PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 05:29:02 +00:00
Code Issues Projects Releases Wiki Activity
4,571 Commits 2 Branches 0 Tags
cd5f41fc917e6643fd13963af88173f0b19c748c
Commit Graph

4571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
cd5f41fc91 Add some more payloads to http-passwd.nse (with comments explaining which 
servers they affect). Fix a pattern. Patch by Ange Gutek.
 2010-09-27 18:10:46 +00:00
djalal
4baeee0dfc Whitespace formatting and some code cleaning. 2010-09-27 13:19:25 +00:00
david
52d1590c84 Add the script argument http-brute.method. This is so you can do 
http-brute.method=POST instead of having GET hardcoded in the script.
 2010-09-27 01:23:37 +00:00
david
92362b2d24 Move special request body handling out of http.post and into http.generic_request. 2010-09-27 01:21:45 +00:00
david
9f79aad78f Pass the driver_options whenever constructing a driver in brute.lua. This could 
be required, for example, when running the check method.
 2010-09-27 01:20:52 +00:00
tomsellers
c974a51d07 Single line update to correct spelling error in service field. 
shoutcase => shoutcast
 2010-09-26 19:27:45 +00:00
tomsellers
04e0b3b4f6 Two modifications to APC PowerChute detection. One is to comment 
out a false positive that is likely java-rmi.  The other is to 
add an additional version to a version label.
 2010-09-26 15:51:00 +00:00
tomsellers
6b75d40ae7 Fixed a few spelling errors and 1 consistency issue in the 
device labels in nmap-service-probes
 2010-09-26 13:15:45 +00:00
djalal
769db9823a o Added the debug level to some print_debug() functions that were missing this argument. 
o Create the mutex in the RpcInfo() function before the connect call, to prevent some rare race conditions that can cause one of the running rpc and nfs scripts to fail. This mutex is used to cache the portmapper program list in the registry, to reduce the number of connections and RPC DUMP procedure calls.
o whitespace formatting.
 2010-09-26 12:55:05 +00:00
djalal
85030874ea Fix a bug that prevents Nmap to compile on systems that lacks OpenSSL. This patch was contributed by Patrik Karlsson. 2010-09-26 10:43:32 +00:00
tomsellers
594e2dcacc Add 3 http service detection fingerprints: 
Rapidsite/Apa (customized Apache http)
 IBM HTTP Server using mod_jk
 RG4000 Access Control Gateway (limited info)

 The first two had existing fingerprints that were
 were similar but that matched version information 
 that was not always present or had a different 
 modules (PHP vs mod_jk).  - Tom
 2010-09-26 04:13:21 +00:00
tomsellers
70c9266359 Small change to restore whitespace in nmap-service-probes. 2010-09-25 14:03:54 +00:00
tomsellers
c4b3f17dcd 3 service version changes: 
2 for BMC/Marimba
  1 for a CANON HTTP service
 2010-09-24 23:39:08 +00:00
david
bdddee6330 Fix another nmap-os-db inconsistency reported by Xavier Sudre. 2010-09-24 19:49:03 +00:00
ron
9ae7fb6a5d Added the REQUEST_TARGET flag to the extended authentication packet. I have no clue what that flag does, and I can't find any documentation, but Nmap completely fails against Windows 7 unless it's set. 2010-09-24 03:42:38 +00:00
ron
f71008bcd3 Fixed a spelling mistake in a variable name in msrpc.lua 2010-09-24 03:38:11 +00:00
ron
a477d142f1 Updated stdnse.get_script_args() function to take arrays in addition to strings. If an array is passed, currently, the first name is considered 'valid' and the others are considered 'deprecated'. This behaviour is still under discussion. 2010-09-24 02:52:00 +00:00
ron
cfd0aaeabc Fixed a bug where a ternary operator meant to prevent a nil pointer exception was outside of a math.floor() call, making it totally worthless. I moved the math.floor() outside the operation, fixing it. 2010-09-24 01:33:01 +00:00
ron
11ad4fafd5 Fixed a nil-pointer exception caused by certain printers and OS X machines. An array in the result was set to nil instead of 0-length, which was unexpected. 2010-09-24 01:22:36 +00:00
ron
2035b82dfd Fixed a really tricky bug that I spent all evening chasing. Normally, during login, every account in the list (by default, guest and anonymous) are attempted. Unless something fails badly, anonymous will work. Unfortunately, if something DOES fail badly, after the first script runs this list is empty. That means if something bad is happening, and two or more scripts are running, every script after the first will have an empty list of accounts to use, and it would fail mysteriously. This patch checks the return value from the get_next_account() function properly to see if we've run out of accounts and report that to the user rather than an ugly stacktrace. 2010-09-24 00:47:43 +00:00
ron
3bc39efc4b Lots of little bugfixes throughout several smb scripts, mostly related to bad use of global variables 2010-09-24 00:31:12 +00:00
david
d9b0bbf6f8 A couple more nmap-os-db canonicalizations. 2010-09-23 22:10:32 +00:00
david
7f62c3ba78 Credit Xavier Sudre with some recent bugfixes. 2010-09-23 22:07:52 +00:00
david
1af146b331 Fix some nmap-os-db inconsistencies reported by Xavier Sudre. 2010-09-23 22:03:10 +00:00
batrick
8c898d3938 Simplified some code. 2010-09-23 20:13:47 +00:00
david
ed48818666 Remove the restriction to one thread in http-brute.lua, as the worker thread 
bug that required it has been fixed.
 2010-09-23 16:33:02 +00:00
david
4a4e67bd2c Set the close_handlers member in worker Thread objects. The lack of this caused 
them to use the close_handlers table of the parent thread that spawned them
instead. See http://seclists.org/nmap-dev/2010/q3/804 for more details.
 2010-09-23 16:32:11 +00:00
luis
d4ec0386e4 Added a note about the patch in r20315 2010-09-23 06:44:51 +00:00
david
ca5254f990 Fix a memory leak in OS detection. When detection ran for more than one 
round, fingerprint test results were being leaked in between rounds.
 2010-09-23 06:00:40 +00:00
david
235dab9f24 Fix an array allocation; we were allocating a multiple of the size of a 
struct, not the size of a pointer to it. Over-allocating did no harm
beyond wasting some memory.
 2010-09-23 05:58:39 +00:00
david
d09ce7ab50 Add a missing class to an OS fingerprint. 2010-09-23 05:50:59 +00:00
david
4ede60791d Change an include of <windows.h> to one of "nbase.h"; for some reason this was giving me compiler errors (the ones from OpenSSL including <winsock.h>). 2010-09-23 03:18:31 +00:00
david
8d6d0c1c17 Revert r20239 (OpenSSL 1.0.0a upgrade) in mswin32/nmap.vcproj. This was an unrelated change not to discard preprocessor files. 2010-09-23 02:38:34 +00:00
david
6cc9a328b4 Fix nse_dnet.cc compilation on Windows. This was broken in the merge in r20267. 2010-09-23 01:58:32 +00:00
luis
8e1f52c46a Moved three items to the DONE section 2010-09-22 19:59:46 +00:00
luis
faaca263b9 When using pcap_set_filter() on Linux, valgrind complains about a 
setsockopt() call that uses a pointer to some uninitialized memory. The
error message is the following:

==22214== Syscall param socketcall.setsockopt(optval) points to
uninitialised byte(s)
==22214==    at 0x62F774A: setsockopt (syscall-template.S:82)
==22214==    by 0x4E33B85: ??? (in /usr/lib/libpcap.so.1.0.0)
==22214==    by 0x4E33D0D: ??? (in /usr/lib/libpcap.so.1.0.0)
==22214==    by 0x432253: nsock_pcap_set_filter (in /usr/local/bin/nping)
==22214==    by 0x432557: nsock_pcap_open (in /usr/local/bin/nping)
==22214==    by 0x4295FF: ProbeMode::start() (in /usr/local/bin/nping)
==22214==    by 0x40B2E1: main (in /usr/local/bin/nping)

This patch adds a simple memset() call that makes the warning dissapear.
 2010-09-22 09:41:06 +00:00
fyodor
2be2722f26 changes from chat w/David 2010-09-22 00:03:42 +00:00
batrick
31fbab7eba Moved receive_buf function (not in use yet, until Lua 5.2) next to other 
receive functions.
 2010-09-21 20:01:16 +00:00
david
15b5df36ff Add missing <code> tags. 2010-09-21 17:31:17 +00:00
david
0c8460e841 Put <code> tags around an option name. 2010-09-21 17:12:27 +00:00
david
a36ae7e22e Add to CHANGELOG: 
o [Zenmap] Made the topology node radiuses grow logarithmically
  instead of linearly, so that hosts with thousands of open ports
  don't overwhelm the diagram. Also only open ports (not
  open|filtered) are considered when calculating node sizes. [Daniel
  Miller]
 2010-09-21 02:03:44 +00:00
batrick
75bd2b0745 use utility functions 2010-09-20 19:47:08 +00:00
kris
fa858e041b Remove unused and newly unrequired arguments to the pcap check functions (which 
replace the old callbacks) in scripts
 2010-09-19 02:15:19 +00:00
batrick
de4ba536de Merge from /nmap-exp/patrick/nse-nsock-maintenance. 
This is a maintenance fix for the NSE Nsock library binding. The patch focuses
on code correctness and simplicity. The patch also brings some initial updates
with an eye towards the upcoming Lua 5.2 release. See [1] for a post concerning
this branch.

[1] http://seclists.org/nmap-dev/2010/q3/710
 2010-09-18 20:35:09 +00:00
luis
5f13514d46 Added a new item: nping fails to send udp packets to a broadcast address 2010-09-18 18:34:48 +00:00
kris
10d23e924f trivial: move a statement back closer to its context 2010-09-17 20:30:27 +00:00
david
4e46c99329 o Increased the initial RTT timeout for ARP scans from 100 ms to 
200 ms. Some wireless and VPN links were taking around 300 ms to
  respond. The default of one retransmit gives them 400 ms to be
  detected.
 2010-09-17 17:00:06 +00:00
david
fc9d35fed9 Add a symbolic constant for INITIAL_ARP_RTT_TIMEOUT. 2010-09-17 16:46:09 +00:00
david
c8106e0ef3 Let --min-rtt-timeout be a lower bound on the initial timeout for ARP 
scan. ARP scan had a hardcoded initial timeout of 100 ms, which could be
lower than the minimum requested. The default minimum timeout is also
100 ms, so this has no effect if --min-rtt-timeout is not used.
 2010-09-17 16:35:01 +00:00
david
745a49d24a Upgrade the included Windows OpenSSL to version 1.0.0a. 2010-09-16 03:49:43 +00:00