david
22d8aec1ef
Add additional @output examples to ftp-bounce.nse, contributed by Gutek.
2010-04-13 02:35:20 +00:00
david
43470e91ba
Add to CHANGELOG:
...
o [Zenmap] Made IP addresses be sorted by octet, not by their string
representation. For example, 10.1.1.2 is now sorted before
10.1.1.10, when it was the opposite before. This was reported by
Norris Carden. [David]
2010-04-13 02:20:14 +00:00
patrik
bd5e91ffcc
o [NSE] Added sorting on port number to dns-service-discovery script. [Patrik]
2010-04-12 10:43:06 +00:00
patrik
112f8f5340
o [NSE] Added snmpWalk function to SNMP library and updated scripts to use it
...
[Patrik]
2010-04-12 10:30:24 +00:00
jah
a9c5d3391c
Changed erroneous RFC1918 Private Address assignment from 172.15/12 to 172.15/12. My bad.
2010-04-11 23:38:06 +00:00
jah
19117c80be
Fixed error in dns.lua reported by Eugene Alexeev:
...
nselib/dns.lua:110: attempt to get length of field 'dtype' (a number value)
2010-04-10 21:25:50 +00:00
kris
3f4153c956
update ip_is_reserved(): 14/8 and 223/8 allocated
2010-04-10 04:11:39 +00:00
jah
d7092b8a9d
[NSE] Added UDP header parsing support to packet.lua.
2010-04-10 00:22:03 +00:00
jah
4554312eb6
Added UDP header support.
2010-04-10 00:16:32 +00:00
patrik
a783565970
o [NSE] Correct global access errors in afp.lua reported by Patrick Donnelly
...
[Patrik]
2010-04-08 20:55:20 +00:00
batrick
9537366a74
Fixed global access error with fix proposed by Matrin Swende [1].
...
[1] http://seclists.org/nmap-dev/2010/q1/459
2010-04-08 20:40:20 +00:00
batrick
98d4bee8e5
global bug fixes
2010-04-08 20:36:43 +00:00
batrick
0f1b1626c4
whitespace change
2010-04-08 20:27:05 +00:00
david
8a26459cfd
Add @output sections for http-passwd, db2-info, db2-das-info, and
...
pptp-version.
2010-04-08 19:44:20 +00:00
fyodor
5f15989593
Add AS number script idea to network script class item
2010-04-08 09:32:24 +00:00
fyodor
724183acbb
Some changes from chat w/David yesterday
2010-04-08 09:26:02 +00:00
david
d183a334a2
Add or fix @output sections in ms-sql-config, oracle-sid-brute,
...
iax2-version, pop3-brute, and skypev2-version.
2010-04-08 06:09:39 +00:00
david
5ab63a55be
Say that @usage applies to modules. Say that @usage is automatically
...
generated for scripts if omitted.
2010-04-08 05:26:42 +00:00
david
838127d565
Remove the error element from the XML DTD. It was supposed to be a child
...
of trace, but I don't think it has ever been emitted since traceroute
was added in r4556.
2010-04-07 23:26:09 +00:00
ron
ab654ecc34
Fixed a bug in dhcp-discover -- the read_boolean() function appears to never have worked, but I didn't run into anything that returned a boolean value until Brandon tried running it. It now handles booleans properly, along with a lot of extra debug output (especially on -d2 and higher)
2010-04-07 21:47:22 +00:00
ron
398ecbcb62
Improved error handling (and messages) on dhcp-discover.nse. Hoping to track down a problem reported to me by Brandon Enright.
2010-04-07 21:03:51 +00:00
david
4332937a74
Fix typo.
2010-04-07 14:35:31 +00:00
david
db2a7826ab
Fix NSEDoc comments in ms-sql-config and ms-sql-query. They need three
...
dashes.
2010-04-06 21:42:17 +00:00
kris
0e579c71a4
o [NSE] Correct misspelled "Capabilities.IgnoreSpaceBeforeParanthesis"
...
name in the MySQL library. [Kris]
The second "a" in "paranthesis" should be in "e". No current scripts use
this name (yet).
2010-04-06 02:05:07 +00:00
david
741a9ddbf4
Change Ncat's fix_line_endings to take a state pointer, used to remember
...
if the previous read ended with \r. If the next read starts with \n, we
shouldn't insert an extra \r before it.
2010-04-05 23:02:11 +00:00
jah
58eca6dfb7
setup_connect, called by exchange, now connects to targets by IP address rather than targetname (which could sometimes be a different host or address family).
2010-04-05 19:39:57 +00:00
kris
c7d97ae2c4
fix function names in error messages
2010-04-05 00:12:58 +00:00
fyodor
2f59126185
Just moving an item
2010-04-04 19:42:03 +00:00
david
3b34c84de7
Add dns-fuzz script from Michael Pattrick.
2010-04-04 13:41:32 +00:00
jah
aec0b2c88c
Add nsedoc @return tag for get_url.
2010-04-04 13:00:02 +00:00
patrik
1d26975ede
o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new
...
scripts are:
- ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL
- ms-sql-config retrieves various configuration details from the server
- ms-sql-empty-password checks if the sa account has an empty password
- ms-sql-hasdbaccess lists database access per user
- ms-sql-query add support for running custom queries against the database
- ms-sql-tables lists databases, tables, columns and datatypes with optional
keyword filtering
- ms-sql-xp-cmdshell adds support for OS command execution to privileged
users
[Patrik]
2010-04-04 10:11:54 +00:00
fyodor
231bc9f02e
Added a task idea posted by David
2010-04-02 23:20:19 +00:00
fyodor
6ea8e7195b
Add task idea from nmap-dev
2010-04-02 21:38:08 +00:00
patrik
f137a07847
o [NSE] Fixed bug in rpc.lua library that incorrectly required file handles
...
to be 32 octects when calling the ReadDir function. The bug was reported by
Djalal Harouni. [Patrik]
2010-04-02 17:58:32 +00:00
david
baeb2e8f98
Add @output sections to realvnc-auth-bypass.nse and sql-injection.nse
...
from Gutek. Also documents the @args of sql-injection.nse.
2010-04-02 15:31:24 +00:00
fyodor
619311bca7
Update to reflect the latest MAC prefix assignments from IEEE
2010-04-01 23:00:27 +00:00
fyodor
42fc2b542f
Add a task idea
2010-04-01 20:39:30 +00:00
ron
dd471d09d5
Fixed a bug in http.lua where http.post() wouldn't work if the arguments were passed in as a string instead of a table (the documentation says it should work in both places)
2010-04-01 04:41:48 +00:00
david
d2f232396e
Make smtp-commands.nse run for the services {"smtp", "smtps",
...
"submission"}, like the other smtp scripts.
2010-04-01 04:10:40 +00:00
david
6ba24a5a36
o Removed --interactive mode, a miniature shell whose primary purpose
...
was to hide command line arguments from the process list. It had
been broken (would segfault during the second scan) since before May
2009 until February 2010 and was rarely used. The fact that it was
broken was reported by Juan Carlos Castro y Castro.
See http://seclists.org/nmap-dev/2009/q2/464 and
http://seclists.org/nmap-dev/2010/q1/688 for report and discussion.
2010-04-01 03:33:14 +00:00
david
5f5b0fd0b0
Add @output to finger.nse and telnet-brute.nse thanks to Gutek.
2010-03-31 23:25:39 +00:00
david
9795ea0399
Add @output for ftp-bounce.nse, thanks to Gutek.
2010-03-31 23:03:17 +00:00
jah
f97dc21865
Fix file-level nsedoc block.
2010-03-31 22:08:16 +00:00
david
bbcfc79538
Add @output sections to these scripts:
...
dns-recursion.nse
snmp-brute.nse
daytime.nse
x11-access.nse
smb-enum-domains.nse
dns-random-txid.nse
p2p-conficker.nse
jdwp-version.nse
dns-random-srcport.nse
sshv1.nse
ms-sql-info.nse
Some of these just needed fixed NSEDoc syntax.
2010-03-31 21:45:21 +00:00
david
5fa554266b
Fix NSEDoc.
2010-03-31 20:28:14 +00:00
fyodor
4d034b36d2
Some changes from chat w/David
2010-03-31 02:37:17 +00:00
david
7009f54778
Fix a silly error I made in afp.lua. Use (pos + 1) % 2 instead of
...
pos % 2 + 1.
2010-03-30 19:54:13 +00:00
david
3ef4f3f017
o [NSE] Added the afp-serverinfo script that gets a hostname, IP
...
addresses, and other configuration information from an AFP server.
The script, and a patch to the afp library, were originally
contributed by Andrew Orr and were subsequently enhanced by Patrik
and David.
I added an @output section to the script and made it hex-encode a binary
string for the sever signature (previous versions of the afp patch did
the hex-encoding in the library, but I thought it was better to do it in
the script.)
2010-03-30 19:26:23 +00:00
david
6bf9b360a6
Add fp_get_server_info to afp.lua. This is from a patch originally by
...
Andrew Orr, reworked by Patrik Karlsson and David Fifield.
Among other things, this function gets the servers hostname, IPv4 and
IPv6 addresses, and potentially hardware type.
2010-03-30 19:19:26 +00:00
david
54301f2480
Add Guppy links to the TODO item on Zenmap memory use.
2010-03-30 17:41:51 +00:00
