f14f0db
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:09:51 2014 -0400

    update anyconnect library to better capture version
    add missing libraries http-cisco-anyconnect.nse
    add new scripts to detect vulnerabilities cve2014-2126 through 2129

commit 92fecad07d340e60abbe502a4541d6e4f71af224
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sat May 24 09:09:14 2014 -0400

    initial commit
 2014-05-26 01:28:38 +00:00
dmiller
ed22166b3f Add enip-info NSE script for EtherNet/IP 
A contribution from the folks at Digital Bond
(http://www.digitalbond.com/), part of their Redpoint Project
(https://github.com/digitalbond/Redpoint/).
 2014-05-22 18:25:09 +00:00
dmiller
ba5f207d94 Fix NSEdoc generation problems due to block ordering 
Reported here: http://seclists.org/nmap-dev/2014/q2/258

Complicated parsing issue, but short version is this: The NSEdoc for
scripts must not be followed by a local declaration, or it will not be
accepted. Easiest way is to be sure the block with @usage, @output,
@args, @xmloutput, etc. comes right before the author line.
 2014-05-21 19:06:50 +00:00
dmiller
974b4430e2 Pass dates directly to format_timestamp, avoid timestamp overflow 
Should fix: http://seclists.org/nmap-dev/2014/q2/184
 2014-05-21 15:04:13 +00:00
sophron
2f30c8f9db [NSE] Corrected file name for framework fingerprints. 2014-05-11 11:35:54 +00:00
robert
3beb66bfaa Updated script.db to include new and renamed scripts. 2014-05-04 15:49:21 +00:00
robert
02e00968f6 Added Paul Amar's NSE script that exploits a vulnerability in Netgear WNR1000v3 allowing credentials to be obtained. Note, it doesn't currently add the credentials to the creds database. 2014-05-04 15:43:30 +00:00
robert
926f3f7375 Tweaked the disclosure date in http-vuln-cve2012-1823 for consistency with other scripts that make use of the vulnerability library. 2014-05-04 15:13:57 +00:00
robert
32930ef6e6 Renamed the Zimbra LFI script to use the assigned CVE (and updated example output/usage). 2014-05-04 15:11:23 +00:00
robert
17ef614c49 Added Paul Amar's Webmin File Disclosure NSE script (CVE-2006-3392). 2014-05-04 15:00:06 +00:00
sophron
a64a785d79 [NSE] http-passwd should also send the payloads without appending NULL bytes. There are cases, (for example in PHP => 5.3.4) that include functions do not accept paths with NULL in them, hence all of the script's payloads would fail even if the app was vulnerable. 2014-05-02 12:49:40 +00:00
tomsellers
4e572fadb2 Change http-default-accounts.nse from safe to intrusive as it attempts to login to the target. 2014-04-27 12:33:10 +00:00
jah
c4fc2529a8 Update the way queries to ARIN are formed: from "+ <IP>" to "n + <IP>". 
Update CHANGELOG with recent improvements to whois-ip.nse.
 2014-04-21 14:20:36 +00:00
jah
338dca4cff Add a pattern for a "no match found" type of response from LACNIC. 2014-04-21 14:03:57 +00:00
jah
c47fff6fc2 Fix a problem which happens when a referred-to response cannot be understood, causing an unhandled error. 2014-04-21 13:59:46 +00:00
jah
0623907188 Fix some indentation which went awry in r32677 and r32704 and some which has always been less than ideal. 2014-04-21 13:22:12 +00:00
fyodor
2fb139161f Update categories of dns-update from discovery and safe to vuln and intrusive 2014-04-19 07:50:38 +00:00
patrik
91e1d21cc1 add nil checks to address bug discovered by Mike 
http://seclists.org/nmap-dev/2014/q2/120
 2014-04-17 01:00:01 +00:00
dmiller
a343ea24cd Extend ssl-heartbleed to use every TLS cipher, prevent false negatives 2014-04-14 19:42:59 +00:00
patrik
3dbe66e9be Change heartbeat request size from 0x0fe9 to 0x4000 2014-04-12 21:31:08 +00:00
dmiller
7170837c8b Add @usage nsedoc to UDP scripts (default is missing -sU in this case) 2014-04-11 16:42:26 +00:00
dmiller
b3b0bf2389 Handle multiple messages in a single record (ssl-heartbleed) 2014-04-10 20:53:14 +00:00
dmiller
353291aeba Remove hardcoded TLSv1.1 from heartbeat message build 2014-04-10 20:53:12 +00:00
dmiller
3fd18f7752 Use tls.lua functions to build messages in ssl-heartbleed 2014-04-10 15:14:14 +00:00
dmiller
e8d81eb8b4 Alert on missing tls library, better diagnostics for not-vulnerable sites 2014-04-10 15:14:10 +00:00
dmiller
80ea0d5f10 Don't try ssl-heartbleed on protocol mismatch 2014-04-09 21:54:27 +00:00
dmiller
233b1fca71 STARTTLS support for ssl-enum-ciphers 2014-04-09 18:02:01 +00:00
dmiller
c69afa24aa Enable ssl-heartbleed to connect to STARTTLS services 2014-04-09 17:34:39 +00:00
dmiller
d1a86b7f57 Remove unnecessary pcall and unsupported SSL 3.0 from ssl-heartbleed 2014-04-09 16:49:18 +00:00
patrik
c0078965e9 add TLS 1.0, 1.1 and 1.2 support and some error checking 2014-04-09 16:16:22 +00:00
dmiller
e38d9618a3 Adjust heartbleed payload size to minimum required to trigger 2014-04-09 15:58:09 +00:00
dmiller
cd0ed4ff7f Expand the binary blobs in ssl-hearbleed to allow tweaking 2014-04-09 14:37:35 +00:00
dmiller
9b93706cf3 Whitespace/indentation fixes for ssl-heartbleed 2014-04-09 13:51:57 +00:00
dmiller
f07e623835 Fix some globals in ssl-heartbleed.nse 2014-04-09 13:51:55 +00:00
patrik
20eb77d6d2 o [NSE] Add ssl-heartbleed script to detect the Heartbleed bug in OpenSSL 
CVE-2014-0160 [Patrik Karlsson]
 2014-04-09 01:49:29 +00:00
dmiller
413bbf6e96 Revert r32789 in favor of lib-level fixes 
nmap.new_try() shouldn't be used in libraries. It results in Lua errors
being thrown that the script can't recover from without resorting to
pcall(). It has been replaced in proxy.lua with proper error handling
which did not require any changes to the scripts (http-open-proxy and
socks-open-proxy) that used it.
 2014-04-07 18:10:10 +00:00
dmiller
1332949c3d Fix bug in socks-open-proxy, TIMEOUT or EOF when SOCKS5 not supported 2014-04-04 21:46:21 +00:00
dmiller
64ef503f5b Remove debug leftover from ssl-enum-ciphers 2014-03-31 14:35:50 +00:00
fyodor
8661c8a519 Improved ntp-info script to handle underscores in returned data. [nnposter] 2014-03-27 05:49:14 +00:00
dmiller
2d06ecf73c Fix NSEdoc generation problem 
@field tag names in NSEdoc must be valid identifiers, so they cannot
contain "-". As a general rule, anything that needs to be quoted like
this: mytable["field-name"] is invalid. In this case, the ajp library
had a field called "status-line", which caused NSEdoc generation to fail
when it was finally documented. This change renames it to "status_line",
which should fix the issue.
 2014-03-07 23:14:55 +00:00
dmiller
fa391e1b02 New quake1-info script from Ulrik Haugen 
Also added a version probe and match line.
http://seclists.org/nmap-dev/2014/q1/210
 2014-03-07 17:28:40 +00:00
dmiller
c6d4febb46 Let lltd-discovery use unicode.lua 2014-03-06 20:29:23 +00:00
dmiller
88146749f6 Add unittest.testing() to make test building conditional 2014-03-06 17:15:05 +00:00
dmiller
ddcfa8cc90 Spellcheck: common misspellings in the entire source tree 2014-02-21 21:10:51 +00:00
dmiller
8e06cf53d4 http-default-accounts should return nil, not false, on failure 2014-02-20 22:10:15 +00:00
dmiller
065aa78596 Fix a crash in http-xssed when scanning an IP addr or range 
http-xssed unconditionally used host.targetname, which is only set when
the target is specified as a name, not an IP address or range. Now we
prefer the targetname, but fall back to the reverse-dns name, and
finally to the IP address. Perhaps we should be more strict, if
xssed.com only allows domain names, for instance?
 2014-02-20 21:37:05 +00:00