PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-23 07:59:03 +00:00
Code Issues Projects Releases Wiki Activity
4,571 Commits 2 Branches 0 Tags
cd5f41fc917e6643fd13963af88173f0b19c748c
Commit Graph

4571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fyodor
c73dfd173a o Renamed irc-zombie.nse to auth-spoof and improved its description 
and output a bit. [Fyodor]
 2008-11-06 21:58:29 +00:00
fyodor
cfb9678a60 latest generated man pages 2008-11-06 07:23:11 +00:00
david
c1cc2c3dcd Change the message in ftp-anon from "FTP: Anonymous login allowed" to 
"Anonymous FTP login allowed".
 2008-11-06 05:03:21 +00:00
david
a44a66c68a Change some of the output of sniffer-detect.nse and add an @output section. 2008-11-06 03:49:39 +00:00
david
1ff973e495 Update script names in scripting.xml. 2008-11-06 03:39:33 +00:00
david
02ff37d490 Update the script args example to use whois instead of anonFTP; anonFTP doesn't 
take any args, let alone a table.
 2008-11-06 03:12:58 +00:00
david
6fbc8868a9 Rename scripts (almost all of them) to make their names more consistent and 
make them look better in output. The full list of changes is
  anonFTP => ftp-anon
  ASN => asn-query
  brutePOP3 => pop3-brute
  bruteTelnet => telnet-brute
  daytimeTest => daytime
  dns-safe-recursion-port => dns-random-srcport
  dns-safe-recursion-txid => dns-random-txid
  dns-test-open-recursion => dns-recursion
  ftpbounce => ftp-bounce
  HTTPAuth => http-auth
  HTTP_open_proxy => http-open-proxy
  HTTPpasswd => http-passwd
  HTTPtrace => http-trace
  iax2Detect => iax2-version
  ircServerInfo => irc-info
  ircZombieTest => irc-zombie
  MSSQLm => ms-sql-info
  MySQLinfo => mysql-info
  popcapa => pop3-capabilities
  PPTPversion => pptp-version
  promiscuous => sniffer-detect
  RealVNC_auth_bypass => realvnc-auth-bypass
  robots => robots.txt
  showHTMLTitle => html-title
  showOwner => identd-owners
  skype_v2-version => skypev2-version
  smb-enumdomains => smb-enum-domains
  smb-enumsessions => smb-enum-sessions
  smb-enumshares => smb-enum-shares
  smb-enumusers => smb-enum-users
  smb-serverstats => smb-server-stats
  smb-systeminfo => smb-system-info
  SMTPcommands => smtp-commands
  SMTP_openrelay_test => smtp-open-relay
  SNMPcommunitybrute => snmp-brute
  SNMPsysdescr => snmp-sysdescr
  SQLInject => sql-injection
  SSH-hostkey => ssh-hostkey
  SSHv1-support => sshv1
  SSLv2-support => sslv2
  strangeSMTPport => smtp-strangeport
  UPnP-info => upnp-info
  xamppDefaultPass => xampp-default-auth
  zoneTrans => zone-transfer
 2008-11-06 02:52:59 +00:00
fyodor
ddf146cb30 o Removed ripeQuery.nse because we now have the much more robust 
whois.nse which handles all the major registries. [Fyodor]
 2008-11-06 01:09:05 +00:00
david
4863d506c1 Remove script ids. Scripts are identified by file name in output (just the 
basename without ".nse", or the full path with debugging level 2 or higher).
This includes documentation changes in scripting.xml.
 2008-11-05 00:52:55 +00:00
david
c72fb10acc Make some more little proofreading changes in scripting.xml. 2008-11-04 23:58:57 +00:00
david
746d58b754 Fix some awkward wording and escape <code> in an NSEDoc example (otherwise 
DocBook interprets the tags).
 2008-11-04 23:53:30 +00:00
david
4a70a4f2f6 Update a script description excerpt in scripting.xml. 2008-11-04 23:45:16 +00:00
david
ea29e71ede Spell out a couple more numbers 0-9, some that had a left parenthesis before 
them.
 2008-11-04 23:37:35 +00:00
david
3b656d8245 Spell out some more numbers 0-9 I found, in constructions like "8-bit" and 
"3-way handshake". I grepped for " [0-9]-" and "^[0-9]-".
 2008-11-04 23:32:06 +00:00
david
62a5a02abd Remove a mention of showSSHVersion.nse and update the text around the "typical 
NSE example" to refer to the scripts whose output is shown.
 2008-11-04 22:54:07 +00:00
david
14fc84bd49 Update finger.nse in scripting.xml to match the latest version of the script. 
Also take the example script out of a sect2 and put it directly in the
enclosing sect1 (the sect1 was empty except for the sect2).
 2008-11-04 22:47:17 +00:00
david
854b3460b5 Fix an inaccuracy in the documentation for the nmap.receive_lines and 
nmap.receive_bytes functions. It claimed that if you don't get all the
lines/bytes you request before a timeout, then a "TIMEOUT" error happens. In
reality you get back data as long as at least one byte was received before the
timeout. From nsock_readlines:

/* Read up to nlines lines (terminated with \n, which of course
   inclues \r\n), or until EOF, or until the timeout, whichever comes
   first.  Note that NSE_STATUS_SUCCESS will be returned in the case
   of EOF or tiemout if at least 1 char has been read.  Also note that
   you may get more than 'nlines' back -- we just stop once "at least"
   'nlines' is read */
 2008-11-04 22:39:07 +00:00
david
00b8d455c3 Add missing <filename></filename> tags around a script name in scripting.xml. 2008-11-04 22:03:47 +00:00
david
0ed2134ea7 Include some missing or incorrect script ids in @output sections. 2008-11-04 20:46:57 +00:00
david
bd85cb8795 Update CHANGELOG with new smb scripts. 2008-11-04 19:16:57 +00:00
ron
7a36a20c4c Noticed the id was set in two places, removed the second 2008-11-04 17:08:15 +00:00
ron
c3ac9337cc Fixed a bug in the smb session enumeration where users wouldn't get added to the list if we couldn't look up the users' timestamps (which happens with guest accounts for sure) 2008-11-04 17:05:18 +00:00
david
12290c86cd Qualify some "I"s in script documentation to attribute them to their author, to 
reduce confusion when many scripts are presented together. Also make a few
other miscellaneous documentation cleanups.
 2008-11-04 16:41:12 +00:00
david
8a6106529a Put a link to the online NSEDoc portal at the beginning of the list of 
libraries in scripting.xml.
 2008-11-04 05:13:27 +00:00
fyodor
c22c9ca885 o Removed showSSHVersion.nse. Its only real claim to fame was the 
ability to trick some SSH servers (including at least OpenSSH
  4.3p2-9etch3) into not logging the connection.  This trick doesn't
  seem to work with newer versions of OpenSSH, as my
  openssh-server-4.7p1-4.fc8 does log the connection. Without the
  stealth advantage, the script has no real benefit over version
  detection or the upcoming banner grabbing script. [Fyodor]
 2008-11-04 05:04:12 +00:00
david
e0a3c5c64f Abbreviate the summaries of the smb and msrpc modules. 2008-11-04 00:20:22 +00:00
david
ae27b48ffb Just refer to the smb module documentation for the smb* script args rather than 
duplicating it in every script. This may not be the way we keep doing it, but
it's needed for now to keep from having excessive duplication in the printed
output.
 2008-11-04 00:01:20 +00:00
david
12892ad59a Add @output to scripts/popcapa.nse. 2008-11-03 23:50:46 +00:00
david
5fffad15eb Canonicalize script args in smb.lua. Canonicalize @copyright lines in 
netbios.lua, smb.lua, and msrpc.lua.
 2008-11-03 23:47:22 +00:00
david
9d1b588e4b Fix a few little formatting errors in SQLInject.nse. 2008-11-03 21:37:08 +00:00
david
e01984b2f5 Proofread and format the smb-* scripts. This was mostly done by Ron already. 2008-11-03 21:36:07 +00:00
david
5e6e7151e9 Fix a few small NSEDoc errors. 2008-11-03 20:26:16 +00:00
david
78cc76e9f8 Update script.db. 2008-11-03 20:01:11 +00:00
david
cc7a58cd7a Merge from /nmap-exp/ron/nmap-smb. This adds the new scripts 
smb-serverstats.nse, smb-enumsessions.nse, and smb-enumshares.nse.
 2008-11-03 20:00:24 +00:00
david
2cceb5184c Separate the first paragraph from the rest of the description with a blank 
line, not "\n\n", in the SMB and MSRPC scripts and modules. There are newer
versions of these files pending review, so this is just a quick measure to let
me use first paragraphs as summaries rather than first sentences.
 2008-11-03 16:17:07 +00:00
david
4175c0a930 Give bruteTelnet.nse a less generic name "Telnet brute force" instead of 
"bruteforce".
 2008-11-03 16:03:17 +00:00
david
651cb6e486 Allow dns.get_servers to return a list of known DNS servers even when IPv6 
scanning, when system DNS resolution is used. This makes ASN.nse work for IPv6.
See the thread at http://seclists.org/nmap-dev/2008/q4/0081.html.
 2008-11-02 20:32:26 +00:00
david
a4f6dc6b6e Merge from /nmap-exp/david/nmap-os. 
This brings in four discrete changes:

1. The widening of ranges for T test expressions in nmap-os-db. Any expressions
   that were not already ranges were expanded to cover plus and minus five of
   their original values.
2. The normalization of TG expressions in nmap-os-db. Nmap is only capable of
   outputting 0x20, 0x40, 0x80, and 0xFF for a TG value, but many fingerprints
   had values other than these. They have all been rounded to their nearest
   likely value.
3. The elimination of the U1.TOS and IE.TOSI tests (both having to do with type
   of service). This was effected by setting their MatchPoints to 0.
4. A cleanup and refactoring of OS fingerprint output code. This should not
   have any impact on output, except in one case: when debugging is non-zero or
   verbosity is greater than one, and at least one perfect match was found,
   Nmap used to print "OS Fingerprint:" before the fingerprint. Now it prints
   "TCP/IP fingerprint:" in this case like in all the others.
 2008-10-31 22:46:07 +00:00
david
30d86e3cb0 Add a missing space in refguide.xml. 2008-10-31 18:20:12 +00:00
david
aeae42ddc3 Add an assertion that l_get_dns_servers doesn't return any DNS servers is 
!o.mass_dns. Simplify the loop that builds the server list.
 2008-10-30 22:06:37 +00:00
david
fef3ba7f37 Factor out the mass_dns code that builds the list of servers. 2008-10-30 21:47:27 +00:00
david
471310ae3f Remove a blank section for --max-rate that was left when its contents were 
merged with those of the --min-rate section.
 2008-10-30 19:22:17 +00:00
david
c3b2b3dbed Split parallel DNS resolution and system DNS resolution into separate 
functions. Previously system DNS resolution was encapulated inside the parallel
DNS function, inside a big if block. Now the if is on the outside and decides
which of the two functions to call.
 2008-10-30 19:17:59 +00:00
david
f8b4fc4cc1 Fix a couple of duplicate words found with the duplicate-words script. 2008-10-30 17:28:14 +00:00
sven
e9dd88b8a9 remove bignum_set_negative and bignum_is_negative because those functions are not available in older openssl versions 2008-10-30 13:10:01 +00:00
kris
c51f495a84 o The SSLv2-support NSE script no longer prints duplicate cyphers if 
they exist in the server's supported cypher list.
 2008-10-29 22:58:06 +00:00
fyodor
8734956cf3 Did an audit throughout the book and changed a bunch of numbers 0-9 to write out zero through nine. I guess this is more consistant, but I'm not sure it is any better. Shrug. 2008-10-29 08:31:55 +00:00
fyodor
bd18974ef8 rename the nse-library sect1 from 'Lua Extensions' to 'NSE Libraries' (more descriptive and better matches 'NSE Scripts' section). Also moved the Scripts section before Libraries. Emphasized the name libraries more than modules. Renamed nmap-scripts-list ID to nmap-scripts, which required moving the former nmap-scripts to nmap-script-format. 2008-10-29 01:25:10 +00:00
fyodor
f28c28af10 include extra info about fragmentation 2008-10-29 01:01:45 +00:00
kris
8c18093110 update ip_is_reserved(): 197/8 allocated 2008-10-27 21:28:57 +00:00