PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-02 12:59:02 +00:00
Code Issues Projects Releases Wiki Activity
4,432 Commits 2 Branches 0 Tags
bdec4ae9015186366ddc2bb1b42406bf6cbb7350
Commit Graph

4432 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
bdec4ae901 Change the error message referring to SOCK_PACKET on Linux so it refers to 
PACKET instead. That appears to be the current option name as reported by Colin
Beckingham. I checked just now with "make menuconfig" in 2.6.34.1.
 2010-08-17 17:17:44 +00:00
djalal
9849be68a9 Use the new get_script_args() function to parse script arguments and clean some whitespaces. 2010-08-17 01:58:47 +00:00
fyodor
e52e6935d6 Add the nse broadcast socket support idea discussed on nmap-dev 2010-08-16 23:35:59 +00:00
djalal
f3e08e85a0 Merge r19753,r19755,r19756,r19776,r19783 changes from nmap-exp/djalal/nmap-add-targets. The changes introduce a new stdnse function 'get_script_args()' to parse script arguments. 2010-08-16 22:06:49 +00:00
david
3c89e089fc Change calls in these forms: 
socket:connect(host.ip, port.number)
socket:connect(host.ip, port.number, port.protocol)

to this:

socket:connect(host, port)

connect can take host and port tables now, and the default protocol is
taken from the port table if possible.
 2010-08-16 18:59:30 +00:00
david
bfffa53616 When nmap.connect gets a port table, let port.protocol be the default 
protocol (instead of always "tcp"). You can still override it by
providing an explicit protocol after the table.
 2010-08-16 18:09:04 +00:00
david
abbe5324bd Pass host and port tables instead of host.ip and port.number in http.lua 
and comm.lua.
 2010-08-16 17:41:57 +00:00
david
0e3c861ea0 Let nmap.connect take a host table and port table in place of a string 
and an integer. This is going to be used to easily support Server Name
Indication for SSL connections.
 2010-08-16 17:35:20 +00:00
david
a314b5b7d7 Don't print unknown hashes in http-php-version.nse unless high verbosity 
is used, otherwise you get hashes printed for sites that don't even use
PHP. Patch by Ange Gutek.
 2010-08-16 16:09:56 +00:00
david
230f5d662b Add reference links to wdb-version.nse. 2010-08-16 15:57:36 +00:00
david
12e699e001 Change the portrule of wdb-version to use port number 17185 instead of 
0x54321. 0x54321 worked, probably due to integer truncation somewhere.
 2010-08-16 14:40:59 +00:00
david
dbd99b59f6 Add the wdb-version script from Daniel Miller. 2010-08-16 14:39:13 +00:00
fyodor
c2a038bbfb Add Wind River Debugger RPC number from Daniel Miller 2010-08-15 20:26:18 +00:00
david
7cf99e1e4e Use a std::vector<bool> instead of std::bitset in traceroute.cc. bitset isn't 
available on Android.
 2010-08-15 03:40:54 +00:00
patrik
40a66945bb changed so that the error message of the Error object is returned when a 
script signals the engine to abort.
 2010-08-14 17:14:32 +00:00
patrik
ce0de70ae8 o [NSE] Added one script (vnc-brute) that performs password guessing against 
VNC using the new brute library and another (vnc-info) that lists supported
  security mechanisms. [Patrik]
 2010-08-14 15:13:15 +00:00
patrik
5f58469ba7 o [NSE] Added a new brute library that provides a basic framework and logic 
for password guessing scripts. [Patrik]
 2010-08-14 14:56:40 +00:00
patrik
aa49c23224 moved hostname from the info to the hostname field for Informix probes 2010-08-14 12:42:16 +00:00
patrik
2c874c0ba2 changed portrule to include both ibm-db2 and drda 
updated script.db and removed old db2- scripts and added the new ones
changed error message returned by helper class in drda for incorrect logins
 2010-08-14 11:52:18 +00:00
patrik
e570925c37 o [NSE] Renamed db2-info and db2-brute scripts to drda-*. Updated script 
and library to reflect name change. Added support other DRDA based
  databases such as IBM Informix Dynamic Server and Apache Derby.
  [Patrik]
 2010-08-14 08:33:16 +00:00
patrik
2b44c74187 renamed db2 scripts to drda and added the old ones for removal [Patrik] 2010-08-14 08:28:56 +00:00
david
e8ecc904b8 Call nsi_set_hostname in service_scan.cc. 2010-08-13 21:47:09 +00:00
david
aef511d890 o [Nsock] Added a new function, nsi_set_hostname, to set the intended 
hostname of the target. This allows the use of Server Name
  Indication in SSL connections. This was suggested by Nuno Goncalves.
 2010-08-13 21:35:20 +00:00
ron
39318fd843 Fixed the same small bug in smbv2-enabled.nse (was still using the wrong variable for an error message) 2010-08-13 20:39:20 +00:00
ron
af5d750a34 Fixed a small bug in smbv2-enabled.nse (was using the wrong variable for an error message) 2010-08-13 20:35:22 +00:00
fyodor
1ea691c4e3 regen man pages (there were some changes for nping to add echo mode) 2010-08-13 18:55:30 +00:00
fyodor
b3bef8f7a2 Fix some syntax errors (mostly misspelled tags and wrongly closed tags) in scripting.xml to get it to compile 2010-08-13 18:49:16 +00:00
batrick
47bbbfdcea Fixed some local declarations. 2010-08-13 18:40:00 +00:00
fyodor
cc5a8ee7fc Add an NSE script idea (new MSRPC bug) 2010-08-13 09:37:56 +00:00
fyodor
291d25bbb9 add openssl windows binary upgrade task 2010-08-13 05:56:01 +00:00
david
1290fad780 o [NSE] Added default limits on the number of ports that qscan will 
scan. By default, it will do upt o 8 open ports and up to 1 closed
  port. These limits can be controlled with the qscan.numopen and
  qscan.numclosed script arguments. [David]
 2010-08-13 05:17:07 +00:00
djalal
d056a97b10 Merge r19288:r19697 from nmap-exp/djalal/nse-rules-docs. This will update NSE doc to show the new prerules and postrules. 2010-08-13 00:41:54 +00:00
batrick
7b40aa34c5 formatting 2010-08-12 18:29:40 +00:00
kirubakaran
68fd970ec1 Adding comments to nmap debug print message 2010-08-12 15:18:58 +00:00
robert
4ce404f214 Enabled ASLR and DEP for Nmap.exe, Ncat.exe and Nping.exe on Windows Vista and above. Visual C++ will set the /DYNAMICBASE and /NXCOMPAT flags in the PE header. Executables generated using py2exe or NSIS and third party binaries (OpenSSL, WinPcap) still don't support ASLR or DEP. Support for DEP on XP SP3, using SetProcessDEPPolicy(), could still be implemented. See http://seclists.org/nmap-dev/2010/q3/328 2010-08-12 14:01:16 +00:00
djalal
28e9cf600b Add a missing require('stdnse') 2010-08-12 03:54:13 +00:00
djalal
0ae240c1e8 Reset the script engine verbosity that was boosted when scripts are selected by name. 2010-08-11 22:37:16 +00:00
david
a12d595052 Add new version probes and matches from Patrik Karlsson. 
- Lotus Domino Console running on tcp/2050 (shows OS and hostname)
- IBM Informix Dynamic Server running native protocol (shows hostname, and file path)
- Database servers running the DRDA protocol
- IBM Websphere MQ (shows name of queue-manager and channel)
 2010-08-11 16:55:54 +00:00
david
8688fee2e2 Document that -g doesn't work for anything that uses normal OS sockets, 
including DNS resolution, connect scan, version detection, and NSE.
 2010-08-11 16:27:17 +00:00
david
852ad9440d Improve indentation and comments in init_socket. 2010-08-11 14:39:42 +00:00
david
c78dcce4d3 Move init_socket from nmap.cc to scan_engine.cc, because it is only used 
in the latter file.
 2010-08-11 14:34:54 +00:00
luis
6bce039909 Updated with the latest bugfixes and improvements 2010-08-11 13:57:05 +00:00
fyodor
6cdce4d008 add a leaked nsock pcap descriptor issue which shows up in nping and probably nmap 2010-08-11 06:15:55 +00:00
fyodor
8fc003be18 Changes from discussion w/David 2010-08-10 21:59:21 +00:00
david
d5edc49016 Add patch from Ange Gutek and Tom Sellers to make http-php-version only 
consider responses with a 200 status.
 2010-08-10 19:54:30 +00:00
batrick
f46908f0bd Require each Lua library explicitly (debug in particular). Requiring the "debug" 
library is necessary for Lua 5.2.
 2010-08-10 16:51:10 +00:00
batrick
7c7c30fc24 [NSE] (Global fix.) This fixes a spelling error. 2010-08-10 16:32:48 +00:00
kirubakaran
b35255c8e9 Adding verbosity to nmap debug option -d2 to print the whole path of scripts specified in rule 2010-08-10 16:20:07 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
david
fbe60bdcc9 Add a new function, shortport.http, that will be used as the portrule 
for HTTP scripts.
 2010-08-09 22:23:43 +00:00