PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-22 07:29:01 +00:00
Code Issues Projects Releases Wiki Activity
7,705 Commits 2 Branches 0 Tags
cdfa6e711d92e294d76a6c36a73011b51b55c096
Commit Graph

466 Commits

Author SHA1 Message Date
doug
25379845ec * POP3 and IMAP submissions from nmapsubmit-svfp-020309.mbx 
* Normalized some old IMAP match line output to be more like newer ones
 2009-02-05 02:19:23 +00:00
doug
230691bfdd FTP updates from nmapsubmit-svfp-020309.mbx 2009-02-05 01:38:47 +00:00
doug
4b23bb9bb2 On Tue, Feb 03, 2009 at 08:02:30PM -0800 or thereabouts, Fyodor wrote: 
> Looking at our current nmap-service-probes, the first real probe for a
> TCP service on port 25 will be the "Hello" (which didn't exist at the
> time of the fingerprint above).  So my suggestion would be to move the
> OpenBSD spamd signature to the bottom of the HelLo probe SMTP
> signatures.
 2009-02-04 07:04:09 +00:00
doug
8d44d28023 smtp submissions from nmapsubmit-svfp-020309.mbx and some services that were mislabeled as smtp 2009-02-04 03:45:54 +00:00
doug
cd3d4eb3dd New SSH submissions from nmapsubmit-svfp-020309.mbx 
Made some of the OpenSSH lines more general to cover more of the combinations of patchsets distros use
 2009-02-04 02:10:53 +00:00
doug
3a420809e9 * Merged HP-UX and AIX ftpd match lines. credit: Tom Sellers 
* Added better comments to a few of the correction updates from previous commit
 2009-02-04 00:25:48 +00:00
doug
787c854946 Applied corrections from nmapsubmit-svcorr-020309.mbx 2009-02-03 23:46:50 +00:00
fyodor
046586774e add dlswpn match from Tom Sellers 2009-01-31 21:55:20 +00:00
fyodor
1038096cd0 Some improvements to the Lotus Domino signatures - sent in by Tom Sellers 2009-01-31 21:25:47 +00:00
fyodor
b1544ec5b5 removed p/Windows XP identd/ due to report from Brandon Enright to nmap-dev that there is no native Windows XP identd and plus backdoors commonly trigger this signature. Those are Windows backdoors, so we'll keep o/Windows/ unless we see this matching other systems 2009-01-30 23:14:41 +00:00
david
1a922e8ae7 Change one device type "remote-management" to "remote management" in 
nmap-service-probes to match the other signatures.
 2009-01-19 19:22:16 +00:00
david
58eaf1aed3 Fix a typo in nmap-service-probes: Max OS X -> Mac OS X. 2009-01-08 20:13:29 +00:00
bmenrigh
7922c3edb5 Added/fixed a few RICOH/LANIER printer FTP/HTTP matches 2008-12-17 01:34:51 +00:00
sven
1444e02a86 apply Matt Selsky's patch for ssh version detection signatures to properly detect daemons only supporting protocol version 2 2008-10-01 21:05:03 +00:00
sven
0b0bdc14b4 adjust zero one tech printserver matchline to match more models 2008-09-21 13:33:15 +00:00
sven
2688e3413c add matchline for 3-port zero one tech printserver http config 2008-09-21 09:31:23 +00:00
sven
5e4d342ce7 change classification of nginx from http-proxy to http 2008-09-09 11:46:34 +00:00
fyodor
a5de49445c improve an openssh hpv match line - patch by Matt Selsky 2008-09-03 01:18:07 +00:00
fyodor
5f89113ea3 trivial typo fix 2008-08-29 08:17:39 +00:00
fyodor
d2aa222e25 Applied some version detection signature updates from Marco Balduzzi 2008-08-29 07:45:38 +00:00
fyodor
a028bf83b4 add Cyrus Murder mupdate signatures and service listing from Matt Selsky 2008-08-26 18:45:24 +00:00
fyodor
9cbd4d40ba slight updates to some MailEnable smtpd sigs 2008-07-25 21:56:50 +00:00
fyodor
b3fc32e7a4 signatures for Cyrus synchronization server and newer Cyrus IMAP versions from Matt Selsky 2008-06-29 02:45:38 +00:00
fyodor
6e14332cdc o Added a UDP SNMPv3 probe to version detection, along with 9 vendor 
match lines. [Tom Sellers]
 2008-06-28 21:40:44 +00:00
doug
60774c2313 nmapsubmit-svfp-060108.mbx Last major batch of misc FPs 2008-06-28 20:23:26 +00:00
doug
16b23a12e1 Fixed slip-up in Tom's probe that was my fault 2008-06-28 02:04:20 +00:00
doug
9219fb7389 nmapsubmit-svfp-060108.mbx lots of misc services 2008-06-26 04:23:24 +00:00
doug
e52e117d13 nmapsubmit-svfp-060108.mbx lots of misc services 2008-06-25 23:50:54 +00:00
fyodor
bf2205ecb0 add sslport 4443 as SecurityGateway apparently uses that (per Marco Balduzzi) 2008-06-25 09:07:39 +00:00
doug
289448ea3a Replaced http-mgmt with http 2008-06-25 07:02:29 +00:00
doug
c975aa2dbe nmapsubmit-svfp-060108.mbx HTTP submissions 2008-06-25 02:57:11 +00:00
fyodor
5274601022 added service detection match lines for ALT-N SecurityGateway and Criston Precision Agent from Marco Balduzzi 2008-06-24 18:12:47 +00:00
doug
3bc22411eb Moved SIPOptions back down below GetRequest 
PRO:
  * GetRequest is applied before SIPOptions to unknown ports
CON:
  * GetRequest will be applied to 5060 before SIPOptions
 2008-06-21 01:58:44 +00:00
doug
5150b51145 nmapsubmit-svfp-060108.mbx 
* privoxy match line
  * major SIPOptions probe reorganisation -- see nmap-dev
 2008-06-20 05:21:09 +00:00
doug
c9440050e8 nmapsubmit-svfp-060108.mbx SSH and telnet fingerprints 2008-06-20 01:20:31 +00:00
doug
ee8afa1b12 nmapsubmit-svfp-060108.mbx FTP fingerprints 2008-06-19 03:30:38 +00:00
doug
fb85d6b1c7 Mail protocols for nmapsubmit-svfp-060108.mbx 
pop3, smtp, and imap
 2008-06-19 01:11:12 +00:00
doug
b9ae121838 Processing corrections from: nmapsubmit-svcorr-060108.mbx 2008-06-18 22:54:05 +00:00
doug
da3f573795 Several match lines and probes from Tom Sellers that were sent to nmap-dev. 2008-06-18 21:18:27 +00:00
bmenrigh
7af6810d91 Added the BMC, CA-mq, and Goverlan service match lines from Tom Sellers. 2008-06-12 00:34:51 +00:00
doug
7833ac574d CUPS match line out of order fix from Sven Klemm 2008-06-03 21:20:19 +00:00
kris
f28d91edd1 Adding a matchline for the Metasploit Framework msfd daemon. I've tested it 
on the following versions (the last one is from SVN):

55554/tcp open  metasploit Metasploit Framework msfd 3.0-beta-dev
55554/tcp open  metasploit Metasploit Framework msfd 3.0
55554/tcp open  metasploit Metasploit Framework msfd 3.1-release
55554/tcp open  metasploit Metasploit Framework msfd 3.2-release
 2008-05-26 17:49:16 +00:00
kris
ee876ada98 o Replaced kibuvDetection.nse with version detection match lines which 
work better than the script. [Kris, Brandon]
 2008-05-25 23:30:21 +00:00
fyodor
e06491f9f7 adjusted ISC Bind named signatures to match scanme.nmap.org, which is currently running 9.3.4 2008-05-22 08:34:07 +00:00
bmenrigh
8939e86580 Added \r\n to Apache service match to try to cut down on this (very 
common) warning:

Warning: Servicescan failed to fill info_template (subjectlen: 3793). 
Too long? Match string was line 3320: v/Apache httpd/$1/$2
 2008-05-21 21:04:04 +00:00
doug
976ebc0414 Anchored the hunchentoot server line on a CRLF boundary thanks 
to suggestion from Fyodor.
 2008-05-06 22:36:32 +00:00
doug
72453fc4ed New match line for hunchentoot lisp httpd 2008-05-06 05:07:15 +00:00
bmenrigh
19f44f6648 This service patch-cycle has taken quite a bit longer because feedback 
for remaining services on campus has been exceptionally poor.

* Added LANDesk Management Suite Targeted Multicast Service

* Changed Microsoft-HTTPAPI (SSDP/UPnP) match to be more generic to 
  better match the errors it returns

* Added OpenVMS 8.3 Alpha telnetd

* Changed vmware-auth matches to slightly generalize them so they catch 
  more auth settings

* Changed Snap Appliance webadmin to catch cases where a non-401
  response is given

* Changed a generic Apache match to use non-greedy .* to fix
  capturing too much (more work/testing needed to fully fix)

We still have a few hundred services to go on my todo list; I'm still
working on them...
 2008-05-05 20:01:06 +00:00
kris
16bc72d65f After having read the proper documentation and talking with Fyodor, I realize 
I had messed up some SSL services in r7233.  This is reverting the changes
which involved service names in the form of "ssl/*".
 2008-04-29 20:56:57 +00:00
fyodor
2e3558fe3f Recognize Helix (aka real media) server on solaris. patch from Matt Selsky 2008-04-29 20:20:22 +00:00