PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 23:49:03 +00:00
Code Issues Projects Releases Wiki Activity
6,853 Commits 2 Branches 0 Tags
cceb2ff10adb4e8b40e9effadd6685a21cea44cc
Commit Graph

6853 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
patrik
5575943ea0 o [NSE] Added url-snarf. The script sniffs the network for URLs in HTTP 
traffic and prints the URL together with the originating IP. [Patrik]
 2012-01-29 08:23:30 +00:00
patrik
3633c502b6 o [NSE] Added http-auth-finder. The scripts spiders a site looking for URLs 
requiring form- or HTTP-based authentication. [Patrik]
 2012-01-29 06:23:35 +00:00
patrik
1c38198c02 Changed JSON null-check to the json.NULL constant per David's recommendation. 2012-01-29 05:52:04 +00:00
patrik
6724733817 Fixed a bunch of script errors reported by Duarte Silva: 
http://seclists.org/nmap-dev/2012/q1/246
 2012-01-28 22:03:11 +00:00
patrik
fb546789a1 Fixed bug that would make the script crash if no domain argument was specified. 2012-01-28 21:34:11 +00:00
david
991191186a More service submissions. 2012-01-28 21:21:10 +00:00
patrik
d4ca7dccfd fixed bug that would fail reading url and options supplied to the Helper:new 
method.
 2012-01-28 19:29:32 +00:00
patrik
fb3eb4c6c5 Fixed a bug in http-auth that failed to report errors properly. 2012-01-28 18:13:15 +00:00
henri
9cf2fa8854 Apply the correct event type against evclr in X_EV. 2012-01-27 20:44:28 +00:00
henri
255c2a0a9b Fixed an assertion failure which could occur when connecting to an SSL server: 
nsock_core.c:186: update_events: Assertion `(ev_inc & ev_dec) == 0' failed.

Thanks to Ron for reporting the bug and testing.
See: http://seclists.org/nmap-dev/2012/q1/235
 2012-01-27 15:46:32 +00:00
david
22c17fa05d Add cccam-version.nse. 2012-01-27 01:13:35 +00:00
patrik
0ad978d3b8 o [NSE] Added the scripts xdmcp-discover, broadcast-xdmcp-discover and the 
X Display Manager Control Protocol (xdmcp) library. The scripts discover
  hosts either using unicast or broadcast and try to detect supported
  authentication and authorization mechanisms. [Patrik]
 2012-01-26 19:35:19 +00:00
fyodor
c2e868e17a latest TODO changes from meeting with David 2012-01-26 19:18:26 +00:00
david
fe96153a91 Remove --- from some non-NSEDoc comments. 2012-01-26 17:07:43 +00:00
david
118e9045b2 Service submissions. 
ssh, postgresql, freeciv, pop3, domain, snmp, telnet.
 2012-01-26 10:02:04 +00:00
henri
63f3fc4954 Fixed comments that referred to an incorrect location. 2012-01-26 09:25:05 +00:00
david
74785f0591 Remove remaining unused nmap-service-probes captures. 2012-01-26 09:21:29 +00:00
david
6a1a6132d3 Microsoft NNTP grouping. 2012-01-26 09:21:27 +00:00
david
a64000673c nmap-service-probes unused capture fixes from Rob Nicholls. 2012-01-26 09:21:26 +00:00
david
929146e679 Various nmap-service-probes fixes. 
Found while reviewing Lauri Kokkonen's recent patch.
 2012-01-26 09:21:24 +00:00
david
6bf7110c89 Remove most unused captures from nmap-service-probes. 
This patch is from Lauri Kokkonen.
http://seclists.org/nmap-dev/2012/q1/219
 2012-01-26 09:21:22 +00:00
henri
10d1f17509 Fixed two minor typos that escaped previous checks. 2012-01-26 09:16:58 +00:00
henri
444667943f Fixed SVN properties for consistency, so that src files now have the following 
ones:

  svn:keywords: Author Date Id Revision
  svn:eol-style: native
 2012-01-26 09:10:18 +00:00
patrik
5b05cbe46e o [NSE] Added script iax2-brute and supporting IAX2 library that performs 
brute-force password guessing against the Asterisk IAX2 protocol. [Patrik]
 2012-01-24 20:55:29 +00:00
patrik
f3d48111b9 o Added service probe for the Erlang Port Mapper Daemon. [Patrik] 2012-01-24 20:18:47 +00:00
patrik
5ef9f2a70d o [NSE] Added script broadcast-dhcp6-discover and supporting DHCPv6 library. 
The script retrieves and prints an IPv6 address and some of the DHCP6
  options. [Patrik]
 2012-01-24 19:54:50 +00:00
patrik
055ff59b94 Add support for adding discovered hosts as new targets. Added XMPP client-to- 
server discovery. [Patrik]
 2012-01-24 17:56:50 +00:00
david
51209ae64d Make the post-build commands the same for Release and Debug. 
Debug was missing the copying of the nselib/data directory.
 2012-01-21 19:18:47 +00:00
david
35f651f70d Fix? hex escape in Informix match lines. 
The escape sequences were "\x6". Patrik and I guess that this is begin
parsed as "\x06", so that's what I'm changing it to.
 2012-01-21 17:34:18 +00:00
david
5df890c0df Add a missing v/$1/ template. 2012-01-21 17:26:56 +00:00
david
b1823ed11f Fix match captures used but not defined. 
For example, $3 in a substitution when there are only 2 captures in the
pattern. In some cases I removed the capture from the destination
template (usually a copy-paste error), and in others I added a missing
capture to the pattern.
 2012-01-21 17:21:11 +00:00
david
49b6bae0ee Fix a SUBST command. 2012-01-21 16:50:43 +00:00
david
de90466701 Fix a couple of nmap-service-probes match patterns. 2012-01-21 16:07:00 +00:00
david
b4dee08825 CHANGELOG for IPv6 OS novelty detection. 2012-01-21 16:05:23 +00:00
henri
1f431b953f Consistent naming of the address fields between IPv4 and IPv6. 
All IP packet objects now have the following attributes:

  - ip_bin_src (binary src address)
  - ip_bin_dst (binary dst address)
  - ip_src (decimal-dotted string src address)
  - ip_dst (decimal-dotted string dst address)

The ip6_src and ip6_dst attributes have therefore been renamed (ip_bin_src and
ip_bin_dst).

This patch also updates the scripts accordingly.
 2012-01-21 14:46:00 +00:00
david
38c8615258 Add todo about consolidating Zenmap timed-out traceroute hops. 2012-01-21 01:40:32 +00:00
david
a302e477e5 Remove some cpe version templates where captures don't exist. 
This was reported by Fredrik Pettai.

Warning: Servicescan failed to fill cpe_a (subjectlen: 207, devicetypelen: 32). Too long? Match string was line 491: d//
 2012-01-21 01:31:10 +00:00
henri
9c7f72108b More code cleaning: whitespace and indentation fixes. 2012-01-20 08:26:14 +00:00
david
8dd5bc49ca Fold EACCES and WSAEACCES cases together. 
Otherwise this causes a duplicate case error on Windows.
 2012-01-20 02:28:44 +00:00
henri
78a606b0b7 Fixed typo in comments: 
* respones -> responses
 2012-01-19 22:23:44 +00:00
henri
6f95d9fabe Fixed typos in comments: 
* Thse -> These
  * retunred -> returned
  * pipeling -> pipelining
 2012-01-19 22:22:10 +00:00
henri
399d2416b5 Removed declarations of unused variables. 2012-01-19 22:03:06 +00:00
patrik
1670f59210 o [NSE] Added script dns-srv-enum that enumerates DNS service records for a 
given domain. [Patrik]
 2012-01-19 00:49:48 +00:00
patrik
bf3f668223 Fixed a bug where the script would crash if the error code could not be 
determined properly.
 2012-01-19 00:38:00 +00:00
david
df3b01e5d8 Use the right errno in handle_connect_result catch-all assert. 
We call getsockopt(SO_ERROR) to get the socket error, but then we were
calling perror, which uses the global errno instead.
 2012-01-19 00:03:40 +00:00
david
47ee706a4a Handle EACCES in handle_connect_result. 
This specific connect error is already handled by ultra_scan. A comment
there says it can result from ICMPv6 destination-unreachable
admin-prohibited messages.
 2012-01-19 00:03:39 +00:00
david
792d06108c Block comment on novelty detection. 2012-01-18 00:38:51 +00:00
david
60063bbd18 Add a missing DocBook close tag. 2012-01-18 00:26:38 +00:00
fyodor
0c115c7fa8 note a finished task 2012-01-17 21:59:07 +00:00
fyodor
17c3838e3d Add a couple tasks 2012-01-17 21:39:24 +00:00