PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-16 11:29:02 +00:00
Code Issues Projects Releases Wiki Activity
10,351 Commits 2 Branches 0 Tags
ca00a5e7e8737dc22e770ec76e3eba71d8f110d1
Commit Graph

1413 Commits

Author SHA1 Message Date
dmiller
cb4b46bd53 Canonicalize authors as tables instead of comma-separated strings 2016-06-09 22:46:42 +00:00
dmiller
39018e3e91 Check for RSA exponent of 1, resulting in F score 2016-06-09 04:36:09 +00:00
dmiller
c8e8cf8f43 Return RSA exponent from parsed SSL certificates, as a bignum 2016-06-09 04:36:07 +00:00
abhishek
c7852c6ec0 Adds Pong response, closes #383 2016-05-24 19:23:20 +00:00
abhishek
4d67d58d04 Removes the bug so as to compare cmd fixes #381 2016-05-24 19:23:17 +00:00
dmiller
9450cb725a Avoid boolean tautologies of the form 'not x == y' 
Lua operator 'not' has higher precedence than '==', so the statement

    not x == "something"

is equivalent to:

    (not x) == "something"

which will always be false, since the value of 'not x' will be either
'true' or 'false' and the string "something" is not the boolean 'true'
or 'false'. This is usually resolved by using the '~=' operator.
 2016-05-23 04:30:06 +00:00
dmiller
50e9080ef1 Grab latest enterprise numbers assignments from IANA 2016-05-11 14:55:45 +00:00
dmiller
fe0e0db1ba Grab latest multicast address assignments from IANA 2016-05-11 14:55:44 +00:00
dmiller
0dd8757e70 Add needed requires to mysql-cis.audit. Closes #371 2016-05-11 14:55:43 +00:00
dmiller
b341915722 Deprecate RC4 ciphersuites 2016-05-02 13:55:16 +00:00
dmiller
6b598fe547 Remove an incorrect NSEdoc blurb: JSON Object uses all keys 2016-04-14 16:50:47 +00:00
tomsellers
ee4ed66956 Added support for LDAP over udp to ldap-rootdse.nse. 
Also added version detection and information extraction to match the
new LDAP LDAPSearchReq and LDAPSearchReqUDP probes. Closes #362
 2016-04-09 21:33:26 +00:00
dmiller
4b341c4311 Clarify vnc handshake/login process and correctly send chosen security type 2016-04-04 04:47:37 +00:00
robert
ea7c0bd92b Added SQL Server 2012 SP3 version number and updated SQL Server 2012 SP1 version from the original 4050 release that was pulled and replaced by 4100. 2016-04-02 18:24:39 +00:00
dmiller
56d71fe6df Fix endianness bug making RFB 3.3 not detect auth type 2016-04-02 15:54:32 +00:00
dmiller
6c7655c24f Add Tight VNC auth type 2016-04-02 15:22:30 +00:00
dmiller
3af66a0445 VNC revamp and extension 2016-04-01 22:29:39 +00:00
tomsellers
e2cfda9dc0 Change to smb-os-discovery to enable it to augment SMB version detection. Closes #348 2016-03-31 10:56:29 +00:00
dmiller
81bb435ad9 Add TLS auth support to vnc.lua and vnc-brute 2016-03-28 16:46:32 +00:00
dmiller
f272172721 Negotiate down VNC versions for unknown versions instead of failing 2016-03-28 13:31:24 +00:00
dmiller
23bb9ef5ce Add TLS support for VNC 2016-03-27 15:06:33 +00:00
dmiller
377b52c112 Add STARTTLS for LMTP 2016-03-26 13:42:13 +00:00
dmiller
c8c4da0d6f Check for service name before port number to work on nonstandard ports 2016-03-26 13:42:12 +00:00
dmiller
a8086a222e Fix STARTLS for LDAP on nonstandard ports 2016-03-26 13:42:11 +00:00
dmiller
4db5bf502f Avoid attempting TLS over UDP protocols in sslcert.lua 2016-03-25 14:02:04 +00:00
dmiller
37c3a16a27 Add STARTTLS support for NNTP 2016-03-25 14:02:03 +00:00
dmiller
dc09ef809f Add dh group exchange support to ssh2.lua. Closes #341, Fixes #129 2016-03-21 22:04:42 +00:00
dmiller
2b86ab11dc Allow ssl-* to work with TDS (MS SQL server) 2016-03-19 20:44:33 +00:00
dmiller
ee481851f5 Silence warnings about the new any_af request option 2016-03-16 05:47:57 +00:00
dmiller
c7892e365f Let http.lua functions optionally connect via any address family 
Sometimes (e.g. when using an external API), a script wants to connect
by name to a server and doesn't care whether IPv4 or IPv6 is used. By
passing the "any_af" option, the first resolved address of any address
family will be used, allowing external-category scripts which used to
fail with -6 to succeed.
 2016-03-16 05:07:59 +00:00
dmiller
2db52ae951 Force numeric values to string to avoid assertion in tab.lua. Related #266 2016-03-13 20:29:10 +00:00
dmiller
b5f5690bb0 New default accounts from nnposter. Closes #301 2016-02-14 14:42:18 +00:00
dmiller
c2c86cb9f9 reduce memory reallocs in dhcp.lua (string building, static tables) 2016-02-12 05:42:19 +00:00
dmiller
4a85f18938 Add TFTP/PXE-related DHCP options. patch by Mike Rykowski 2016-02-11 23:50:47 +00:00
dmiller
ab1e474475 Document an unknown field in ConnectionRequest for RDP 2016-02-05 22:53:43 +00:00
dmiller
a7502f54e2 Add STARTTLS support for Postgresql 2016-02-03 20:09:24 +00:00
dmiller
0816975261 Factor out some common code in sslcert.lua 2016-02-03 20:09:23 +00:00
dmiller
97163a3052 Fingerprint for WebSphere console by Vlatko Kosturjak 2016-01-14 21:08:28 +00:00
dmiller
43dedd7b0e Extract optional OS version info from NTLM challenge message 2016-01-07 20:43:19 +00:00
dmiller
68599ce140 Solve "unexpected signature" message in SMB extended session setup (NTLM type 2 message only sent once) 2016-01-07 20:33:10 +00:00
dmiller
bb507ac7bf Add RomPager CVE-2014-4019 check to http-fingerprints 2016-01-06 20:47:06 +00:00
dmiller
f405d71296 Avoid a script crash when pppoe.Comm.recv returns failure without error message 2016-01-04 16:48:08 +00:00
dmiller
74bd78267a http cookie and form parsing updates 
1. getattr now decodes html entities in attributes (useful for & in href
   attributes, for instance)
2. Cookie validation allows max-age, httponly, and secure attributes
3. Use table concatenation instead of repeated string concatenation to build
   cookie string.
 2015-12-31 15:50:25 +00:00
dmiller
5243f4f049 Alter output formatting of multicast.lua 2015-12-19 17:47:15 +00:00
dmiller
a11db08325 Every ipOps function validates IP addresses, so no need to do it explicitly 2015-12-19 15:25:43 +00:00
dmiller
0f99596555 Fix a few bugs in targets-ipv6-multicast-mld. http://seclists.org/nmap-dev/2015/q2/250 2015-12-16 17:07:40 +00:00
tomsellers
58f00324eb NSE: Prevent http.identify_404 from following HTTP redirects, standardize calls to it. Closes #251 2015-12-05 10:16:51 +00:00
dmiller
8d418d4962 Document some script args in NSEdoc 2015-11-22 13:58:21 +00:00
dmiller
e83078fdcc Fix stun mode parameter, NSEdoc 
The value for the mode parameter passed to Helper.new was always
overridden by either the stun.mode script-arg or "modern". Now, the
script-supplied option is used, falling back to the script-arg or
modern if neither is present. Also documented the script-arg.
 2015-11-22 13:58:20 +00:00
dmiller
2eca808281 Add NSEdoc stub for lpeg library 2015-11-17 04:58:56 +00:00