PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-21 15:09:02 +00:00
Code Issues Projects Releases Wiki Activity
4,571 Commits 2 Branches 0 Tags
cd5f41fc917e6643fd13963af88173f0b19c748c
Commit Graph

4571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fyodor
923c04657a 2009-09-17 21:03:11 +00:00
david
9a25c8a0b4 Add a CHANGELOG entry for new traceroute. 2009-09-17 15:45:09 +00:00
david
45b783c573 Print "--" for the RTT of traceroute hops if the RTT is unknown. This 
can only happen in the case of a directly connected target with no ping
or port scan responses, like
nmap -PN -sP --send-ip --traceroute <target>
 2009-09-17 15:11:20 +00:00
david
06cc9ad4d1 Add a special-case no-probe traceroute for directly connected targets. 2009-09-17 15:03:13 +00:00
david
fa6002d4e3 Add a mailing list link to the TODO item about memory use. 2009-09-17 15:02:54 +00:00
fyodor
a3b5f278f9 add an idea for Nmap translation/localization 2009-09-17 04:31:09 +00:00
fyodor
93c4dec5d0 Applied FreeBSD portability patch from Jay Fink (he found it in FreeBSD ports tree). The patch 
marks pcap file descriptors as not select()able by Nmap for FreeBSD versions < 5 (__FreeBSD_version < 500000)
 2009-09-17 03:03:10 +00:00
david
875dcddd2c Merge r15496:15502 from /nmap-exp/david/nmap-traceroute. These are some 
minor traceroute performance optimizations.
 2009-09-17 02:22:15 +00:00
david
577a1be0e7 Merge from svn://svn.insecure.org/nmap-exp/david/nmap-traceroute. This 
brings in a new, faster, parallel version of traceroute.
 2009-09-17 00:03:46 +00:00
ron
86e7a63bf6 Added a script called http-malware-host.nse. Its future intention is to discover hosts that are serving malware (for example, that are compromised and have malicious code inserted). At the moment, it checks for one specific attack discussed here: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/ 2009-09-16 14:15:13 +00:00
fyodor
19c18738d0 Note a bug discovered by David 2009-09-16 08:37:59 +00:00
fyodor
bc918d268a the package name now seems to be openss-devel rather than libopenssl-devel 2009-09-15 21:44:41 +00:00
joao
4c13b99e95 Giving priority to transfer-encoding first than content-length, as mentioned in rfc2616, section 4.4. 
isChunked now checks for transfer-encoding: identity instead of transfer-encoding: chunked. If transfer encoding is present and it is not identity, chunked encoding is considered. Also rfc2616, section 4.4 (item 2)
 2009-09-15 03:47:46 +00:00
joao
b9d1591739 Adding a few comments on some functions 2009-09-15 02:46:58 +00:00
joao
b0346e22b9 Fixing problem related to chunked pipelined responses on http.lua 2009-09-15 02:12:02 +00:00
david
8ba33e607b Make it clear in the NSEDoc that error values can be any false value: 
<code>false</code> or <code>nil</code>. Basically it's anything that
matches the protocol of an nmap.new_try handler.
 2009-09-14 15:56:49 +00:00
ron
32d9c9fe98 Added a check for a SMBv2 vulnerability (CVE-2009-3103) to smb-check-vulns. Due to its nature (it performs a DoS, then checks if the system is still online), the script isn't run by default and requires a special script-arg to work. 2009-09-14 15:23:06 +00:00
david
fa6435d6ec Document that IP proto scan has special cases for SCTP and IGMP as well 
as TCP, UDP, and ICMP.
 2009-09-14 02:49:09 +00:00
fyodor
1681e7621b Add clear warnings about using --script=all. 2009-09-13 09:36:33 +00:00
david
b40356ed3f Fixed an integer overflow that could occur when a target with a low 
TCP timestamp clock frequency uses large timestamp values, such that
a naive uptime calculation shows a boot time before the epoch. Also
fixed a printf format specifier mismatch that was revealed by the
overflow. Toby Simmons reported the problem and helped with the fix.
 2009-09-10 18:03:18 +00:00
david
f270257be7 Remove the unused seq_info.uptime member. 2009-09-10 15:17:17 +00:00
david
0a479a45fa Fix a typo in dhcp-discover.nse. 2009-09-10 14:18:02 +00:00
fyodor
e7d0212d68 minor updates to TODO 2009-09-10 08:09:55 +00:00
ron
0e1a013dbf Updated CHANGELOG with my newest script. I have more to add to the CHANGELOG from my recent activities, but that'll have to wait. 2009-09-10 03:31:15 +00:00
ron
9465a839c1 Added dhcp-discover script 2009-09-10 03:26:53 +00:00
ron
66399fc057 Added a couple more paths that might be interesting 2009-09-09 01:59:13 +00:00
bmenrigh
a0bf12e674 Fixed a typo where quad-A records (AAAA) were listed as AAAAA. Thanks 
to Jeron Massar for the report.
 2009-09-08 22:32:45 +00:00
ron
f4458c1917 Added the ability (off by defaultk, since it generates 20x requests) for http-enum.nse to generate variants of each file. This would probably be more useful to use after running a spider script than here, but the code should be essentially the same. I'm hoping it'll be used somewhere more appropriate, eventually. 
Also added a couple fingerprints.
 2009-09-08 19:51:53 +00:00
david
59491ec62d Make the following methods const: 
Target::v4source
  Target::v4sourceip
  Target::SrcMACAddress
  Target::NextHopMACAddress
 2009-09-07 22:17:23 +00:00
fyodor
3bf3913924 mostly just testing the svn-commit mailer 2009-09-07 22:07:00 +00:00
david
3833d31ed6 Be more robust in parsing /proc/net/route. Check for a missing interface 
name. If the destination is missing, ignore that line and continue with
the next line rather than giving up on the whole file. Patch by Ankur
Nandwani.
 2009-09-07 22:04:56 +00:00
david
45533e5972 Don't dereference a null pointer when printing out a traceroute error 
message. The dereferencing could not actually happen because it would
only happen with a trace of zero hops with no probes sent, and in that
case we skip the traceroute entirely. Patch by Ankur Nandwani.
 2009-09-07 22:04:10 +00:00
david
99a2835d7d Let Nmap run if the nmap-service-probes file is empty. Patch by Ankur 
Nandwani.
 2009-09-07 22:03:27 +00:00
david
ef52f26769 Don't delete each target after doing a ping-scan traceroute; a future 
implementation will have records for one target refer to others. Delete
them all at once at the end instead as is done with other scan types.
 2009-09-07 22:00:42 +00:00
ron
537726defa Added '503 Service Unavailable' to the list of recognized error codes for 404 errors. I observed this on a 'Microsoft Project Server' host that gave valid results (though odd 404s). I also changed the code such that the scan will still run, even if an unrecognized error code is encountered. 2009-09-02 14:12:03 +00:00
bmenrigh
3bce03ad8d This commit adds a new routine to nbase_rnd.c that generates 32bit 
numbers in a collision-free way for a full 2^32 cycle.  This allows
Nmap to generate random IPs with -iR that don't have duplicates.

See:
http://seclists.org/nmap-dev/2009/q3/0695.html

How this is done is documented in the code.
 2009-09-02 02:03:22 +00:00
fyodor
e88a1d2b83 changes from discussion w/David 2009-09-01 21:31:32 +00:00
ron
4564ed7503 Added '400' as a potential 404 page. Ran into this while scanning a Fortigate device. 2009-09-01 19:23:17 +00:00
ron
4dea760d93 Added in a link we originally removed (but shouldn't have) 2009-09-01 16:30:58 +00:00
ron
c792776a7c Added signature for BeEF (Browser Exploitation Framework) 2009-09-01 16:22:27 +00:00
david
6a25f40b64 Use a temporary file when setting the version number in ncat.h to work 
around NetBSD sed that doesn't have the -i option.
 2009-09-01 15:44:55 +00:00
david
8686ca7c06 Remove redundant "Favicon" from the end of some favicon-db entries. 
Uncapitalize "Favicon" in some others.
 2009-08-31 23:52:11 +00:00
david
da8903dad9 Remove some verbosity in the output of http-favicon.nse. There's no need 
to say "Found favicon from". Only print out the digest of an
unrecognized icon with some verbosity.
 2009-08-31 23:42:42 +00:00
david
972533bca9 Install the nselib/data directory on "make install". For some reason 
this has been overlooked, and scripts that need data files would not
work after installation.
 2009-08-31 23:26:17 +00:00
david
1cdf49547c Have http-favicon.nse look for favicon-db in nselib/data like the other 
scripts look for their data files.
 2009-08-31 23:22:06 +00:00
david
e53657b4c8 Move favicon-db into nselib/scripts. 2009-08-31 23:21:26 +00:00
david
d99e5ec7ea Cast struct ifconf.ifc_buf to (char *) to fix a compiler error on 
NetBSD, where that member has type void *. Jay Fink reported the
problem.
 2009-08-31 18:55:57 +00:00
batrick
68a9147b69 [NSE] Fixed some bugs in the vhosts patch applied in 15342: 
o Stack indices for the 'ip' and 'targetname' strings were wrong.
  o Moved the lightuserdatum check right before done so a nil can't slip
    through.
 2009-08-29 20:21:58 +00:00
ron
46d95b5913 Added a 'path' argument to http-enum.nse. Also added the ability to give an array of fingerprints files or an array of paths to search 2009-08-29 15:34:09 +00:00
david
c7abca3a2e Make the checking of argument counts and types for the $P and $SUBST 
substitutions more explicit. Formerly the number of arguments was
checked implicitly by checking their type (that they had a specific type
and were not SUBSTARGS_ARGTYPE_NONE), but this makes it clearer.
 2009-08-29 15:21:52 +00:00