PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 22:21:29 +00:00
Code Issues Projects Releases Wiki Activity
11,063 Commits 2 Branches 0 Tags
c51c0b6e86760d0ad3859b51ed72ba18f9005b1f
Commit Graph

2614 Commits

Author SHA1 Message Date
paulino
c51c0b6e86 Updates script to detect other vulnerable services and removes useless redirection ports from the execution rule. See GH#876 2017-05-09 17:24:55 +00:00
paulino
7bd54ab098 Adds http-vuln-cve2017-5689 to detect vulnerable Intel AMT enabled systems (INTEL-SA-00075). Closes #876 2017-05-07 01:33:57 +00:00
dmiller
95850d5ac3 New script vmware-version 2017-05-03 18:22:02 +00:00
david
6d8a64423f dnscurve.org has https. 2017-04-28 18:43:38 +00:00
dmiller
4307615b50 Update snmp scripts with backwards-compatible script-arg syntax 2017-04-22 19:31:25 +00:00
dmiller
c8d5cf86b2 Correct reference to snmpcommunity script-arg. Fixes #861 2017-04-21 13:28:55 +00:00
nnposter
e80976a13a Provides a common function, url.get_default_port(), for obtaining 
the default port number for a given scheme. Fixes #781
 2017-04-19 18:00:36 +00:00
nnposter
af6bbc35bb Changes the port type returned from url.parse() to an actual integer, as 
opposed to a string that represents an integer. Fixes #833, fixes #817.
 2017-04-19 17:02:32 +00:00
dmiller
214d527632 New script smb-double-pulsar-backdoor. Closes #854 2017-04-18 18:09:10 +00:00
nnposter
c58aa814f3 Suppresses empty output if no vulnerable parameters are found 2017-04-15 00:08:49 +00:00
nnposter
95c42025d7 Suppresses empty output if no credentials are found 2017-03-29 23:23:22 +00:00
dmiller
4cef14a873 Switch to string packing instead of bin packing and return order for asn1-related libs 2017-03-29 20:42:01 +00:00
dmiller
3dec043ead Fix NSE hangs when service sends non-matching data to receive_buf 2017-03-29 20:41:59 +00:00
dmiller
85e10c6b2b Use byte values instead of hex strings for ASN.1 types, avoiding upper/lower case mixups 2017-03-29 20:41:57 +00:00
dmiller
0e7f11673c Change more bin lib to string packing/fromhex. Closes #755. Closes #769 2017-03-25 13:39:44 +00:00
dmiller
d66dd69df2 Fix some swapped return values 2017-03-25 13:29:52 +00:00
dmiller
7c72319ab5 Change a few more bin.pack to string.pack 2017-03-24 22:05:52 +00:00
dmiller
1d3b5142be Fix some NSEdoc using the wrong script names 2017-03-24 22:05:51 +00:00
dmiller
312fbbfcf1 Report and record recovered creds in http-vuln-wnr1000-creds 2017-03-24 16:20:02 +00:00
dmiller
3220cbd62b Fix a crash in http-vuln-wnr1000-creds when request fails (i.e. not vuln) 2017-03-24 16:20:00 +00:00
dmiller
87fb195c3f Use a legit HTTP probe for detecting SSL in http-slowloris and -check 2017-03-23 22:42:02 +00:00
nnposter
4bffd26c0b Adds support for user-selectable HTTP method. Closes #759 2017-03-22 00:28:01 +00:00
dmiller
e973ad72f5 Optionally brute force usernames for VNC 2017-03-15 20:31:24 +00:00
dmiller
d244738246 Support ATEN/Supermicro KVM VNC 2017-03-15 19:39:34 +00:00
dmiller
c98a547104 Check for RealVNC auth bypass even if other auth types are offered 2017-03-15 16:19:55 +00:00
dmiller
772bd8d824 Correct typos: receive, successfully, length 2017-03-15 02:23:09 +00:00
dmiller
f89d7610b0 Replace IP address parsing with functions from ipOps 2017-03-14 18:59:12 +00:00
dmiller
84a824c2cf New script broadcast-ospf2-discover. Closes #743 2017-03-14 00:15:22 +00:00
dmiller
2091ce3199 Fix endianness in unpacking IP addresses, since ipOps.fromdword is fixed. Fixes #750 2017-03-13 14:58:57 +00:00
dmiller
3e3f600b8a Update default-category scripts to use bitwise operators instead of bit.lua 2017-03-13 14:58:56 +00:00
dmiller
3140dbe115 New script for Apache Struts RCE 2017-03-10 17:53:45 +00:00
dmiller
eff6c09118 Change ssl scripts to use string unpacking instead of bin.lua 2017-03-10 17:29:53 +00:00
dmiller
14bd4e7899 Use stdnse.fromhex in ssl-dh-params 2017-03-10 17:29:52 +00:00
dmiller
8cbd5d8391 Replace bin.lua with string packing in a couple of my scripts 2017-03-09 05:13:46 +00:00
dmiller
d68e4d7cab Fix spelling of Vasiliy's name. Sorry! 2017-03-07 21:25:37 +00:00
dmiller
611a27fc64 New commands to extract info for redis-info by Vasily Kulikov 2017-03-07 21:24:32 +00:00
nnposter
d7c8bf912d Adjusts data extraction patterns to match the updated Robtex layout. 
Original patch submitted by aDoN. Fixes #679, closes #681.
 2017-03-05 16:52:25 +00:00
dmiller
0b93e8da2e New script impress-remote-discover. Closes #713 2017-03-04 19:54:56 +00:00
dmiller
1164a8e7df Update output section for realvnc-auth-bypass 2017-03-03 20:35:08 +00:00
dmiller
2f5b154f9e Fix a couple NSEdoc cross-refs (requires '.nse') 2017-03-03 20:35:07 +00:00
dmiller
522b85693e Note interaction with realvnc-auth-bypass 2017-03-03 19:43:33 +00:00
dmiller
76f7c48c17 Allow vnc-title to exploit RealVNC auth bypass if discovered. 2017-03-03 19:39:57 +00:00
dmiller
2a5b23f025 Make realvnc-auth-bypass a vulns script, store result for other scripts to exploit 2017-03-03 19:39:56 +00:00
dmiller
b30c304a2d Fix string escape. Closes #716 2017-03-02 05:02:07 +00:00
dmiller
edcc648a39 New script cics-user-brute. Closes #671 2017-03-01 20:41:19 +00:00
dmiller
bed397a950 New script cics-info. See #671 2017-03-01 20:41:18 +00:00
dmiller
36c03069bd Fix a logic bug (and vs or) and extend usernames to 8 chars. See #671 2017-03-01 20:41:17 +00:00
dmiller
6d3c181316 cics-enum: support for testing transaction IDs with a valid username/password 2017-03-01 20:41:16 +00:00
dmiller
dd4f367036 New script http-cookie-flags. Closes #669 2017-03-01 04:12:39 +00:00
dmiller
d8942b360b Make sure there's some data to read. See #689 2017-02-27 16:42:50 +00:00