PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 12:19:02 +00:00
Code Issues Projects Releases Wiki Activity
7,705 Commits 2 Branches 0 Tags
cdfa6e711d92e294d76a6c36a73011b51b55c096
Commit Graph

466 Commits

Author SHA1 Message Date
david
4b14ccf8f8 100 service submissions. 2010-12-27 17:41:05 +00:00
david
c6721aae80 100 service submissions. 2010-12-21 16:59:46 +00:00
david
0b21a33414 100 more miscellaneous service submissions. 2010-12-21 05:04:45 +00:00
david
e36fe37c87 A bunch of miscellaneous service submissions. 2010-12-21 00:51:45 +00:00
david
3b849d64e1 upnp service submissions; also reclassify some "http" as "upnp". 2010-12-19 18:57:02 +00:00
david
f448f62b82 The last of the http service submissions. 2010-12-18 15:20:47 +00:00
david
bb55769fb4 More http submissions. 2010-12-18 05:02:37 +00:00
david
1a2a892610 This is about 75% of the http service submissions. 2010-12-17 05:25:40 +00:00
david
dd7f04aebc Service submissions for 
bittorrent pop3 afp imap time backupexec-remote backupexec beremote.exe
domain vnc-http vnc teamviewer mysql irc irc-proxy skype rtorrent nessus
bitcoin printer icecast 3dm-http.
 2010-12-16 06:00:39 +00:00
david
4e018f1638 unknown and ssl service submissions. 2010-12-15 20:13:40 +00:00
david
3af5da503f sip service submissions. 2010-12-15 02:16:17 +00:00
david
80308fb84f smtp service submissions. 2010-12-14 23:03:41 +00:00
david
5642029a4c telnet service submissions. 2010-12-14 23:03:38 +00:00
david
6710b2deff ssh service submissions. 2010-12-14 19:42:11 +00:00
david
e8a9ff65e8 Do ftp service submissions. 2010-12-14 09:12:06 +00:00
david
3f35888405 Fix a service match line on information from Corey Quinn. I found the 
"Connection too fast, throttled" message in the source code of ratbox,
charybdis, and ircd-seven, but not Unreal ircd.
 2010-12-07 22:36:50 +00:00
bmenrigh
df99409651 The dominoconsole match is too general and can match things that it 
shouldn't.  Also, because of the use of ([...]*), captures can be too
long to fill into the template.  This change forces hostname and
domain name to be non-empty.  This match should be made more specific
but without example content any changes would involve guessing.
 2010-09-30 23:14:57 +00:00
patrik
0ef84cf443 o [NSE] Added nat-pmp-info script that uses the nat-pmp service to 
discover the external IP address of a router. [Patrik]
 2010-09-28 19:43:06 +00:00
bmenrigh
5ead386c07 Added a bunch of Apple and Netatalk AFP service matches. There are a 
few mystery variations in bytes that don't match up with the
descriptions in the submissions or what users have told me they are
running.  I've done my best to get the OS X versions correct.
Corrections may be required to loosen the strict versioning in this
commit.
 2010-09-27 22:00:10 +00:00
tomsellers
c974a51d07 Single line update to correct spelling error in service field. 
shoutcase => shoutcast
 2010-09-26 19:27:45 +00:00
tomsellers
04e0b3b4f6 Two modifications to APC PowerChute detection. One is to comment 
out a false positive that is likely java-rmi.  The other is to 
add an additional version to a version label.
 2010-09-26 15:51:00 +00:00
tomsellers
6b75d40ae7 Fixed a few spelling errors and 1 consistency issue in the 
device labels in nmap-service-probes
 2010-09-26 13:15:45 +00:00
tomsellers
594e2dcacc Add 3 http service detection fingerprints: 
Rapidsite/Apa (customized Apache http)
 IBM HTTP Server using mod_jk
 RG4000 Access Control Gateway (limited info)

 The first two had existing fingerprints that were
 were similar but that matched version information 
 that was not always present or had a different 
 modules (PHP vs mod_jk).  - Tom
 2010-09-26 04:13:21 +00:00
tomsellers
70c9266359 Small change to restore whitespace in nmap-service-probes. 2010-09-25 14:03:54 +00:00
tomsellers
c4b3f17dcd 3 service version changes: 
2 for BMC/Marimba
  1 for a CANON HTTP service
 2010-09-24 23:39:08 +00:00
bmenrigh
72455a613c Added/updated a few service fingerprints. 2010-09-07 23:25:06 +00:00
bmenrigh
299b8e8f28 Added a match for psyBNC triggered by the SIPOptions probe when the 
daemon doesn't print any banner.
 2010-09-02 21:21:51 +00:00
bmenrigh
40e6bde4e0 Fixed the capitalization on LANRev -> LANrev and removed the 
**BACKDOOR* label. LANrev is remote management software just like
RAdmin, Dameware, etc.  LANrev has been used as a backdoor in the past
but that doesn't make it a backdoor any more than VNC, Dameware,
etc. are backdoors.
 2010-08-31 20:04:16 +00:00
patrik
527c5b2959 Modified the Domino Console match to separate out domain and include additional server info 2010-08-19 21:37:56 +00:00
patrik
aa49c23224 moved hostname from the info to the hostname field for Informix probes 2010-08-14 12:42:16 +00:00
david
a12d595052 Add new version probes and matches from Patrik Karlsson. 
- Lotus Domino Console running on tcp/2050 (shows OS and hostname)
- IBM Informix Dynamic Server running native protocol (shows hostname, and file path)
- Database servers running the DRDA protocol
- IBM Websphere MQ (shows name of queue-manager and channel)
 2010-08-11 16:55:54 +00:00
david
123b018c9c Add some more information "telnetd" and "http config" to some of the new 
nmap-service-probes signatures.
 2010-08-09 21:51:47 +00:00
david
5809a30812 Add a handful of new service matches that came through experimentation 
with CPE.
 2010-08-09 20:12:44 +00:00
david
9e38d22717 Canonicalize some nmap-service-probes entries, mostly with regard to 
case, using the command

egrep -o ' p/[^/]*/' nmap-service-probes | sort | uniq
 2010-08-09 19:19:57 +00:00
david
442958a7cc Change the service name from "http" to "oem-agent" for "Oracle 
Enterprise Manager Agent httpd".
 2010-08-09 03:08:31 +00:00
david
eb699270e9 Add a match line for an individually submitted service, Oracle 
OVSAgentServer. This looks like standard Python SimpleXMLRPCServer with
BaseHTTP except that it can be distinguished by the HTML title. Also add
a related fingerprint for SimpleXMLRPCServer when it is used in its
DocXMLRPCServer mode, which distinguishes it from plain BaseHTTP.
 2010-08-06 15:43:58 +00:00
fyodor
e91d722968 print a typo noticed by Ange Gutek 2010-08-03 00:24:33 +00:00
david
dbb30db4be New and fixed nmap-service-probes probes from Matt Selsky. 2010-06-18 19:43:23 +00:00
david
43654abc71 o Combined service match lines for Oracle Enterprise Manager Agent 
into one more effective line. This patch is from Matt Selsky.
 2010-06-16 00:46:03 +00:00
david
316e20f8dc o Fixed captures in the mupdate service probe matches. This patch is 
from Matt Selsky.
 2010-06-16 00:38:38 +00:00
fyodor
0f4bf784be commented out an hp-pjl empty softmatch which was causing problems for other services as described by Tom Sellers in this thread: http://seclists.org/nmap-dev/2010/q2/753 2010-06-09 23:24:08 +00:00
tomsellers
7ada457645 Adding match lines for two services: 
Cisco Site Selector ftpd
LanSafe UPS monitoring HTTPd
 2010-06-05 15:55:14 +00:00
tomsellers
76ac0f5b85 Added 3 PostgreSQL softmatch lines. Two of these lines are 
are French and Spanish and are derived from the English version
as well as text from other match lines for the appropriate language.
 2010-06-05 15:31:59 +00:00
david
44d29adaa9 Add a serialnumberd match line that contains a host name, contributed by 
Samuel Benson.
 2010-05-25 19:00:31 +00:00
fyodor
32e6b837cb Small updates to copyright headers in some files which don't have the headers automatically replaced 2010-05-24 23:52:34 +00:00
david
6a0bba72e1 Add a probe and matchline for Mac OS X Server serialnumberd, submitted 
by Patrik Karlsson.
 2010-05-24 19:15:53 +00:00
david
5c60064871 Fix some accidental duplicate template specifiers in 
nmap-service-probes.
 2010-05-17 16:21:56 +00:00
tomsellers
66714334dc Including information in the nmap-service-probes file for 
the Promise Array Manager matchline I just removed just in
case it is submitted again.
 2010-05-14 01:18:15 +00:00
tomsellers
3d061b6ccf Removing a matchline for the Promise Array Management Software 
that was triggering false matches against TLS protected services.

See http://seclists.org/nmap-dev/2010/q2/465
 2010-05-13 23:34:01 +00:00
patrik
3f7b440c49 Add match lines for 
- Twisted web server (OS X 10.6.3 Server)
- Apple Filing Protocol (OS X 10.6.3 Server in VMware Fusion)
- Apple Mac OS X Password Server (OS X 10.6.3 Server)
- XAVi XG6546p Wireless Gateway
- Sun GlassFish Communications Server
- Comdasys, SIParator and Glassfish SIP services
 2010-05-09 10:29:16 +00:00