PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 13:39:02 +00:00
Code Issues Projects Releases Wiki Activity
4,571 Commits 2 Branches 0 Tags
cd5f41fc917e6643fd13963af88173f0b19c748c
Commit Graph

4571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
dbd99b59f6 Add the wdb-version script from Daniel Miller. 2010-08-16 14:39:13 +00:00
fyodor
c2a038bbfb Add Wind River Debugger RPC number from Daniel Miller 2010-08-15 20:26:18 +00:00
david
7cf99e1e4e Use a std::vector<bool> instead of std::bitset in traceroute.cc. bitset isn't 
available on Android.
 2010-08-15 03:40:54 +00:00
patrik
40a66945bb changed so that the error message of the Error object is returned when a 
script signals the engine to abort.
 2010-08-14 17:14:32 +00:00
patrik
ce0de70ae8 o [NSE] Added one script (vnc-brute) that performs password guessing against 
VNC using the new brute library and another (vnc-info) that lists supported
  security mechanisms. [Patrik]
 2010-08-14 15:13:15 +00:00
patrik
5f58469ba7 o [NSE] Added a new brute library that provides a basic framework and logic 
for password guessing scripts. [Patrik]
 2010-08-14 14:56:40 +00:00
patrik
aa49c23224 moved hostname from the info to the hostname field for Informix probes 2010-08-14 12:42:16 +00:00
patrik
2c874c0ba2 changed portrule to include both ibm-db2 and drda 
updated script.db and removed old db2- scripts and added the new ones
changed error message returned by helper class in drda for incorrect logins
 2010-08-14 11:52:18 +00:00
patrik
e570925c37 o [NSE] Renamed db2-info and db2-brute scripts to drda-*. Updated script 
and library to reflect name change. Added support other DRDA based
  databases such as IBM Informix Dynamic Server and Apache Derby.
  [Patrik]
 2010-08-14 08:33:16 +00:00
patrik
2b44c74187 renamed db2 scripts to drda and added the old ones for removal [Patrik] 2010-08-14 08:28:56 +00:00
david
e8ecc904b8 Call nsi_set_hostname in service_scan.cc. 2010-08-13 21:47:09 +00:00
david
aef511d890 o [Nsock] Added a new function, nsi_set_hostname, to set the intended 
hostname of the target. This allows the use of Server Name
  Indication in SSL connections. This was suggested by Nuno Goncalves.
 2010-08-13 21:35:20 +00:00
ron
39318fd843 Fixed the same small bug in smbv2-enabled.nse (was still using the wrong variable for an error message) 2010-08-13 20:39:20 +00:00
ron
af5d750a34 Fixed a small bug in smbv2-enabled.nse (was using the wrong variable for an error message) 2010-08-13 20:35:22 +00:00
fyodor
1ea691c4e3 regen man pages (there were some changes for nping to add echo mode) 2010-08-13 18:55:30 +00:00
fyodor
b3bef8f7a2 Fix some syntax errors (mostly misspelled tags and wrongly closed tags) in scripting.xml to get it to compile 2010-08-13 18:49:16 +00:00
batrick
47bbbfdcea Fixed some local declarations. 2010-08-13 18:40:00 +00:00
fyodor
cc5a8ee7fc Add an NSE script idea (new MSRPC bug) 2010-08-13 09:37:56 +00:00
fyodor
291d25bbb9 add openssl windows binary upgrade task 2010-08-13 05:56:01 +00:00
david
1290fad780 o [NSE] Added default limits on the number of ports that qscan will 
scan. By default, it will do upt o 8 open ports and up to 1 closed
  port. These limits can be controlled with the qscan.numopen and
  qscan.numclosed script arguments. [David]
 2010-08-13 05:17:07 +00:00
djalal
d056a97b10 Merge r19288:r19697 from nmap-exp/djalal/nse-rules-docs. This will update NSE doc to show the new prerules and postrules. 2010-08-13 00:41:54 +00:00
batrick
7b40aa34c5 formatting 2010-08-12 18:29:40 +00:00
kirubakaran
68fd970ec1 Adding comments to nmap debug print message 2010-08-12 15:18:58 +00:00
robert
4ce404f214 Enabled ASLR and DEP for Nmap.exe, Ncat.exe and Nping.exe on Windows Vista and above. Visual C++ will set the /DYNAMICBASE and /NXCOMPAT flags in the PE header. Executables generated using py2exe or NSIS and third party binaries (OpenSSL, WinPcap) still don't support ASLR or DEP. Support for DEP on XP SP3, using SetProcessDEPPolicy(), could still be implemented. See http://seclists.org/nmap-dev/2010/q3/328 2010-08-12 14:01:16 +00:00
djalal
28e9cf600b Add a missing require('stdnse') 2010-08-12 03:54:13 +00:00
djalal
0ae240c1e8 Reset the script engine verbosity that was boosted when scripts are selected by name. 2010-08-11 22:37:16 +00:00
david
a12d595052 Add new version probes and matches from Patrik Karlsson. 
- Lotus Domino Console running on tcp/2050 (shows OS and hostname)
- IBM Informix Dynamic Server running native protocol (shows hostname, and file path)
- Database servers running the DRDA protocol
- IBM Websphere MQ (shows name of queue-manager and channel)
 2010-08-11 16:55:54 +00:00
david
8688fee2e2 Document that -g doesn't work for anything that uses normal OS sockets, 
including DNS resolution, connect scan, version detection, and NSE.
 2010-08-11 16:27:17 +00:00
david
852ad9440d Improve indentation and comments in init_socket. 2010-08-11 14:39:42 +00:00
david
c78dcce4d3 Move init_socket from nmap.cc to scan_engine.cc, because it is only used 
in the latter file.
 2010-08-11 14:34:54 +00:00
luis
6bce039909 Updated with the latest bugfixes and improvements 2010-08-11 13:57:05 +00:00
fyodor
6cdce4d008 add a leaked nsock pcap descriptor issue which shows up in nping and probably nmap 2010-08-11 06:15:55 +00:00
fyodor
8fc003be18 Changes from discussion w/David 2010-08-10 21:59:21 +00:00
david
d5edc49016 Add patch from Ange Gutek and Tom Sellers to make http-php-version only 
consider responses with a 200 status.
 2010-08-10 19:54:30 +00:00
batrick
f46908f0bd Require each Lua library explicitly (debug in particular). Requiring the "debug" 
library is necessary for Lua 5.2.
 2010-08-10 16:51:10 +00:00
batrick
7c7c30fc24 [NSE] (Global fix.) This fixes a spelling error. 2010-08-10 16:32:48 +00:00
kirubakaran
b35255c8e9 Adding verbosity to nmap debug option -d2 to print the whole path of scripts specified in rule 2010-08-10 16:20:07 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
david
fbe60bdcc9 Add a new function, shortport.http, that will be used as the portrule 
for HTTP scripts.
 2010-08-09 22:23:43 +00:00
david
123b018c9c Add some more information "telnetd" and "http config" to some of the new 
nmap-service-probes signatures.
 2010-08-09 21:51:47 +00:00
fyodor
1e91db1c72 add a little task discussed on nmap-dev 2010-08-09 21:45:02 +00:00
david
5809a30812 Add a handful of new service matches that came through experimentation 
with CPE.
 2010-08-09 20:12:44 +00:00
david
9e38d22717 Canonicalize some nmap-service-probes entries, mostly with regard to 
case, using the command

egrep -o ' p/[^/]*/' nmap-service-probes | sort | uniq
 2010-08-09 19:19:57 +00:00
david
442958a7cc Change the service name from "http" to "oem-agent" for "Oracle 
Enterprise Manager Agent httpd".
 2010-08-09 03:08:31 +00:00
david
794611d9f1 o [NSE] Made sslv2.nse give special output when SSLv2 is supported, 
but no SSLv2 ciphers are offered. This happened with a specific
  Sendmail configuration. [Matt Selsky]
 2010-08-09 02:57:09 +00:00
ron
934cf2edf0 Significant changes, both bugfixes and best practice changes, to smb-psexec.nse. Primarily: 
o It no longer uses the global environment to store the modules table
o It now uses loadfile() to load the configuration files, which follows best practices better
o The module() line at the top of the configuration files is no longer required, but if it exists all that happens is a warning is printed
o Worked around what appears to be a bug in one person's Nmap install where absolute paths didn't resolve properly -- I couldn't replicate, but he confirmed it was fixed
 2010-08-07 19:36:47 +00:00
djalal
1f9b7228ee Add a 'prerule' support to dns-zone-transfer.nse script, with this change dns-zone-transfer can run now at differenent Nmap scan phases: at the Script Pre-scanning phase and at the classic Script scanning one. 2010-08-06 16:47:11 +00:00
djalal
f0c5e154c3 Merge r18689:r19511 from /nmap-exp/djalal/nse-rules. 
o Add two new Script scan phases:
  Script Pre-scanning phase: before any Nmap scan operation, activated by the new "prerule".
  Script Post-scanning phase: after all Nmap scan operations, activated by the new "postrule".
o New environment variables:
  SCRIPT_PATH
  SCRIPT_NAME
  SCRIPT_TYPE: the type of the rule that activated the script.
 2010-08-06 16:40:03 +00:00
david
eb699270e9 Add a match line for an individually submitted service, Oracle 
OVSAgentServer. This looks like standard Python SimpleXMLRPCServer with
BaseHTTP except that it can be distinguished by the HTML title. Also add
a related fingerprint for SimpleXMLRPCServer when it is used in its
DocXMLRPCServer mode, which distinguishes it from plain BaseHTTP.
 2010-08-06 15:43:58 +00:00
luis
5bc0e1439e Added a couple of items 2010-08-06 15:25:21 +00:00