PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-21 23:19:03 +00:00
Code Issues Projects Releases Wiki Activity
9,911 Commits 2 Branches 0 Tags
ba873c28c04ca32c53b050eaebd79a5303e4417c
Commit Graph

9911 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
507f0bc3ee Remove use of __call output_table hack in favor of length (#) 2013-10-18 18:35:07 +00:00
dmiller
34cd23e101 Add xmloutput for ntp-info.nse 2013-10-18 18:35:05 +00:00
dmiller
25a2a184c4 Add __len metamethod for output_table 2013-10-18 18:35:03 +00:00
dmiller
a69a7fb676 Add xmloutput to dns-nsid.nse 2013-10-18 18:35:02 +00:00
dmiller
33a8bc11c4 Add xmloutput to socks-auth-info.nse 2013-10-18 18:34:55 +00:00
dmiller
1b07c5ce54 Add xmloutput to tls-nextprotoneg.nse 2013-10-18 18:34:54 +00:00
dmiller
35dbe4fe37 Add xmloutput to vnc-info.nse 2013-10-18 16:05:48 +00:00
dmiller
95585e4008 Add xmloutput to smbv2-enabled.nse 2013-10-18 16:05:46 +00:00
dmiller
66569165ac Add xmloutput to x11-access.nse 2013-10-18 16:05:45 +00:00
dmiller
8ce3b65272 Add xmloutput to sshv1.nse 2013-10-18 16:05:44 +00:00
fyodor
e243c5e69e Add a task to look into why http://nmap.org/nsedoc/ autogeneration doesn't seem to be working. According to that page, we only have 437 scripts. 2013-10-18 08:27:48 +00:00
patrik
e97a5b9d5a Add http-dlink-backdoor script that detects DLink routers with firmware 
backdoor allowing admin access over HTTP interface.
 2013-10-17 23:41:12 +00:00
dmiller
3945c287e9 Update nbstat.nse to structured XML output 2013-10-17 21:57:48 +00:00
dmiller
1e6db2b22c Make Ndiff install as a Python module as well as script 
Discussion: http://seclists.org/nmap-dev/2013/q4/19
 2013-10-17 19:20:49 +00:00
sophron
a7b0fea687 [NSE] Added an enhancement to ssh-hostkey that makes a comparison with your known-hosts file. http://seclists.org/nmap-dev/2013/q3/587 2013-10-16 18:32:44 +00:00
david
27af1d09df Use 1-indexing for first char of Lua string. 
sub(0, 1) worked, but it's more clear to do sub(1, 1).
 2013-10-14 01:35:44 +00:00
henri
492ca905e2 Rephrased a broken sentence. 
(see the very end of the last sentence of the paragraph).
 2013-10-09 18:46:07 +00:00
henri
f420761f91 Updated my nsock todo list 
Reworked the nsock roadmap according to what my latest tests and (mostly not
convincing) experiments revealed.
 2013-10-09 18:45:59 +00:00
henri
20cf95553b Remove categories 2013-10-09 18:45:52 +00:00
david
fb27ac625f DB cannot be NULL here. 
I checked the history and it doesn't appear that DB was ever passed in
to this function, but always allocated locally.

Found using the STACK tool: http://css.csail.mit.edu/stack/.
 2013-10-08 21:50:47 +00:00
david
5657e7e00b Make test-environment.lua a bit more straightforward. 2013-10-04 22:42:13 +00:00
fyodor
35e118802b Add some fingerprints of problematic keys reportedly belonging to APT1. Contributed by Mariusz Ziulek. http://seclists.org/nmap-dev/2013/q3/638 2013-09-28 03:13:07 +00:00
fyodor
8505a92c17 Note a segfault in Ncat 2013-09-27 21:24:29 +00:00
david
d05d8acd93 Revert r32397, r32398, r32399 (tempnam to mkstemp). 
I had intended the unlink to appy only to unix domain sockets, but it
was being called for every kind of local address.

http://seclists.org/nmap-dev/2013/q3/647
 2013-09-27 15:30:18 +00:00
dmiller
db6f6ea069 s/tempnam/mkstemp/ in error message to reflect actual usage. 2013-09-27 14:43:26 +00:00
david
e18b25bccd Use tempfile in place of tempnam. 
To avoid new GCC warnings about tempnam:
ncat_connect.c:789: warning: the use of `tempnam' is dangerous, better use `mkstemp'

Doing things this way has the same race condition as tempnam did,
because we are unlinking the file before binding it. (The race window is
smaller now.) The file must not exist before binding the Unix socket, or
else you get an "address already in use" error. Unlinking before binding
is the same thing that netcat-openbsd does. See this earlier thread:
http://seclists.org/nmap-dev/2012/q4/336.
 2013-09-26 07:17:08 +00:00
david
e4af8d90d8 Add tempfile function. 2013-09-26 07:17:03 +00:00
dmiller
31bc2847bd Normalize script author fields 
Clean up some typos and differences. Most have been normalized to
whatever form of the name occurred in the largest number of scripts.
Paulino was contacted directly and requested his email be added to all
of his credits.
 2013-09-20 18:56:22 +00:00
fyodor
947682f961 Add a very small todo item 2013-09-19 20:21:04 +00:00
luis
f3d2874021 Add request from Jacek Wielemborek 2013-09-17 20:37:00 +00:00
d33tah
776ca64e28 Fix French man page for Nmap, corrections reported by Antoine MÉRIC. 2013-09-15 20:44:29 +00:00
d33tah
b7a5a6cfc3 Replace some of the rules with per-directory ones. 2013-09-15 20:17:14 +00:00
d33tah
5f7acbb103 Change the comment. 2013-09-15 20:17:08 +00:00
d33tah
8fa61605ba Reorder the checks a bit. 2013-09-15 20:17:03 +00:00
d33tah
800acc5ac1 Change the comment. 2013-09-15 20:16:58 +00:00
d33tah
29d07d7748 Disallow any backslashes. 2013-09-15 15:45:01 +00:00
d33tah
541d49980b Whitespace. 2013-09-15 15:44:56 +00:00
d33tah
f595259310 Replace the current list of checks with a is_valid_path function. 2013-09-15 15:44:51 +00:00
henri
4fd3cc2f10 Allow NSE_TYPE_CONNECT_SSL to be canceled. 
This fixes a really bad bug that seems to have been there for a while. Canceling
a nsock connect SSL operation fails with fatal(). I have never seen it in real
life though.

Added a corresponding unit test.
 2013-09-15 10:52:07 +00:00
d33tah
8654d12050 Update the httpd.lua comment, the "list the directory contents" is irrelevant. 2013-09-12 18:35:42 +00:00
d33tah
2fde134f36 fflush stderr in all messages sent by Ncat. This makes 
it more comfortable to test Ncat under Cygwin, which
doesn't fflush even if the message contains \n.
(At least not in my ssh+screen+zsh combination).
 2013-09-12 14:23:24 +00:00
david
28599f1567 Revert r32301..r32306. 
Committed accidentally.
 2013-09-12 08:20:13 +00:00
david
08e38545a3 Add connect-mode recv() and send() support. 2013-09-12 08:12:25 +00:00
david
bc96871709 Add null.lua, a filter meant for testing supersocket. 2013-09-12 08:12:20 +00:00
david
39fa14d614 Add script loading facilities. 2013-09-12 08:12:16 +00:00
david
8d796f8981 Add ncat_main.c facilities for -L. Currently still with the ugly 
o.script name.
 2013-09-12 08:12:11 +00:00
david
ecd7a45ec2 Restore the dump_stack routine, it's really useful for debugging. 2013-09-12 08:12:07 +00:00
david
42ce2bc9cc Apply my refactoring changes from r31989. 2013-09-12 08:12:03 +00:00
d33tah
ccd0c02a4c Add a lacking space in the license comment. The command I used to do this is: 
for file in `grep "* including the terms and conditions of this license text as well.       \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well.       \*/* including the terms and conditions of this license text as well.        */g" -i $file; done
 2013-09-11 19:06:20 +00:00
d33tah
a0bd430087 Fix path traversal. Dots are escaped by % in Lua, not by \. 2013-09-10 23:42:59 +00:00