PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity
9,170 Commits 2 Branches 0 Tags
b7485a6e7f797841a13384056c9a247bbf140a44
Commit Graph

2052 Commits

Author SHA1 Message Date
dmiller
7eb678a893 Move NSEdoc for unittest.run to unittest.nse 
This prevents unittest.run from being included in the Script Arguments
section of every script that includes a unittest-compatible library.
 2014-07-31 18:06:14 +00:00
dmiller
775ca4463f Add @usage to fcrdns.nse 2014-07-31 14:42:37 +00:00
dmiller
21ab5d78bd New NSE script: fcrdns 
Performs Forward-confirmed reverse DNS lookup of the target, a.k.a.
Full-circle reverse DNS, double-reverse DNS, or iprev.
 2014-07-31 05:34:19 +00:00
devin
e441e2a81d Applied Fabian Affolter's patch to make generator entry more generic 2014-07-30 22:16:32 +00:00
jay
42510e649d Update scripts/script.db 2014-07-30 07:16:52 +00:00
jay
d93a78f502 Make version scripts (with non shortport portrules) obey nmap.version_intensity() >= 7 2014-07-30 07:12:50 +00:00
jay
61d13e12d2 Make version intensity scripts use shortport.version_port_or_service() instead of shortport.port_or_service() 2014-07-30 07:10:35 +00:00
paulino
95f897fffb Updates category to 'intrusive'. 2014-07-30 03:49:26 +00:00
paulino
1cc4d246b9 Adds mikrotik-routeros-brute.nse. This script performs brute force password auditing against the Mikrotik RouterOS API. 2014-07-30 03:48:03 +00:00
dmiller
51a633ac3c NSE: Add TLS_RSA_WITH_3DES_EDE_CBC_SHA to default ciphers 
As noted (http://seclists.org/nmap-dev/2014/q3/121), some versions of
Windows require a KB before supporting AES, so add a 3DES option.
 2014-07-23 01:52:41 +00:00
dmiller
453f655f89 Add mandatory cipher suite to appropriate scripts 
The TLS standard (TLS 1.2, but also probably the others) states:

> In the absence of an application profile standard specifying
> otherwise, a TLS-compliant application MUST implement the cipher
> suite TLS_RSA_WITH_AES_128_CBC_SHA

This was causing some problems with some implementations (See
http://seclists.org/nmap-dev/2014/q3/119)
 2014-07-22 22:20:34 +00:00
batrick
4d131d2217 Fix a pattern mixup. 
\ --> /

found by klaudiu@freenode.

I added some short test asserts to confirm the pattern works.
 2014-07-07 17:36:17 +00:00
dmiller
9ac14c97df Fix some globals and name mismatches in telnet-brute 2014-07-07 17:15:13 +00:00
devin
7dbf13ab3e Modified http-affiliate-id to follow amzn.to tinyurls. 2014-06-30 19:00:14 +00:00
devin
d68396d823 Merged Lpeg branch 2014-06-26 20:12:54 +00:00
claudiu
39def56cde Fix false positives with SSL/TLS implementations that are not OpenSSL 2014-06-20 10:20:24 +00:00
dmiller
ec9074f718 Correct "it's" to "its" where necessary 
it's = it is
its = belonging to it
 2014-06-19 04:58:46 +00:00
dmiller
e69325c0f8 Add s7-info script, for more SCADA/ICS enumeration 2014-06-18 02:53:29 +00:00
dmiller
8f6cd9ccc5 Restore STARTTLS support in ssl-ccs-injection 2014-06-12 12:28:08 +00:00
claudiu
2eaf0f83cc New script detecting CCS Injection vulnerability in OpenSSL 2014-06-11 13:43:28 +00:00
patrik
0b0109d4af commit 7dae4affc23f9fd70e916bc461e45eafe4bcf99a 
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Thu May 29 21:33:18 2014 -0400

    fix to detect non ASA devices and unsupported versions
 2014-05-30 01:46:59 +00:00
devin
5e6c9d5f78 NSE enhanced output patch 2014-05-29 03:22:59 +00:00
dmiller
415e2671ab New NSE script for SCADA/ICS, bacnet-info 2014-05-28 13:54:05 +00:00
devin
53ca0c01dd Added checks to prevent scripts from indexing a nill value when 
scanning localhost.
 2014-05-28 02:29:31 +00:00
patrik
c950dcb154 Squashed commit of the following: 
commit a78b6142449b71ccd1cd7061b5363f6882b2e00b
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:19:22 2014 -0400

    fix indentation

commit 5e61eba30f98343fb172687bd377acae6cb9e242
Merge: d446fa7 9696dd5
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:50 2014 -0400

    Merge branch 'master' into anyconnect

commit d446fa76181d97287604b48719dd3f714987b775
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:09 2014 -0400

    Update CHANGELOG

commit 1590b8a8598bfd06c767c31312dc56c8e306c556
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:13:27 2014 -0400

    update script.db

commit 93eb927e21d3e3702da36668628b70c42f14f0db
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:09:51 2014 -0400

    update anyconnect library to better capture version
    add missing libraries http-cisco-anyconnect.nse
    add new scripts to detect vulnerabilities cve2014-2126 through 2129

commit 92fecad07d340e60abbe502a4541d6e4f71af224
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sat May 24 09:09:14 2014 -0400

    initial commit
 2014-05-26 01:28:38 +00:00
dmiller
ed22166b3f Add enip-info NSE script for EtherNet/IP 
A contribution from the folks at Digital Bond
(http://www.digitalbond.com/), part of their Redpoint Project
(https://github.com/digitalbond/Redpoint/).
 2014-05-22 18:25:09 +00:00
dmiller
ba5f207d94 Fix NSEdoc generation problems due to block ordering 
Reported here: http://seclists.org/nmap-dev/2014/q2/258

Complicated parsing issue, but short version is this: The NSEdoc for
scripts must not be followed by a local declaration, or it will not be
accepted. Easiest way is to be sure the block with @usage, @output,
@args, @xmloutput, etc. comes right before the author line.
 2014-05-21 19:06:50 +00:00
dmiller
974b4430e2 Pass dates directly to format_timestamp, avoid timestamp overflow 
Should fix: http://seclists.org/nmap-dev/2014/q2/184
 2014-05-21 15:04:13 +00:00
sophron
2f30c8f9db [NSE] Corrected file name for framework fingerprints. 2014-05-11 11:35:54 +00:00
robert
3beb66bfaa Updated script.db to include new and renamed scripts. 2014-05-04 15:49:21 +00:00
robert
02e00968f6 Added Paul Amar's NSE script that exploits a vulnerability in Netgear WNR1000v3 allowing credentials to be obtained. Note, it doesn't currently add the credentials to the creds database. 2014-05-04 15:43:30 +00:00
robert
926f3f7375 Tweaked the disclosure date in http-vuln-cve2012-1823 for consistency with other scripts that make use of the vulnerability library. 2014-05-04 15:13:57 +00:00
robert
32930ef6e6 Renamed the Zimbra LFI script to use the assigned CVE (and updated example output/usage). 2014-05-04 15:11:23 +00:00
robert
17ef614c49 Added Paul Amar's Webmin File Disclosure NSE script (CVE-2006-3392). 2014-05-04 15:00:06 +00:00
sophron
a64a785d79 [NSE] http-passwd should also send the payloads without appending NULL bytes. There are cases, (for example in PHP => 5.3.4) that include functions do not accept paths with NULL in them, hence all of the script's payloads would fail even if the app was vulnerable. 2014-05-02 12:49:40 +00:00
tomsellers
4e572fadb2 Change http-default-accounts.nse from safe to intrusive as it attempts to login to the target. 2014-04-27 12:33:10 +00:00
jah
c4fc2529a8 Update the way queries to ARIN are formed: from "+ <IP>" to "n + <IP>". 
Update CHANGELOG with recent improvements to whois-ip.nse.
 2014-04-21 14:20:36 +00:00
jah
338dca4cff Add a pattern for a "no match found" type of response from LACNIC. 2014-04-21 14:03:57 +00:00
jah
c47fff6fc2 Fix a problem which happens when a referred-to response cannot be understood, causing an unhandled error. 2014-04-21 13:59:46 +00:00
jah
0623907188 Fix some indentation which went awry in r32677 and r32704 and some which has always been less than ideal. 2014-04-21 13:22:12 +00:00
fyodor
2fb139161f Update categories of dns-update from discovery and safe to vuln and intrusive 2014-04-19 07:50:38 +00:00
patrik
91e1d21cc1 add nil checks to address bug discovered by Mike 
http://seclists.org/nmap-dev/2014/q2/120
 2014-04-17 01:00:01 +00:00
dmiller
a343ea24cd Extend ssl-heartbleed to use every TLS cipher, prevent false negatives 2014-04-14 19:42:59 +00:00
patrik
3dbe66e9be Change heartbeat request size from 0x0fe9 to 0x4000 2014-04-12 21:31:08 +00:00
dmiller
7170837c8b Add @usage nsedoc to UDP scripts (default is missing -sU in this case) 2014-04-11 16:42:26 +00:00
dmiller
b3b0bf2389 Handle multiple messages in a single record (ssl-heartbleed) 2014-04-10 20:53:14 +00:00
dmiller
353291aeba Remove hardcoded TLSv1.1 from heartbeat message build 2014-04-10 20:53:12 +00:00
dmiller
3fd18f7752 Use tls.lua functions to build messages in ssl-heartbleed 2014-04-10 15:14:14 +00:00
dmiller
e8d81eb8b4 Alert on missing tls library, better diagnostics for not-vulnerable sites 2014-04-10 15:14:10 +00:00
dmiller
80ea0d5f10 Don't try ssl-heartbleed on protocol mismatch 2014-04-09 21:54:27 +00:00